popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

DiIGFbP6W.php

PE32 PE File DLL
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 July 3, 2021, 9:39 a.m. July 3, 2021, 9:39 a.m.
Size 188.5KB
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 ac34aeef6269a81bbf30358a50b4d8ea
SHA256 1b9f7bc405caf49359189d0ff88232f318ba950b42b9aa480267adf3b14d8a84
CRC32 E6DB3D11
ssdeep 3072:Tt1lNCvWNelQk0wvfKG+wiDYdgmoZQBmPjcicIPcXpzpx/ttr1A:Tt1/IcwdTiDYdgSUPQicIIpzpxFtr1
Yara
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
  • IsPE32 - (no description)

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section {u'size_of_data': u'0x00021600', u'virtual_address': u'0x00007000', u'entropy': 7.703278982621209, u'name': u'.rdata', u'virtual_size': u'0x000216c5'} entropy 7.70327898262 description A section with a high entropy has been found
section {u'size_of_data': u'0x00006c00', u'virtual_address': u'0x00029000', u'entropy': 6.908210905860067, u'name': u'.data', u'virtual_size': u'0x00008e04'} entropy 6.90821090586 description A section with a high entropy has been found
entropy 0.856 description Overall entropy of this PE file is high
Bkav W32.AIDetect.malware1
Elastic malicious (high confidence)
Cylance Unsafe
Sangfor Trojan.Win32.Save.a
CrowdStrike win/malicious_confidence_100% (D)
Symantec ML.Attribute.HighConfidence
APEX Malicious
NANO-Antivirus Virus.Win32.Gen.ccmw
FireEye Generic.mg.ac34aeef6269a81b
SentinelOne Static AI - Suspicious PE
Cynet Malicious (score: 100)
Acronis suspicious
BitDefenderTheta Gen:NN.ZedlaF.34790.lu8@amybSnei
Ikarus Trojan-Banker.Dridex
Fortinet W32/Dridex.2E68!tr
Qihoo-360 HEUR/QVM40.1.513B.Malware.Gen