popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

iTV.exe

OS Processor Check PE32 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 June 24, 2021, 7:26 p.m. June 24, 2021, 7:28 p.m.
Size 859.5KB
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 2a270d6a0d77fd1e12f813c8f8661e86
SHA256 df756941e80feb206d83104d332b3546982a2c49a5dd9de78b960368a14be573
CRC32 1E17AA3B
ssdeep 12288:ojABXv+PHDjGgbDvvLcK1RZBoQ/30m7arxcK:osh+PegbD3PRLB/0xcK
Yara
  • PE_Header_Zero - PE File Signature
  • OS_Processor_Check_Zero - OS Processor Check
  • IsPE32 - (no description)

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

resource name GIF
resource name MENUICONS
resource name TEXT
resource name WAVE
section {u'size_of_data': u'0x00079000', u'virtual_address': u'0x000fc000', u'entropy': 7.405879234197121, u'name': u'.rsrc', u'virtual_size': u'0x00078e7c'} entropy 7.4058792342 description A section with a high entropy has been found
entropy 0.563774024461 description Overall entropy of this PE file is high
Bkav W32.AIDetect.malware2
Cylance Unsafe
APEX Malicious
Paloalto generic.ml
McAfee-GW-Edition GenericRXIL-PF!2A270D6A0D77
Gridinsoft Trojan.Win32.Downloader.sa
McAfee GenericRXIL-PF!2A270D6A0D77
VBA32 suspected of Trojan.Downloader.gen
Malwarebytes MachineLearning/Anomalous.94%
TrendMicro-HouseCall TROJ_GEN.R002H06FF21
Rising Malware.Heuristic!ET#96% (RDMK:cmRtazqxU2Ld1v7FkGy8KfzSmmn0)
Ikarus Trojan-Dropper.Agent
Fortinet W32/PossibleThreat