popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

lol.exe

UPX PE64 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6402 Oct. 13, 2021, 7:42 p.m. Oct. 13, 2021, 7:45 p.m.
Size 4.4MB
Type PE32+ executable (console) x86-64, for MS Windows
MD5 57d14b0c79cc490a7c5511b6600976dc
SHA256 8b013143e211b4a6d40fae6b44fed792bbb2857ebfc2b5e0fff383d183f93f67
CRC32 8B51FDE8
ssdeep 98304:O33c4mPCbBr/y6Shf8tH3iT0/UNlwgOw5alXOm/+w/A6irhLdNqZ/N:kc4UCl/YfZ4/UNmg/5I/0rhL6T
Yara
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature
  • UPX_Zero - UPX packed file

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
164.124.101.2 Active Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section {u'size_of_data': u'0x0046f800', u'virtual_address': u'0x01e4c000', u'entropy': 7.999946112084802, u'name': u'UPX1', u'virtual_size': u'0x00470000'} entropy 7.99994611208 description A section with a high entropy has been found
entropy 0.999669858039 description Overall entropy of this PE file is high
section UPX0 description Section name indicates UPX
section UPX1 description Section name indicates UPX
Lionic Riskware.Win32.CoinMiner.1!c
Elastic malicious (high confidence)
MicroWorld-eScan Trojan.GenericKD.46628170
FireEye Trojan.GenericKD.46628170
CAT-QuickHeal Trojan.CoinMiner
ALYac Trojan.GenericKD.46628170
Cylance Unsafe
Zillya Tool.CoinMiner.Win32.113
Sangfor Trojan.Win32.Save.a
K7AntiVirus Adware ( 00576ae61 )
Alibaba RiskWare:Win64/Miners.dd3721db
K7GW Adware ( 00576ae61 )
Cyren W64/Trojan.MHFI-0524
Symantec Trojan.Gen.MBT
ESET-NOD32 a variant of Win64/CoinMiner.PM potentially unwanted
TrendMicro-HouseCall TROJ_GEN.R023H0CGC21
Kaspersky not-a-virus:HEUR:RiskTool.Win32.CoinMiner.gen
BitDefender Trojan.GenericKD.46628170
Avast FileRepMalware [PUP]
Ad-Aware Trojan.GenericKD.46628170
Emsisoft Application.Miner (A)
Comodo ApplicUnwnt@#ke2es169u7t9
VIPRE Trojan.Win32.Generic!BT
McAfee-GW-Edition Artemis!PUP
Sophos Generic PUA BP (PUA)
SentinelOne Static AI - Malicious PE
Jiangmin RiskTool.CoinMiner.jt
Webroot W32.Coinminer
Avira PUA/CoinMiner.Gen
MAX malware (ai score=85)
Gridinsoft Trojan.CoinMiner.dd!c
ViRobot Adware.Coinminer.4662032
GData Trojan.GenericKD.46628170
Cynet Malicious (score: 99)
AhnLab-V3 Win-Trojan/Miner3.Exp
McAfee Artemis!57D14B0C79CC
Malwarebytes RiskWare.BitCoinMiner
APEX Malicious
Ikarus PUA.CoinMiner
MaxSecure Trojan.Malware.83730805.susgen
Fortinet Riskware/Miner
AVG FileRepMalware [PUP]
Panda Trj/CI.A