popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Pupdate.exe

PE32 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 June 24, 2021, 7:06 p.m. June 24, 2021, 7:17 p.m.
Size 231.7KB
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 a7e34959537cedd0cfef50389edf3b03
SHA256 a8264414c7c743639ab7b9d2598a58d52f8a9557191bb77903d0dd5a149873a0
CRC32 B2D654B9
ssdeep 6144:1w21Y/Lm7as0CnLFPsE92NzHcdZYeNtFW1kpswr7n:B1uLm7ahCJPstzHcdZYeNa1OtXn
Yara
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section {u'size_of_data': u'0x00045000', u'virtual_address': u'0x00001000', u'entropy': 7.536881817229449, u'name': u'.text', u'virtual_size': u'0x00044ee0'} entropy 7.53688181723 description A section with a high entropy has been found
entropy 0.641860465116 description Overall entropy of this PE file is high
Bkav W32.AIDetect.malware1
Elastic malicious (high confidence)
FireEye Generic.mg.a7e34959537cedd0
CrowdStrike win/malicious_confidence_90% (W)
APEX Malicious
Sophos Generic ML PUA (PUA)
SentinelOne Static AI - Suspicious PE
Microsoft Program:Win32/Wacapew.C!ml
Cynet Malicious (score: 100)
Rising Malware.Heuristic!ET#77% (RDMK:cmRtazr0iyNWZY7fcvuP+43C7ddu)
eGambit Unsafe.AI_Score_65%
Webroot W32.Adware.Gen