popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

index.php

Glupteba
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 April 1, 2021, 11:25 a.m. April 1, 2021, 11:27 a.m.
Size 176.5KB
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 3dad2115d11934feab14efcccf10eb6f
SHA256 168eada700bc85528f3405b7f4c72c9d565cc28d90e40b05d429c59a2625dd8c
CRC32 D195B986
ssdeep 3072:nJh9qxgcuOxAsZWL/MLt48jauhDeVB/7Gp7ZX82i:r9iUOCIL28UkptXO
PDB Path C:\haseniwumos4\lajubamomonazega cesi\hakanor\rasuluva9\goyabopeje.pdbb
Yara
  • Trojan_Win32_Glupteba_1_Zero - Trojan Win32 Glupteba
  • PE_Header_Zero - PE File Signature Zero
  • win_mutex - Create or check mutex
  • win_files_operation - Affect private profile
  • IsPE32 - (no description)
  • IsWindowsGUI - (no description)
  • HasDebugData - DebugData Check
  • HasRichSignature - Rich Signature Check

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
164.124.101.2 Active Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

pdb_path C:\haseniwumos4\lajubamomonazega cesi\hakanor\rasuluva9\goyabopeje.pdbb
section {u'size_of_data': u'0x0000aa00', u'virtual_address': u'0x0001d000', u'entropy': 6.955364075998353, u'name': u'.data', u'virtual_size': u'0x02778e60'} entropy 6.955364076 description A section with a high entropy has been found
entropy 0.242165242165 description Overall entropy of this PE file is high
Bkav W32.AIDetect.malware2
Elastic malicious (high confidence)
FireEye Generic.mg.3dad2115d11934fe
McAfee GenericRXAA-FA!3DAD2115D119
Sangfor Trojan.Win32.Save.a
K7AntiVirus Trojan ( 0053d5971 )
K7GW Trojan ( 0053d5971 )
Cybereason malicious.4fa520
BitDefenderTheta Gen:NN.ZexaE.34662.lqW@a46CD0nG
Symantec ML.Attribute.HighConfidence
APEX Malicious
Kaspersky VHO:Trojan.Win32.Convagent.gen
Sophos ML/PE-A
McAfee-GW-Edition BehavesLike.Win32.Trojan.ch
Ikarus Trojan-Banker.UrSnif
Microsoft Trojan:Win32/Wacatac.B!ml
Cynet Malicious (score: 100)
Cylance Unsafe
Rising Malware.Heuristic!ET#89% (RDMK:cmRtazqp9DW+tUTFuErg2rKiSl+d)
SentinelOne Static AI - Malicious PE
eGambit Unsafe.AI_Score_83%
CrowdStrike win/malicious_confidence_90% (D)
Qihoo-360 HEUR/QVM10.1.48AF.Malware.Gen