f57a9e973e1cecd6b361467041e464f4
Hash
- MD5: f57a9e973e1cecd6b361467041e464f4
- SHA1: b44e800436b2892f7c8f9fbd93e5e17a2e1fde04
- SHA256: ca42cba2782a0b6952dd0425fa08cbd4de65f77fcc00e965ee97c39bea42eb18
- First Seen: 2026-05-27
- Last Seen: 2026-05-27
-
2
Related Reports
-
0
Related IOCs
Additional Information
VirusTotal
{
"data": {
"id": "ca42cba2782a0b6952dd0425fa08cbd4de65f77fcc00e965ee97c39bea42eb18",
"type": "file",
"links": {
"self": "https://www.virustotal.com/api/v3/files/ca42cba2782a0b6952dd0425fa08cbd4de65f77fcc00e965ee97c39bea42eb18"
},
"attributes": {
"last_analysis_stats": {
"malicious": 41,
"suspicious": 0,
"undetected": 30,
"harmless": 0,
"timeout": 0,
"confirmed-timeout": 0,
"failure": 0,
"type-unsupported": 4
},
"sha256": "ca42cba2782a0b6952dd0425fa08cbd4de65f77fcc00e965ee97c39bea42eb18",
"pe_info": {
"timestamp": 1772611439,
"imphash": "f5a57fb75d04f1d57a333147bc797b98",
"machine_type": 34404,
"entry_point": 10736,
"resource_details": [
{
"lang": "ENGLISH US",
"chi2": 155770.27,
"filetype": "unknown",
"entropy": 3.3102707862854004,
"sha256": "143778db6e47a4dafc8b418bffddb3c8b9b2249995d64f98919a7b82dd5bb3d5",
"type": "RT_ICON"
},
{
"lang": "ENGLISH US",
"chi2": 126849.75,
"filetype": "unknown",
"entropy": 3.461642026901245,
"sha256": "3479abffbe226423e9decdbcdf8fcec2ccee82d8ac6ab12a489883ec913e0999",
"type": "RT_ICON"
},
{
"lang": "ENGLISH US",
"chi2": 196907.33,
"filetype": "unknown",
"entropy": 1.8356906175613403,
"sha256": "42a14fd965412f8741e7b4aed696e93e02f13af4fc400598e44dbdec7ac5191f",
"type": "RT_ICON"
},
{
"lang": "ENGLISH US",
"chi2": 13177559.0,
"filetype": "unknown",
"entropy": 2.565159797668457,
"sha256": "fab4f1132f6585b11cb18dc61ed977e30fe922564dd0ba4d33018cf9d31dd0e4",
"type": "RT_ICON"
},
{
"lang": "ENGLISH US",
"chi2": 432285.12,
"filetype": "unknown",
"entropy": 2.9198484420776367,
"sha256": "69fcd7df95d4616352e6c06c84935fcf0d47e5f3681f1cf42883d03acbbf3db0",
"type": "RT_ICON"
},
{
"lang": "ENGLISH US",
"chi2": 187258.14,
"filetype": "unknown",
"entropy": 2.9977972507476807,
"sha256": "7d7e280ca6e6e21504339bb456060d5c587033d1b60c73aff8e3d55666af8dd7",
"type": "RT_ICON"
},
{
"lang": "ENGLISH US",
"chi2": 105841.72,
"filetype": "unknown",
"entropy": 3.268174648284912,
"sha256": "5f9d447266d0b3e9bdffddf64a9610dc73802d9e3383467dab036079c97c3802",
"type": "RT_ICON"
},
{
"lang": "ENGLISH US",
"chi2": 52220.29,
"filetype": "unknown",
"entropy": 2.8807451725006104,
"sha256": "e0dff6db194fa3e75e5caeb7d6692e38809a1b0e23c3f0608ddf12d8142d1d59",
"type": "RT_ICON"
},
{
"lang": "ENGLISH US",
"chi2": 70308.16,
"filetype": "unknown",
"entropy": 5.246886253356934,
"sha256": "e43aef26ed1908177ee58dfe8e0fbd18d0b8dd479dc697d07c5ccd0b6898f70e",
"type": "RT_ICON"
},
{
"lang": "ENGLISH US",
"chi2": 6540.49,
"filetype": "unknown",
"entropy": 2.7116262912750244,
"sha256": "a29831e4a3fac395e2aa86df5a0906ed2beebda018745be869477d636148f7af",
"type": "RT_MENU"
},
{
"lang": "ENGLISH US",
"chi2": 25968.0,
"filetype": "unknown",
"entropy": 3.143465042114258,
"sha256": "5a165cf601ae53d97397a733570b51afa47b9807557c5de339c5c8bc15d4fb69",
"type": "RT_DIALOG"
},
{
"lang": "ENGLISH US",
"chi2": 8311.2,
"filetype": "unknown",
"entropy": 1.7366405725479126,
"sha256": "031163479ff38dfb6fbb9a71da67eee4ff4891980f2745e09e211a7cd91d15a8",
"type": "RT_STRING"
},
{
"lang": "ENGLISH US",
"chi2": 1712.0,
"filetype": "unknown",
"entropy": 1.7987949848175049,
"sha256": "c2f0c188d6c493d7827bf83fb89c704815796445a0178bb2ae79658d96703a3c",
"type": "RT_ACCELERATOR"
},
{
"lang": "ENGLISH US",
"chi2": 8646.75,
"filetype": "ICO",
"entropy": 2.807703971862793,
"sha256": "c40423ed2109f81e8c215a681f8c04a6552083bad96abb5f27ab2972fd0cf442",
"type": "RT_GROUP_ICON"
},
{
"lang": "ENGLISH US",
"chi2": 1772.0,
"filetype": "ICO",
"entropy": 1.9814963340759277,
"sha256": "ad8420543fe71690391c03a24998b9cb8520544d36729c34ee0a9e8dc7cf16fd",
"type": "RT_GROUP_ICON"
},
{
"lang": "ENGLISH US",
"chi2": 4031.47,
"filetype": "XML",
"entropy": 4.911615371704102,
"sha256": "4bb79dcea0a901f7d9eac5aa05728ae92acb42e0cb22e5dd14134f4421a3d8df",
"type": "RT_MANIFEST"
}
],
"resource_langs": {
"ENGLISH US": 16
},
"resource_types": {
"RT_DIALOG": 1,
"RT_ICON": 9,
"RT_MANIFEST": 1,
"RT_STRING": 1,
"RT_MENU": 1,
"RT_ACCELERATOR": 1,
"RT_GROUP_ICON": 2
},
"sections": [
{
"name": ".text",
"chi2": 416777.28,
"virtual_address": 4096,
"flags": "rx",
"raw_size": 67584,
"entropy": 6.48,
"virtual_size": 67392,
"md5": "f4dbf6e5963f7a1d1ee879e9b36ed7e7"
},
{
"name": ".rdata",
"chi2": 2392689.0,
"virtual_address": 73728,
"flags": "r",
"raw_size": 41472,
"entropy": 4.69,
"virtual_size": 41344,
"md5": "40704cdc4997cbeec8fa2a016c1e5cc3"
},
{
"name": ".data",
"chi2": 2931.35,
"virtual_address": 118784,
"flags": "rw",
"raw_size": 475136,
"entropy": 8.0,
"virtual_size": 479988,
"md5": "9d299ad493670bd3b57909b3c4a1c9bb"
},
{
"name": ".pdata",
"chi2": 226342.09,
"virtual_address": 602112,
"flags": "r",
"raw_size": 4608,
"entropy": 4.78,
"virtual_size": 4392,
"md5": "4830e15e21d6a51d3535cf9d830891d4"
},
{
"name": "_RDATA",
"chi2": 38558.0,
"virtual_address": 610304,
"flags": "r",
"raw_size": 512,
"entropy": 3.7,
"virtual_size": 500,
"md5": "9aca9a8fea0c8a76a1204028d7eb7275"
},
{
"name": ".rsrc",
"chi2": 13151376.0,
"virtual_address": 614400,
"flags": "r",
"raw_size": 297472,
"entropy": 2.91,
"virtual_size": 297352,
"md5": "7023f3910d0a2d831541964eeaaace48"
},
{
"name": ".reloc",
"chi2": 32486.25,
"virtual_address": 913408,
"flags": "r",
"raw_size": 2048,
"entropy": 4.95,
"virtual_size": 1680,
"md5": "1d72435f26885ce7e36d7a37919c52f6"
}
],
"compiler_product_versions": [
"[---] Unmarked objects (old) count=1",
"[ C ] VS2022 v17.9.0 pre 1.0 build 33218 count=16",
"[ASM] VS2022 v17.9.0 pre 1.0 build 33218 count=18",
"[C++] VS2022 v17.9.0 pre 1.0 build 33218 count=46",
"[---] Unmarked objects count=103",
"[---] Resource count=1",
"id: 0x103, version: 30795 count=5",
"id: 0x105, version: 30795 count=142",
"id: 0x104, version: 30795 count=10",
"id: 0x101, version: 30795 count=11",
"id: 0x109, version: 33523 count=4",
"id: 0xff, version: 33523 count=1",
"id: 0x102, version: 33523 count=1"
],
"rich_pe_header_hash": "957f9cb76b355c09887b33796cb2345d",
"import_list": [
{
"library_name": "KERNEL32.dll",
"imported_functions": [
"CloseHandle",
"CompareStringW",
"CreateFileW",
"CreateProcessW",
"DeleteCriticalSection",
"EncodePointer",
"EnterCriticalSection",
"ExitProcess",
"FindClose",
"FindFirstFileExW",
"FindNextFileW",
"FlsAlloc",
"FlsFree",
"FlsGetValue",
"FlsSetValue",
"FlushFileBuffers",
"FreeEnvironmentStringsW",
"FreeLibrary",
"GetACP",
"GetCommandLineA",
"GetCommandLineW",
"GetConsoleMode",
"GetConsoleOutputCP",
"GetCPInfo",
"GetCurrentProcess",
"GetCurrentProcessId",
"GetCurrentThreadId",
"GetEnvironmentStringsW",
"GetFileType",
"GetLastError",
"GetModuleFileNameW",
"GetModuleHandleExW",
"GetModuleHandleW",
"GetOEMCP",
"GetProcAddress",
"GetProcessHeap",
"GetStartupInfoW",
"GetStdHandle",
"GetStringTypeW",
"GetSystemTimeAsFileTime",
"GetTickCount",
"HeapAlloc",
"HeapFree",
"HeapReAlloc",
"HeapSize",
"InitializeCriticalSectionAndSpinCount",
"InitializeSListHead",
"IsDebuggerPresent",
"IsProcessorFeaturePresent",
"IsValidCodePage",
"LCMapStringW",
"LeaveCriticalSection",
"LoadLibraryExW",
"lstrcatW",
"lstrcpyW",
"lstrlenW",
"MultiByteToWideChar",
"QueryPerformanceCounter",
"RaiseException",
"RtlCaptureContext",
"RtlLookupFunctionEntry",
"RtlPcToFileHeader",
"RtlUnwindEx",
"RtlVirtualUnwind",
"SetEnvironmentVariableW",
"SetFileInformationByHandle",
"SetFilePointerEx",
"SetLastError",
"SetStdHandle",
"SetUnhandledExceptionFilter",
"TerminateProcess",
"TlsAlloc",
"TlsFree",
"TlsGetValue",
"TlsSetValue",
"UnhandledExceptionFilter",
"WideCharToMultiByte",
"WriteConsoleW",
"WriteFile"
]
},
{
"library_name": "USER32.dll",
"imported_functions": [
"wsprintfW"
]
},
{
"library_name": "SHELL32.dll",
"imported_functions": [
"ShellExecuteW"
]
},
{
"library_name": "IPHLPAPI.DLL",
"imported_functions": [
"GetAdaptersInfo"
]
},
{
"library_name": "ADVAPI32.dll",
"imported_functions": [
"RegGetValueA"
]
}
]
},
"detectiteasy": {
"filetype": "PE64",
"values": [
{
"info": "LTCG/C++",
"version": "19.36.33523",
"type": "Compiler",
"name": "Microsoft Visual C/C++"
},
{
"version": "14.36.33523",
"type": "Linker",
"name": "Microsoft Linker"
},
{
"version": "2022 version 17.6",
"type": "Tool",
"name": "Visual Studio"
}
]
},
"type_tag": "peexe",
"tlsh": "T17E159C4632E328E7D039713AB4F24E91F365AF2CCA545B5B1E9C32576DF22804E2DA5C",
"times_submitted": 1,
"filecondis": {
"dhash": "0000001d1c1d0010",
"raw_md5": "bc3727f33851bf778f6c8b7dc6474923"
},
"magic": "PE32+ executable (GUI) x86-64, for MS Windows",
"tags": [
"peexe",
"64bits"
],
"total_votes": {
"harmless": 0,
"malicious": 1
},
"ssdeep": "12288:YMgXwNZJsZIOOZ9rXTCOB6DW8VgYpo2LXCBBG95R7DnOpWRZ8F:YI8wrXTCO0ZalBM/FDOkRZ8F",
"first_submission_date": 1772794874,
"trid": [
{
"file_type": "Win64 Executable (generic)",
"probability": 37.0
},
{
"file_type": "Win16 NE executable (generic)",
"probability": 28.6
},
{
"file_type": "OS/2 Executable (generic)",
"probability": 11.5
},
{
"file_type": "Generic Win/DOS Executable",
"probability": 11.3
},
{
"file_type": "DOS Executable (generic)",
"probability": 11.3
}
],
"magika": "PEBIN",
"first_seen_itw_date": 1772879508,
"names": [
"u33scid4q.exe",
"2026-03-06_f57a9e973e1cecd6b361467041e464f4_cobalt-strike_icedid_satacom_stealc_vidar"
],
"sha1": "b44e800436b2892f7c8f9fbd93e5e17a2e1fde04",
"vhash": "085076655d755515155018z4fhz13z1fz",
"meaningful_name": "u33scid4q.exe",
"type_extension": "exe",
"authentihash": "6251bc3648a2a98f022ae19c8672a1958749bc56e01098c2e94868687b4edb3b",
"last_submission_date": 1772794874,
"type_tags": [
"executable",
"windows",
"win32",
"pe",
"peexe"
],
"creation_date": 1772611439,
"last_analysis_date": 1779926474,
"last_modification_date": 1779933714,
"popular_threat_classification": {
"suggested_threat_label": "trojan.kimsuky/pmax",
"popular_threat_category": [
{
"value": "trojan",
"count": 18
},
{
"value": "virus",
"count": 2
},
{
"value": "dropper",
"count": 1
}
],
"popular_threat_name": [
{
"value": "kimsuky",
"count": 10
},
{
"value": "pmax",
"count": 3
},
{
"value": "axpd",
"count": 2
}
]
},
"last_analysis_results": {
"Bkav": {
"method": "blacklist",
"engine_name": "Bkav",
"engine_version": "8.2.40(8338)",
"engine_update": "20260527",
"category": "malicious",
"result": "W32.Malware.62463C21"
},
"Lionic": {
"method": "blacklist",
"engine_name": "Lionic",
"engine_version": "8.16",
"engine_update": "20260527",
"category": "malicious",
"result": "Trojan.Win32.Kimsuky.4!c"
},
"tehtris": {
"method": "blacklist",
"engine_name": "tehtris",
"engine_version": "v0.1.4",
"engine_update": "20260528",
"category": "undetected",
"result": null
},
"MicroWorld-eScan": {
"method": "blacklist",
"engine_name": "MicroWorld-eScan",
"engine_version": "14.0.409.0",
"engine_update": "20260527",
"category": "undetected",
"result": null
},
"ClamAV": {
"method": "blacklist",
"engine_name": "ClamAV",
"engine_version": "1.5.2.0",
"engine_update": "20260527",
"category": "undetected",
"result": null
},
"CMC": {
"method": "blacklist",
"engine_name": "CMC",
"engine_version": "2.4.2022.1",
"engine_update": "20260527",
"category": "undetected",
"result": null
},
"CAT-QuickHeal": {
"method": "blacklist",
"engine_name": "CAT-QuickHeal",
"engine_version": "22.00",
"engine_update": "20260527",
"category": "undetected",
"result": null
},
"Skyhigh": {
"method": "blacklist",
"engine_name": "Skyhigh",
"engine_version": "v2021.2.0+4045",
"engine_update": "20260527",
"category": "malicious",
"result": "BehavesLike.Win64.Dropper.ch"
},
"ALYac": {
"method": "blacklist",
"engine_name": "ALYac",
"engine_version": "2.0.0.10",
"engine_update": "20260527",
"category": "malicious",
"result": "Trojan.Agent.644608A"
},
"Cylance": {
"method": "blacklist",
"engine_name": "Cylance",
"engine_version": "3.0.0.0",
"engine_update": "20260521",
"category": "malicious",
"result": "Unsafe"
},
"VIPRE": {
"method": "blacklist",
"engine_name": "VIPRE",
"engine_version": "6.0.0.35",
"engine_update": "20260527",
"category": "undetected",
"result": null
},
"Sangfor": {
"method": "blacklist",
"engine_name": "Sangfor",
"engine_version": "2.22.3.0",
"engine_update": "20260525",
"category": "malicious",
"result": "Trojan.Win32.Save.a"
},
"CrowdStrike": {
"method": "blacklist",
"engine_name": "CrowdStrike",
"engine_version": "1.0",
"engine_update": "20251219",
"category": "malicious",
"result": "win/malicious_confidence_100% (D)"
},
"BitDefender": {
"method": "blacklist",
"engine_name": "BitDefender",
"engine_version": "7.2",
"engine_update": "20260527",
"category": "undetected",
"result": null
},
"K7GW": {
"method": "blacklist",
"engine_name": "K7GW",
"engine_version": "14.54.59636",
"engine_update": "20260527",
"category": "malicious",
"result": "Backdoor ( 006dbd7b1 )"
},
"K7AntiVirus": {
"method": "blacklist",
"engine_name": "K7AntiVirus",
"engine_version": "14.54.59636",
"engine_update": "20260527",
"category": "malicious",
"result": "Backdoor ( 006dbd7b1 )"
},
"Arcabit": {
"method": "blacklist",
"engine_name": "Arcabit",
"engine_version": "2025.0.0.23",
"engine_update": "20260527",
"category": "undetected",
"result": null
},
"huorong": {
"method": "blacklist",
"engine_name": "huorong",
"engine_version": "8019ebe:8019ebe:4ac772e:4ac772e",
"engine_update": "20260527",
"category": "undetected",
"result": null
},
"VirIT": {
"method": "blacklist",
"engine_name": "VirIT",
"engine_version": "9.5.1216",
"engine_update": "20260527",
"category": "undetected",
"result": null
},
"Symantec": {
"method": "blacklist",
"engine_name": "Symantec",
"engine_version": "1.22.0.0",
"engine_update": "20260527",
"category": "malicious",
"result": "ML.Attribute.HighConfidence"
},
"Elastic": {
"method": "blacklist",
"engine_name": "Elastic",
"engine_version": "4.0.264",
"engine_update": "20260527",
"category": "malicious",
"result": "malicious (high confidence)"
},
"ESET-NOD32": {
"method": "blacklist",
"engine_name": "ESET-NOD32",
"engine_version": "18.2.18.0",
"engine_update": "20260527",
"category": "malicious",
"result": "Win64/Kimsuky.BV trojan"
},
"Zoner": {
"method": "blacklist",
"engine_name": "Zoner",
"engine_version": "2.2.2.0",
"engine_update": "20260527",
"category": "undetected",
"result": null
},
"TrendMicro-HouseCall": {
"method": "blacklist",
"engine_name": "TrendMicro-HouseCall",
"engine_version": "24.550.0.1002",
"engine_update": "20260527",
"category": "undetected",
"result": null
},
"Paloalto": {
"method": "blacklist",
"engine_name": "Paloalto",
"engine_version": "0.9.0.1003",
"engine_update": "20260528",
"category": "malicious",
"result": "generic.ml"
},
"Cynet": {
"method": "blacklist",
"engine_name": "Cynet",
"engine_version": "4.0.3.4",
"engine_update": "20260527",
"category": "malicious",
"result": "Malicious (score: 99)"
},
"Kaspersky": {
"method": "blacklist",
"engine_name": "Kaspersky",
"engine_version": "22.0.1.28",
"engine_update": "20260527",
"category": "malicious",
"result": "Backdoor.Win32.PMax.axpd"
},
"Alibaba": {
"method": "blacklist",
"engine_name": "Alibaba",
"engine_version": "0.3.0.5",
"engine_update": "20190527",
"category": "malicious",
"result": "Backdoor:Win64/Kimsuky.7ffccb1d"
},
"NANO-Antivirus": {
"method": "blacklist",
"engine_name": "NANO-Antivirus",
"engine_version": "1.0.170.26895",
"engine_update": "20260527",
"category": "undetected",
"result": null
},
"SUPERAntiSpyware": {
"method": "blacklist",
"engine_name": "SUPERAntiSpyware",
"engine_version": "5.6.0.1032",
"engine_update": "20260527",
"category": "undetected",
"result": null
},
"Tencent": {
"method": "blacklist",
"engine_name": "Tencent",
"engine_version": "1.0.0.1",
"engine_update": "20260528",
"category": "malicious",
"result": "Malware.Win32.Gencirc.14aab1e1"
},
"Sophos": {
"method": "blacklist",
"engine_name": "Sophos",
"engine_version": "3.5.1.0",
"engine_update": "20260527",
"category": "malicious",
"result": "Mal/Generic-S"
},
"F-Secure": {
"method": "blacklist",
"engine_name": "F-Secure",
"engine_version": "18.10.1547.307",
"engine_update": "20260527",
"category": "malicious",
"result": "Trojan.TR/W64.Agent"
},
"DrWeb": {
"method": "blacklist",
"engine_name": "DrWeb",
"engine_version": "7.0.75.2070",
"engine_update": "20260527",
"category": "malicious",
"result": "Trojan.MulDrop36.9950"
},
"Zillya": {
"method": "blacklist",
"engine_name": "Zillya",
"engine_version": "2.0.0.5609",
"engine_update": "20260527",
"category": "malicious",
"result": "Trojan.Agent.Win64.175481"
},
"TrendMicro": {
"method": "blacklist",
"engine_name": "TrendMicro",
"engine_version": "24.550.0.1002",
"engine_update": "20260527",
"category": "undetected",
"result": null
},
"McAfeeD": {
"method": "blacklist",
"engine_name": "McAfeeD",
"engine_version": "1.2.0.14532",
"engine_update": "20260528",
"category": "malicious",
"result": "ti!CA42CBA2782A"
},
"Trapmine": {
"method": "blacklist",
"engine_name": "Trapmine",
"engine_version": "4.0.12.0",
"engine_update": "20260504",
"category": "malicious",
"result": "suspicious.low.ml.score"
},
"CTX": {
"method": "blacklist",
"engine_name": "CTX",
"engine_version": "2024.8.29.1",
"engine_update": "20260528",
"category": "malicious",
"result": "exe.trojan.kimsuky"
},
"Emsisoft": {
"method": "blacklist",
"engine_name": "Emsisoft",
"engine_version": "2024.8.0.61147",
"engine_update": "20260527",
"category": "undetected",
"result": null
},
"Ikarus": {
"method": "blacklist",
"engine_name": "Ikarus",
"engine_version": "6.4.16.0",
"engine_update": "20260527",
"category": "malicious",
"result": "Trojan.Win64.Kimsuky"
},
"Jiangmin": {
"method": "blacklist",
"engine_name": "Jiangmin",
"engine_version": "16.0.100",
"engine_update": "20260526",
"category": "undetected",
"result": null
},
"Webroot": {
"method": "blacklist",
"engine_name": "Webroot",
"engine_version": "1.9.0.8",
"engine_update": "20250227",
"category": "undetected",
"result": null
},
"Google": {
"method": "blacklist",
"engine_name": "Google",
"engine_version": "1779922840",
"engine_update": "20260528",
"category": "malicious",
"result": "Detected"
},
"Avira": {
"method": "blacklist",
"engine_name": "Avira",
"engine_version": "8.3.3.24",
"engine_update": "20260527",
"category": "malicious",
"result": "TR/W64.Agent"
},
"Antiy-AVL": {
"method": "blacklist",
"engine_name": "Antiy-AVL",
"engine_version": "3.0",
"engine_update": "20260527",
"category": "malicious",
"result": "Trojan/Win64.Kimsuky"
},
"Kingsoft": {
"method": "blacklist",
"engine_name": "Kingsoft",
"engine_version": "None",
"engine_update": "20260527",
"category": "malicious",
"result": "Win32.Hack.PMax.axpd"
},
"Gridinsoft": {
"method": "blacklist",
"engine_name": "Gridinsoft",
"engine_version": "1.0.247.174",
"engine_update": "20260527",
"category": "undetected",
"result": null
},
"Xcitium": {
"method": "blacklist",
"engine_name": "Xcitium",
"engine_version": "38681",
"engine_update": "20260527",
"category": "undetected",
"result": null
},
"Microsoft": {
"method": "blacklist",
"engine_name": "Microsoft",
"engine_version": "1.1.26040.8",
"engine_update": "20260527",
"category": "undetected",
"result": null
},
"ViRobot": {
"method": "blacklist",
"engine_name": "ViRobot",
"engine_version": "2014.3.20.0",
"engine_update": "20260527",
"category": "undetected",
"result": null
},
"ZoneAlarm": {
"method": "blacklist",
"engine_name": "ZoneAlarm",
"engine_version": "6.25-116107113",
"engine_update": "20260527",
"category": "undetected",
"result": null
},
"GData": {
"method": "blacklist",
"engine_name": "GData",
"engine_version": "GD:27.44698AVA:64.31317",
"engine_update": "20260528",
"category": "undetected",
"result": null
},
"Varist": {
"method": "blacklist",
"engine_name": "Varist",
"engine_version": "6.6.1.3",
"engine_update": "20260527",
"category": "malicious",
"result": "W64/ABTrojan.ROEW-7425"
},
"AhnLab-V3": {
"method": "blacklist",
"engine_name": "AhnLab-V3",
"engine_version": "3.30.0.10666",
"engine_update": "20260527",
"category": "malicious",
"result": "Trojan/Win.MalwareGeneric.C5853401"
},
"Acronis": {
"method": "blacklist",
"engine_name": "Acronis",
"engine_version": "1.2.0.121",
"engine_update": "20240328",
"category": "undetected",
"result": null
},
"VBA32": {
"method": "blacklist",
"engine_name": "VBA32",
"engine_version": "5.6.1",
"engine_update": "20260527",
"category": "undetected",
"result": null
},
"TACHYON": {
"method": "blacklist",
"engine_name": "TACHYON",
"engine_version": "2026-05-27.02",
"engine_update": "20260527",
"category": "undetected",
"result": null
},
"DeepInstinct": {
"method": "blacklist",
"engine_name": "DeepInstinct",
"engine_version": "5.0.0.8",
"engine_update": "20260527",
"category": "malicious",
"result": "MALICIOUS"
},
"Malwarebytes": {
"method": "blacklist",
"engine_name": "Malwarebytes",
"engine_version": "3.1.0.235",
"engine_update": "20260527",
"category": "malicious",
"result": "Neshta.Virus.FileInfector.DDS"
},
"Panda": {
"method": "blacklist",
"engine_name": "Panda",
"engine_version": "4.6.4.2",
"engine_update": "20260527",
"category": "undetected",
"result": null
},
"APEX": {
"method": "blacklist",
"engine_name": "APEX",
"engine_version": "6.782",
"engine_update": "20260525",
"category": "malicious",
"result": "Malicious"
},
"Rising": {
"method": "blacklist",
"engine_name": "Rising",
"engine_version": "25.0.0.28",
"engine_update": "20260527",
"category": "malicious",
"result": "Backdoor.PMax!8.2E40 (CLOUD)"
},
"Yandex": {
"method": "blacklist",
"engine_name": "Yandex",
"engine_version": "5.5.2.24",
"engine_update": "20260527",
"category": "undetected",
"result": null
},
"TrellixENS": {
"method": "blacklist",
"engine_name": "TrellixENS",
"engine_version": "6.0.6.653",
"engine_update": "20260527",
"category": "malicious",
"result": "ACL/Malware Generic.TSTW"
},
"SentinelOne": {
"method": "blacklist",
"engine_name": "SentinelOne",
"engine_version": "7.6.2.19",
"engine_update": "20260324",
"category": "undetected",
"result": null
},
"MaxSecure": {
"method": "blacklist",
"engine_name": "MaxSecure",
"engine_version": "1.0.0.1",
"engine_update": "20260527",
"category": "malicious",
"result": "Trojan.Malware.591159900.susgen"
},
"Fortinet": {
"method": "blacklist",
"engine_name": "Fortinet",
"engine_version": "7.0.48.0",
"engine_update": "20260527",
"category": "malicious",
"result": "W64/Kimsuky.BV!tr"
},
"AVG": {
"method": "blacklist",
"engine_name": "AVG",
"engine_version": "23.9.8494.0",
"engine_update": "20260527",
"category": "malicious",
"result": "Win32:Kimsuky-AW [Trj]"
},
"Avast": {
"method": "blacklist",
"engine_name": "Avast",
"engine_version": "23.9.8494.0",
"engine_update": "20260527",
"category": "malicious",
"result": "Win32:Kimsuky-AW [Trj]"
},
"alibabacloud": {
"method": "blacklist",
"engine_name": "alibabacloud",
"engine_version": "2.2.0",
"engine_update": "20250321",
"category": "malicious",
"result": "Backdoor:Win/Kimsuky.BY"
},
"Trustlook": {
"method": "blacklist",
"engine_name": "Trustlook",
"engine_version": "1.0",
"engine_update": "20260528",
"category": "type-unsupported",
"result": null
},
"SymantecMobileInsight": {
"method": "blacklist",
"engine_name": "SymantecMobileInsight",
"engine_version": "2.0",
"engine_update": "20260123",
"category": "type-unsupported",
"result": null
},
"BitDefenderFalx": {
"method": "blacklist",
"engine_name": "BitDefenderFalx",
"engine_version": "2.0.936",
"engine_update": "20260525",
"category": "type-unsupported",
"result": null
},
"Avast-Mobile": {
"method": "blacklist",
"engine_name": "Avast-Mobile",
"engine_version": "260527-02",
"engine_update": "20260527",
"category": "type-unsupported",
"result": null
}
},
"type_description": "Win32 EXE",
"md5": "f57a9e973e1cecd6b361467041e464f4",
"unique_sources": 1,
"reputation": -1,
"sandbox_verdicts": {
"Zenbox": {
"category": "harmless",
"malware_classification": [
"CLEAN"
],
"sandbox_name": "Zenbox",
"confidence": 100
},
"Dr.Web vxCube": {
"category": "malicious",
"malware_classification": [
"MALWARE"
],
"sandbox_name": "Dr.Web vxCube"
}
},
"size": 889856
}
}
}