Summary | ZeroBOX

PURCHASE ORDER AZAS112.xls.xll

Generic Malware UPX Malicious Library PE64 PE File DLL OS Processor Check
Category Machine Started Completed
FILE s1_win7_x6401 Aug. 3, 2021, 10:02 a.m. Aug. 3, 2021, 10:02 a.m.
Size 880.0KB
Type PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5 4ebc548df517cae4c7e3122e9c75ede6
SHA256 6c67e1ccf77b872b1f3cf257a257d75c4995dc079945080f578b51357ccdbe55
CRC32 068AF1E2
ssdeep 24576:/zbGHAzHAjX1BcLgtBoKF0KihRPX0qFNE:/ziHILEV6Fm
PDB Path C:\Work\Excel-DNA\ExcelDna\Source\ExcelDna\Release64\ExcelDna64.pdb
Yara
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature
  • OS_Processor_Check_Zero - OS Processor Check
  • Generic_Malware_Zero - Generic Malware
  • IsDLL - (no description)
  • UPX_Zero - UPX packed file
  • Malicious_Library_Zero - Malicious_Library

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

pdb_path C:\Work\Excel-DNA\ExcelDna\Source\ExcelDna\Release64\ExcelDna64.pdb
section .gfids
resource name ASSEMBLY
resource name ASSEMBLY_LZMA
resource name DNA
section {u'size_of_data': u'0x0007d400', u'virtual_address': u'0x00077000', u'entropy': 7.784454562905535, u'name': u'.rsrc', u'virtual_size': u'0x0007d288'} entropy 7.78445456291 description A section with a high entropy has been found
entropy 0.569965870307 description Overall entropy of this PE file is high
Lionic Trojan.MSIL.Agent.4!c
Cynet Malicious (score: 100)
McAfee RDN/GenericU
Zillya Trojan.Crypt.Win32.60233
Alibaba Trojan:MSIL/Generic.8233a704
Cyren W64/Trojan.CYRJ-7702
Symantec Trojan.Gen.MBT
Kaspersky HEUR:Trojan.MSIL.Agent.gen
Avast Win64:Malware-gen
TrendMicro TROJ_FRS.VSNTH221
McAfee-GW-Edition BehavesLike.Win64.Trojan.cc
Jiangmin Trojan.MSIL.aeqed
Webroot W32.Adware.Gen
Kingsoft Win32.Troj.Undef.(kcloud)
Gridinsoft Trojan.Win64.Agent.oa!s1
Microsoft Trojan:Win32/Woreflint.A!cl
TrendMicro-HouseCall TROJ_FRS.VSNTH221
Yandex Trojan.DOTHETUK!59xMQMvn7qc
Fortinet W32/Agent!tr
AVG Win64:Malware-gen
Qihoo-360 Win64/Trojan.Generic.HggASZkA