popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Zenar.exe

  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 April 2, 2021, 10:16 a.m. April 2, 2021, 10:17 a.m.
Size 235.5KB
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 85fe410ff23b4ef7db799ecdf574dd91
SHA256 9b877d63088137a893a8b4b9f6774b25f7f9edaa6345e09130b3d18dcbed2ff7
CRC32 585AC197
ssdeep 6144:LkfzyEnKwa1oLsfi8X4jqbGelDBDDAObo+WH2Xe:LkKv1oLsfwo13DDfbX
PDB Path D:\Zenar Project\Miner\Zenar побочная ветвь\Release\Zenar.pdb
Yara
  • PE_Header_Zero - PE File Signature Zero
  • OS_Processor_Check_Zero - OS Processor Check Signature Zero
  • network_http - Communications over HTTP
  • win_files_operation - Affect private profile
  • Str_Win32_Wininet_Library - Match Windows Inet API library declaration
  • Str_Win32_Internet_API - Match Windows Inet API call
  • Str_Win32_Http_API - Match Windows Http API call
  • IsPE32 - (no description)
  • IsWindowsGUI - (no description)
  • HasDebugData - DebugData Check
  • HasRichSignature - Rich Signature Check

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

pdb_path D:\Zenar Project\Miner\Zenar побочная ветвь\Release\Zenar.pdb
Bkav W32.AIDetect.malware2
FireEye Generic.mg.85fe410ff23b4ef7
McAfee RDN/Generic.rp
Sangfor Trojan.Win32.Save.a
Cybereason malicious.65ba59
Arcabit Trojan.Generic.D22EB586
Symantec ML.Attribute.HighConfidence
APEX Malicious
Avast Win32:Malware-gen
Cynet Malicious (score: 100)
BitDefender Trojan.GenericKD.36615558
MicroWorld-eScan Trojan.GenericKD.36615558
Ad-Aware Trojan.GenericKD.36615558
Emsisoft Trojan.GenericKD.36615558 (B)
McAfee-GW-Edition BehavesLike.Win32.OxyPump.dh
eGambit Unsafe.AI_Score_99%
Gridinsoft Adware.Win32.Downloader.sa
Microsoft PUA:Win32/CoinMiner
AegisLab Trojan.Win32.Generic.4!c
GData Trojan.GenericKD.36615558
BitDefenderTheta Gen:NN.ZexaF.34662.ouW@aeSEXkfi
VBA32 suspected of Trojan.Downloader.gen
Rising Trojan.CoinMiner!8.30A (CLOUD)
SentinelOne Static AI - Malicious PE
Fortinet PossibleThreat.MU
AVG Win32:Malware-gen
CrowdStrike win/malicious_confidence_90% (W)
Qihoo-360 Win32/Heur.Generic.HwoCRhsA
dead_host 192.168.56.101:49215