Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

Summary | ZeroBOX

vbc.exe

UPX PE32 PE File

Category	Machine	Started	Completed
FILE	s1_win7_x6401	Sept. 24, 2021, 9 a.m.	Sept. 24, 2021, 9:07 a.m.

Size	80.0KB
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`78e101f15647e6c2046aa3af1fc09ee4`
SHA256	`f133a35b19376dbd570fedf093ff823bbf9da0219fe99e3efc5f85637f1f724f`
CRC32	`33D1818F`
ssdeep	`1536:o9B0+KvVRleyFcRVCzGz8wntRDlS2lrJD/:oAXVDdiAOtZlS2LD/`
Yara	UPX_Zero - UPX packed file PE_Header_Zero - PE File Signature IsPE32 - (no description)

vbc.exe "C:\Users\test22\AppData\Local\Temp\vbc.exe"
2332

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
164.124.101.2	Active	Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

The file contains an unknown PE resource name possibly indicative of a packer (1 event)

resource name

CUSTOM

File has been identified by 12 AntiVirus engines on VirusTotal as malicious (12 events)

Bkav	W32.AIDetect.malware2
Elastic	malicious (high confidence)
FireEye	Generic.mg.78e101f15647e6c2
Cylance	Unsafe
ESET-NOD32	a variant of Win32/GenKryptik.FKZN
APEX	Malicious
Kaspersky	UDS:DangerousObject.Multi.Generic
SentinelOne	Static AI - Suspicious PE
MaxSecure	Trojan.Malware.300983.susgen
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
BitDefenderTheta	Gen:NN.ZevbaCO.34170.fm0@aSGQ5XlO
eGambit	Unsafe.AI_Score_99%