popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

이력서_210620(경력사항도 같이 기재하였으니 확인부탁드립니다).exe

PE32 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6402 June 21, 2021, 8:21 p.m. June 21, 2021, 8:24 p.m.
Size 264.5KB
Type PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
MD5 69e7253f4566665890fa293e91a1bc89
SHA256 775c0f740544f1a49846ff7840bcffb7fd338f994f192e4a890fbcfbff7cf069
CRC32 09FB9308
ssdeep 3072:uomnzVincQDKgcFKXXXXXXXXeO2RebPYgqh2jT9KNp0BjY8n:utZ5BOtP31lBn
Yara
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
172.217.25.14 Active Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Time & API Arguments Status Return Repeated

GlobalMemoryStatusEx

 1 1 0
section .ndata
Time & API Arguments Status Return Repeated

NtProtectVirtualMemory

 process_identifier: 5904
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
length: 4096
protection: 64 (PAGE_EXECUTE_READWRITE)
base_address: 0x73772000
process_handle: 0xffffffff
1 0 0
host 172.217.25.14
Bkav W32.AIDetect.malware2
Elastic malicious (high confidence)
McAfee Artemis!69E7253F4566
Cylance Unsafe
Cybereason malicious.882094
Symantec ML.Attribute.HighConfidence
ESET-NOD32 a variant of Generik.GQCOJDR
APEX Malicious
Paloalto generic.ml
Cynet Malicious (score: 99)
Kaspersky UDS:Trojan.Win32.DelShad.gen
Avast Win32:Malware-gen
Sophos Mal/Generic-S
McAfee-GW-Edition BehavesLike.Win32.AdwareAdload.dh
Jiangmin Trojan.Injects.tn
Avira HEUR/AGEN.1116921
Microsoft Trojan:Win32/Wacatac.B!ml
AegisLab Trojan.Win32.Androm.m!c
ZoneAlarm UDS:DangerousObject.Multi.Generic
AhnLab-V3 Trojan/Win.Ransom.C4530908
ALYac Trojan.Ransom.Makop
MAX malware (ai score=100)
TrendMicro-HouseCall TROJ_GEN.R002H06FL21
Rising Trojan.Injector/NSIS!1.BFBB (CLASSIC)
Fortinet NSIS/Injector.777B!tr.ransom
AVG Win32:Malware-gen
CrowdStrike win/malicious_confidence_60% (W)