popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

dcj83r7fy7328.exe

NPKI Generic Malware Malicious Library UPX Malicious Packer Anti_VM PE64 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 Aug. 9, 2021, 8:42 p.m. Aug. 9, 2021, 8:45 p.m.
Size 6.0MB
Type PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
MD5 86178014e457120d9dc6f6e27453338c
SHA256 d541b9ff1fd68818abd9d0f70966e97beaab82dd6bb32d66566fbd6d657fbfd8
CRC32 E4C213EC
ssdeep 49152:+G6we2P/3W01/65p9CepD70BIme1AWwYg015Y5vl5zytq9oB5JSZZSYu5q01ka2i:+32P/d/s
Yara
  • UPX_Zero - UPX packed file
  • IsPE64 - (no description)
  • Malicious_Packer_Zero - Malicious Packer
  • Generic_Malware_Zero - Generic Malware
  • anti_vm_detect - Possibly employs anti-virtualization techniques
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • NPKI_Zero - File included NPKI

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
164.124.101.2 Active Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section .symtab
Time & API Arguments Status Return Repeated

LdrGetProcedureAddress

 ordinal: 0
function_address: 0x000007feff017a50
function_name: wine_get_version
module: ntdll
module_address: 0x00000000771c0000
-1073741511 0
Lionic Trojan.Win32.Agent.b!c
Elastic malicious (high confidence)
MicroWorld-eScan Trojan.GenericKD.46734996
McAfee Artemis!86178014E457
Cylance Unsafe
Sangfor Trojan.Win32.Agent.tetqvx
K7AntiVirus Trojan ( 0057c5571 )
Alibaba Trojan:Win32/GoCLR.a3a4e2d9
K7GW Trojan ( 0057c5571 )
Arcabit Trojan.Generic.D2C91E94
Symantec Trojan.Gen.2
ESET-NOD32 a variant of WinGo/GoCLR.A
APEX Malicious
ClamAV Win.Malware.Bulz-9847817-0
Kaspersky Trojan-Dropper.Win32.Agent.tetqvx
BitDefender Trojan.GenericKD.46734996
Avast Win64:Trojan-gen
Rising HackTool.GoCLR!1.D71D (CLASSIC)
Ad-Aware Trojan.GenericKD.46734996
Sophos Mal/Generic-S
TrendMicro TROJ_GEN.R002C0WH621
McAfee-GW-Edition BehavesLike.Win64.Generic.vh
FireEye Trojan.GenericKD.46734996
Emsisoft Trojan.GenericKD.46734996 (B)
Ikarus Trojan.CobaltStrike
eGambit Unsafe.AI_Score_100%
Avira HEUR/AGEN.1144117
Microsoft Trojan:Win32/Mamson.A!ac
ZoneAlarm Trojan-Dropper.Win32.Agent.tetqvx
GData Trojan.GenericKD.46734996
Cynet Malicious (score: 100)
AhnLab-V3 Trojan/Win.Generic.R426638
ALYac Trojan.GenericKD.46734996
MAX malware (ai score=83)
VBA32 TrojanDropper.MSIL.Agent
Malwarebytes Malware.AI.2539285101
TrendMicro-HouseCall TROJ_GEN.R002C0WH621
Yandex Trojan.DR.Agent!zJ+7ehHYawY
MaxSecure Trojan.Malware.300983.susgen
Fortinet W64/GoCLR.A!tr
AVG Win64:Trojan-gen
Panda Trj/CI.A
CrowdStrike win/malicious_confidence_60% (W)
Qihoo-360 Win64/TrojanDropper.Generic.H8oADAcA