popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

wget.exe

Malicious Library PE64 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6402 Sept. 2, 2021, 11:09 a.m. Sept. 2, 2021, 11:15 a.m.
Size 2.1MB
Type PE32+ executable (console) x86-64, for MS Windows
MD5 a445cf765b601d2a815968b623823088
SHA256 26af39550affc09be4ddb80a2b7a0ff2888227e9993751bd9ac8460656b56e85
CRC32 26BDBA4F
ssdeep 49152:ipHfJrUWHOGEm5B/1iBcXGxlIzrLxMLy//tUcgtzGRC1GbR0MNUO6KUjFHd4uY:ipHfJrfuGEmb1iBcIlSLeO/7mzGRC19O
Yara
  • PE_Header_Zero - PE File Signature
  • IsPE64 - (no description)
  • Malicious_Library_Zero - Malicious_Library

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

CrowdStrike win/malicious_confidence_80% (W)
APEX Malicious
Cynet Malicious (score: 100)
Sophos Generic ML PUA (PUA)
McAfee-GW-Edition BehavesLike.Win64.Trickbot.vc
FireEye Generic.mg.a445cf765b601d2a
McAfee Artemis!A445CF765B60
section {u'size_of_data': u'0x0020fa00', u'virtual_address': u'0x002cf000', u'entropy': 7.944117495143957, u'name': u'UPX1', u'virtual_size': u'0x00210000'} entropy 7.94411749514 description A section with a high entropy has been found
entropy 0.999526403031 description Overall entropy of this PE file is high
section UPX0 description Section name indicates UPX
section UPX1 description Section name indicates UPX
section UPX2 description Section name indicates UPX