popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

md5list.exe

PE32 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6402 June 25, 2021, 12:15 a.m. June 25, 2021, 12:19 a.m.
Size 80.5KB
Type PE32 executable (console) Intel 80386, for MS Windows, UPX compressed
MD5 61ff50d7c66468a4770076f26e7ac115
SHA256 3e7d2b22194b2b351dfe4e6775ff3082316d37d3f9b10d29dd59c63f89177265
CRC32 101593B8
ssdeep 1536:kJsvN3hQl7yQobBS7egg35ncIsHPJIasIabHfRNMqXO4g4039Lwr9xYUYRlMtoOM:kJsvJhQJyQooucIsHPSb5NnXO4RS9LwI
Yara
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
172.217.25.14 Active Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Time & API Arguments Status Return Repeated

WriteConsoleA

 buffer: dir not found: data!!!
console_handle: 0x00000007
1 1 0
section {u'size_of_data': u'0x00013a00', u'virtual_address': u'0x0001c000', u'entropy': 7.916830087670164, u'name': u'UPX1', u'virtual_size': u'0x00014000'} entropy 7.91683008767 description A section with a high entropy has been found
entropy 0.987421383648 description Overall entropy of this PE file is high
section UPX0 description Section name indicates UPX
section UPX1 description Section name indicates UPX
host 172.217.25.14