1.2
低危
50 个模型检测该样本为恶意!
重新分析
更多

9c77b82a3c0940c736dc6b61591394ed69ae046b90992b427910d3ce28f77772

4c1f8cf98fb6fbf46968741c4a3c11a0.exe

分析耗时

56s

最近分析

文件大小

657.0KB
静态报毒 动态报毒 100% AGENTTESLA AI SCORE=89 ATTRIBUTE CLOUD CONFIDENCE CRYSAN CYMN ELDORADO FAKER FSIP GENERICKD HIGH CONFIDENCE HIGHCONFIDENCE HKTJEP INJECT3 KRYPTIK PCRYPT PCTB PM0@AGYIUY PWSX QVM03 SCORE SUSGEN THEBFBO TIGGRE UNSAFE WACATAC ZEMSILF 更多
鹰眼引擎
未检测 暂无鹰眼引擎检测结果
静态判定
反病毒引擎
查杀引擎 查杀结果 查杀时间 查杀版本
McAfee Trojan-FSIP!4C1F8CF98FB6 20200602 6.0.6.653
Alibaba Backdoor:MSIL/Kryptik.24ebcafe 20190527 0.3.0.5
Baidu 20190318 1.0.0.2
Avast Win32:PWSX-gen [Trj] 20200602 18.4.3895.0
Tencent Msil.Backdoor.Crysan.Pctb 20200602 1.0.0.1
Kingsoft 20200602 2013.8.14.323
CrowdStrike win/malicious_confidence_100% (W) 20190702 1.0
静态指标
行为判定
动态指标
网络通信
File has been identified by 50 AntiVirus engines on VirusTotal as malicious (50 个事件)
MicroWorld-eScan Trojan.GenericKD.33877231
FireEye Generic.mg.4c1f8cf98fb6fbf4
CAT-QuickHeal Trojan.Multi
McAfee Trojan-FSIP!4C1F8CF98FB6
Cylance Unsafe
Sangfor Malware
K7AntiVirus Trojan ( 005671631 )
Alibaba Backdoor:MSIL/Kryptik.24ebcafe
K7GW Trojan ( 005671631 )
Cybereason malicious.fbafd6
Arcabit Trojan.Generic.D204ECEF
BitDefenderTheta Gen:NN.ZemsilF.34122.Pm0@aGyiuy
Cyren W32/Faker.F.gen!Eldorado
Symantec ML.Attribute.HighConfidence
APEX Malicious
Paloalto generic.ml
Kaspersky HEUR:Backdoor.MSIL.Crysan.gen
BitDefender Trojan.GenericKD.33877231
NANO-Antivirus Trojan.Win32.Inject3.hktjep
Avast Win32:PWSX-gen [Trj]
Tencent Msil.Backdoor.Crysan.Pctb
Ad-Aware Trojan.GenericKD.33877231
Emsisoft Trojan.GenericKD.33877231 (B)
DrWeb Trojan.Inject3.40554
VIPRE Trojan.Win32.Generic!BT
TrendMicro Trojan.MSIL.WACATAC.THEBFBO
McAfee-GW-Edition Trojan-FSIP!4C1F8CF98FB6
Fortinet MSIL/Kryptik.VZH!tr
Sophos Mal/Generic-S
Jiangmin Backdoor.MSIL.cymn
Webroot W32.Trojan.Gen
MAX malware (ai score=89)
Antiy-AVL Trojan[Backdoor]/MSIL.Crysan
Endgame malicious (high confidence)
Microsoft Trojan:Win32/Tiggre!rfn
AegisLab Trojan.Multi.Generic.4!c
ZoneAlarm HEUR:Backdoor.MSIL.Crysan.gen
AhnLab-V3 Trojan/Win32.Kryptik.C4104963
ALYac Spyware.AgentTesla
Malwarebytes Trojan.PCrypt.MSIL.Generic
ESET-NOD32 a variant of MSIL/Kryptik.VZH
TrendMicro-HouseCall Trojan.MSIL.WACATAC.THEBFBO
Rising Spyware.AgentTesla!1.B864 (CLOUD)
Ikarus Trojan.MSIL.Inject
eGambit Unsafe.AI_Score_76%
GData Trojan.GenericKD.33877231
MaxSecure Trojan.Malware.74418669.susgen
AVG Win32:PWSX-gen [Trj]
CrowdStrike win/malicious_confidence_100% (W)
Qihoo-360 Generic/HEUR/QVM03.0.5C1C.Malware.Gen
可视化分析
二进制图像
暂无二进制图像 该样本未生成二进制可视化图像
运行截图
暂无运行截图 该样本运行过程中未生成截图

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手,可以帮您分析和解读恶意软件报告。请随时向我提问!

🔍 主要威胁分析
⚡ 行为特征
🛡️ 防护建议
🔧 技术手段
🎯 检测方法
🤖

PE Compile Time

2020-02-19 15:32:22

Imports

Library mscoree.dll:
0x402000 _CorExeMain

Hosts

No hosts contacted.

DNS

No domains contacted.

TCP

No TCP connections recorded.

UDP

Source Source Port Destination Destination Port
192.168.56.101 137 192.168.56.255 137
192.168.56.101 56137 224.0.0.252 5355
192.168.56.101 63921 224.0.0.252 5355

HTTP & HTTPS Requests

No HTTP requests performed.

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.
Sorry! No dropped buffers.