| 查杀引擎 | 查杀结果 | 查杀时间 | 查杀版本 |
|---|---|---|---|
| McAfee | Emotet-FSD!B54C48E055A0 | 20201022 | 6.0.6.653 |
| Alibaba | Trojan:Win32/Emotet.cad16c9d | 20190527 | 0.3.0.5 |
| CrowdStrike | win/malicious_confidence_100% (W) | 20190702 | 1.0 |
| Baidu | 20190318 | 1.0.0.2 | |
| Avast | Win32:TrojanX-gen [Trj] | 20201022 | 18.4.3895.0 |
| Tencent | Malware.Win32.Gencirc.10cdfe48 | 20201022 | 1.0.0.1 |
| Kingsoft | 20201022 | 2013.8.14.323 |
| Time & API | Arguments | Status | Return | Repeated |
|---|---|---|---|---|
|
1620897734.674625 GetComputerNameA |
computer_name:
OSKAR-PC
|
success | 1 | 0 |
| resource name | None |
| Time & API | Arguments | Status | Return | Repeated |
|---|---|---|---|---|
|
1620897735.190625 GetAdaptersAddresses |
flags:
0
family: 0 |
failed | 111 | 0 |
| entropy | 6.959926921745421 | section | {'size_of_data': '0x00010000', 'virtual_address': '0x00037000', 'entropy': 6.959926921745421, 'name': '.rsrc', 'virtual_size': '0x0000ffa8'} | description | A section with a high entropy has been found | |||||||||
| entropy | 0.24242424242424243 | description | Overall entropy of this PE file is high | |||||||||||
| process | b54c48e055a0b00d4fd6ccbd5f1b0a2f.exe |
| Bkav | W32.VobfusAgentHQ.Trojan |
| Elastic | malicious (high confidence) |
| MicroWorld-eScan | Trojan.GenericKDZ.69924 |
| FireEye | Trojan.GenericKDZ.69924 |
| CAT-QuickHeal | Trojan.EmotetPMF.S15765419 |
| Qihoo-360 | Win32/Trojan.fc8 |
| McAfee | Emotet-FSD!B54C48E055A0 |
| Cylance | Unsafe |
| VIPRE | Trojan.Win32.Generic!BT |
| K7AntiVirus | Trojan ( 0056dc831 ) |
| Alibaba | Trojan:Win32/Emotet.cad16c9d |
| K7GW | Trojan ( 0056dcb21 ) |
| CrowdStrike | win/malicious_confidence_100% (W) |
| Arcabit | Trojan.Generic.D11124 |
| Invincea | Mal/Generic-R + Troj/Emotet-CLZ |
| Cyren | W32/Kryptik.BWJ.gen!Eldorado |
| Symantec | Packed.Generic.554 |
| APEX | Malicious |
| Avast | Win32:TrojanX-gen [Trj] |
| ClamAV | Win.Malware.Emotet-9753021-0 |
| Kaspersky | Trojan-Banker.Win32.Emotet.gdnd |
| BitDefender | Trojan.GenericKDZ.69924 |
| NANO-Antivirus | Trojan.Win32.Emotet.hucsvi |
| Paloalto | generic.ml |
| AegisLab | Trojan.Win32.Emotet.L!c |
| Tencent | Malware.Win32.Gencirc.10cdfe48 |
| Ad-Aware | Trojan.GenericKDZ.69924 |
| TACHYON | Trojan/W32.Agent.274432.ALH |
| Emsisoft | Trojan.Emotet (A) |
| Comodo | Malware@#3u0uc8lqlnbzx |
| F-Secure | Trojan.TR/AD.Emotet.govac |
| DrWeb | Trojan.DownLoader34.32692 |
| Zillya | Trojan.Emotet.Win32.28359 |
| TrendMicro | TrojanSpy.Win32.EMOTET.THJABBO |
| McAfee-GW-Edition | BehavesLike.Win32.Emotet.dh |
| Sophos | Troj/Emotet-CLZ |
| Ikarus | Trojan-Banker.Emotet |
| Jiangmin | Trojan.Banker.Emotet.oic |
| Avira | TR/AD.Emotet.govac |
| Antiy-AVL | Trojan[Banker]/Win32.Emotet |
| Microsoft | Trojan:Win32/Emotet.ARK!MTB |
| ViRobot | Trojan.Win32.Emotet.274432.A |
| ZoneAlarm | Trojan-Banker.Win32.Emotet.gdnd |
| GData | Trojan.GenericKDZ.69924 |
| Cynet | Malicious (score: 100) |
| AhnLab-V3 | Malware/Win32.Generic.C4192695 |
| ALYac | Trojan.Agent.Emotet |
| MAX | malware (ai score=100) |
| VBA32 | TrojanBanker.Emotet |
| Malwarebytes | Trojan.Agent |
| Ordinal | Address | Name |
|---|---|---|
| 1 | 0x401545 | UUACZDADWAJJJJJ |
No hosts contacted.
No domains contacted.
No TCP connections recorded.
No UDP connections recorded.
No HTTP requests performed.
No ICMP traffic performed.
No IRC requests performed.
No Suricata Alerts
No Suricata TLS
No Snort Alerts