popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

GetFile2

Generic Malware UPX .NET DLL PE File DLL PE32
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6402 Aug. 13, 2021, 8:01 p.m. Aug. 13, 2021, 8:12 p.m.
Size 1.4MB
Type PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 bebccbf007e6833633716dd855003acf
SHA256 9465d1ee02521fdd0d1be313df401af7734a858c164e4eae77d6c85398e339eb
CRC32 8E3392A5
ssdeep 24576:ImvIEbLo3DGUEPQpRuAuaMNOvrF34C4wwRKADtJWMeTO5j:7vIzDVfuOvFkhDtJWMqO5j
Yara
  • Generic_Malware_Zero - Generic Malware
  • IsDLL - (no description)
  • Is_DotNET_DLL - (no description)
  • UPX_Zero - UPX packed file
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • Win_Backdoor_AsyncRAT_Zero - Win Backdoor AsyncRAT

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
103.229.126.73 Active Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section {u'size_of_data': u'0x00159e00', u'virtual_address': u'0x00002000', u'entropy': 7.537782530743353, u'name': u'.text', u'virtual_size': u'0x00159d88'} entropy 7.53778253074 description A section with a high entropy has been found
entropy 0.998916967509 description Overall entropy of this PE file is high
host 103.229.126.73
Lionic Trojan.MSIL.Agent.4!c
McAfee Artemis!BEBCCBF007E6
Arcabit Trojan.Bulz.D91819
Kaspersky HEUR:Trojan.MSIL.Agent.gen
BitDefender Gen:Variant.Bulz.595993
MicroWorld-eScan Gen:Variant.Bulz.595993
Avast Win32:MalwareX-gen [Trj]
Ad-Aware Gen:Variant.Bulz.595993
FireEye Gen:Variant.Bulz.595993
Emsisoft Gen:Variant.Bulz.595993 (B)
Kingsoft Win32.Troj.Undef.(kcloud)
Microsoft Trojan:Win32/Sabsik.FL.B!ml
GData Gen:Variant.Bulz.595993
ALYac Gen:Variant.Bulz.595993
MAX malware (ai score=81)
Tencent Msil.Trojan.Agent.Pjxk
Fortinet W32/Agent!tr
AVG Win32:MalwareX-gen [Trj]
Qihoo-360 Win32/Trojan.Generic.HgkASaQA