popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

customer51.exe

Gen1 UPX ASPack Malicious Library Malicious Packer PE64 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 Oct. 14, 2021, 9:35 a.m. Oct. 14, 2021, 9:44 a.m.
Size 900.5KB
Type PE32+ executable (GUI) x86-64, for MS Windows
MD5 a9839b4f10ea05da06ec589d17a59fc5
SHA256 251afdb3a2308448c714542afc58750eaa398a293290cbd62ea10e7f4e491f6b
CRC32 965E597E
ssdeep 12288:jx1vJopzeLkTqhqeEmC7sOSaf1ei7fqJHf:HCzIkTgqeEVsOff1sd
PDB Path calc.pdb
Yara
  • ASPack_Zero - ASPack packed file
  • Malicious_Packer_Zero - Malicious Packer
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature
  • UPX_Zero - UPX packed file
  • Win32_Trojan_Gen_2_0904B0_Zero - Win32 Trojan Gen
  • Malicious_Library_Zero - Malicious_Library
  • Win32_Trojan_Gen_1_0904B0_Zero - Win32 Trojan Emotet

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

pdb_path calc.pdb
resource name IMAGE
resource name MUI
resource name TXT
resource name WEVT_TEMPLATE
section {u'size_of_data': u'0x0005d200', u'virtual_address': u'0x00087000', u'entropy': 7.551460250209399, u'name': u'.rsrc', u'virtual_size': u'0x0005d108'} entropy 7.55146025021 description A section with a high entropy has been found
entropy 0.414118954975 description Overall entropy of this PE file is high
Elastic malicious (high confidence)
MicroWorld-eScan Gen:Variant.Mikey.126789
FireEye Gen:Variant.Mikey.126789
McAfee GenericRXAA-FA!A9839B4F10EA
Cylance Unsafe
Cyren W64/Upatre.MT.gen!Eldorado
ESET-NOD32 a variant of Win64/TrojanDownloader.Agent.LI
APEX Malicious
Paloalto generic.ml
ClamAV Win.Downloader.Upatre-9880459-0
Kaspersky Trojan-Downloader.Win32.Upatre.izhi
BitDefender Gen:Variant.Mikey.126789
Avast Win64:Malware-gen
Tencent Win32.Trojan-downloader.Upatre.Lnxr
Ad-Aware Gen:Variant.Mikey.126789
Sophos Mal/Generic-S
VIPRE Trojan.Win32.Generic!BT
McAfee-GW-Edition BehavesLike.Win64.Rootkit.dh
Emsisoft Gen:Variant.Mikey.126789 (B)
Ikarus Trojan-Downloader.Win64.Agent
Avira TR/YAV.Minerva.inphn
MAX malware (ai score=89)
Kingsoft Win32.Troj.Generic_a.a.(kcloud)
Microsoft Trojan:Win32/Sabsik.FL.B!ml
ZoneAlarm Trojan-Downloader.Win32.Upatre.izhi
GData Gen:Variant.Mikey.126789
Cynet Malicious (score: 100)
AhnLab-V3 Trojan/Win.Upatre.C4584867
ALYac Gen:Variant.Mikey.126789
Malwarebytes Spyware.PasswordStealer
AVG Win64:Malware-gen
Panda Trj/CI.A
MaxSecure Trojan.Malware.120214328.susgen