popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

c.1x

OS Processor Check PE32 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 June 24, 2021, 11:49 p.m. June 25, 2021, 12:09 a.m.
Size 303.8KB
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 e0da003c129a2b3d91e459c732290418
SHA256 710f00304004fe991c085c99ef5f98558bb5ef145aa5c0855ce2c0e091aa4743
CRC32 8BA6F648
ssdeep 6144:aCjat9IUJkIFBHUq1Z/N1MSg+qYrFl5xMLWK5+2X3RteQchn8xLLRbYPIH50nrT6:au7UqIFBHmyARbYpru
PDB Path C:\C\C3\Release\C3.pdb
Yara
  • PE_Header_Zero - PE File Signature
  • OS_Processor_Check_Zero - OS Processor Check
  • IsPE32 - (no description)

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
164.124.101.2 Active Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

pdb_path C:\C\C3\Release\C3.pdb
section {u'size_of_data': u'0x0003d600', u'virtual_address': u'0x0000f000', u'entropy': 7.000639699363022, u'name': u'.rsrc', u'virtual_size': u'0x0003d460'} entropy 7.00063969936 description A section with a high entropy has been found
entropy 0.814262023217 description Overall entropy of this PE file is high