Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6402	April 26, 2021, 9:19 a.m.	April 26, 2021, 9:21 a.m.

Size	5.4MB
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`9820b61c2ef614e025f986fafa130e39`
SHA256	`3415580fcbf21f6baf12e1f387755157effc175d8b9f7e75b54bf6db12168dd3`
CRC32	`07D6648D`
ssdeep	`98304:7enUZv1w6EtevwZ+tHW9B2BlYvx8cv32cjxrQ7/59EaUI01hyWkgBnofepELAE:OUBa6keW5B2qCvcjVu56GY57sepEf`
Yara	PE_Header_Zero - PE File Signature Zero IsPE32 - (no description) IsWindowsGUI - (no description) IsPacked - Entropy Check HasDebugData - DebugData Check IsBeyondImageSize - Data Beyond ImageSize Check

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

No Suricata Alerts

No Suricata TLS

section

.sibapef

section

{u'size_of_data': u'0x005e0800', u'virtual_address': u'0x00001000', u'entropy': 7.998551842311826, u'name': u'.text', u'virtual_size': u'0x005e0756'}

entropy

7.99855184231

description

A section with a high entropy has been found

entropy

0.979093793216

description

Overall entropy of this PE file is high

local.exe