popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

44285,5327891204.dat

  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 April 6, 2021, 8:28 a.m. April 6, 2021, 8:28 a.m.
Size 220.0KB
Type PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5 ff850d5378ad9ecc1953cfe104b5298d
SHA256 12beb51eff2c95616d1ee91830048c87715953a39699f3167aaa8956aa44ef21
CRC32 00F32A4F
ssdeep 1536:6j2b0yzmq83AGHuU2rs3VN2farGJti7VkJtvTU9Lkv9anrQmpfQo62g5mTCIscmW:6j22OU2rbKEtsIzF+ubH9RAbiZE4WT
Yara
  • PE_Header_Zero - PE File Signature Zero
  • IsPE64 - (no description)
  • IsDLL - (no description)
  • IsWindowsGUI - (no description)
  • HasDebugData - DebugData Check
  • HasRichSignature - Rich Signature Check

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section .ndata
CrowdStrike win/malicious_confidence_60% (W)
APEX Malicious
Avast FileRepMalware
Kaspersky UDS:DangerousObject.Multi.Generic
McAfee-GW-Edition BehavesLike.Win64.Ardurk.dh
Microsoft Trojan:Win32/IcedID.GG!MTB
ZoneAlarm UDS:DangerousObject.Multi.Generic
AVG FileRepMalware