popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

userx.exe

AsyncRAT
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6402 April 1, 2021, 9:52 a.m. April 1, 2021, 9:53 a.m.
Size 28.2KB
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 e79af90437c07b466c15f9962d51f0da
SHA256 f5bed5c378921320c9c740e332e83dd05bcc3e888213f7478029c39fb200c583
CRC32 B40679F8
ssdeep 384:M3Njp86HapCU6DIrAzLCddLUJfl0ulSXhwK:M3Njp86amDIMuGfl0uIhwK
Yara
  • PE_Header_Zero - PE File Signature Zero
  • IsPE32 - (no description)
  • IsNET_EXE - (no description)
  • IsWindowsGUI - (no description)
  • HasOverlay - Overlay Check
  • Win_Backdoor_AsyncRAT_Zero - Win Backdoor AsyncRAT

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

FireEye Generic.mg.e79af90437c07b46
Cylance Unsafe
Sangfor Trojan.Win32.Save.a
Cybereason malicious.8171a1
BitDefenderTheta Gen:NN.ZemsilF.34662.bm1@aqt8q8h
Cyren W32/MSIL_Kryptik.DNB.gen!Eldorado
Symantec Scr.Malcode!gdn40
APEX Malicious
Paloalto generic.ml
Kaspersky UDS:DangerousObject.Multi.Generic
Avast FileRepMetagen [Malware]
McAfee-GW-Edition Artemis!Trojan
eGambit Unsafe.AI_Score_99%
Microsoft Trojan:Win32/Wacatac.B!ml
McAfee Artemis!E79AF90437C0
Ikarus Trojan.MSIL.PSW
Fortinet MSIL/Kryptik.DNK!tr.dldr
AVG FileRepMetagen [Malware]
CrowdStrike win/malicious_confidence_60% (W)