popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

vbc.exe

Malicious Library UPX PE32 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 Oct. 15, 2021, 9:37 a.m. Oct. 15, 2021, 9:54 a.m.
Size 794.5KB
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 f11ebc7e0b269ee17f61f7a4ab4ce9ec
SHA256 3490cb5fd9a372722f95ed69c41e23d5cd274ce6b3c024ec1731962a380409d6
CRC32 7012078C
ssdeep 12288:ZV17shYPLAsHSU8Qrn47tremr8bP/xz4Hr6+MBtI+BfZ8fQO:ZfwYxHSyMreg0P94HOtBZ8I
Yara
  • PE_Header_Zero - PE File Signature
  • UPX_Zero - UPX packed file
  • IsPE32 - (no description)
  • Malicious_Library_Zero - Malicious_Library

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
164.124.101.2 Active Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section CODE
section DATA
section BSS
packer BobSoft Mini Delphi -> BoB / BobSoft
Sangfor Trojan.Win32.Save.a
BitDefenderTheta Gen:NN.ZelphiCO.34218.XGW@aGcUbUpi
Cyren W32/Injector.AMR.gen!Eldorado
ESET-NOD32 a variant of Win32/Injector.EQAC
APEX Malicious
Kaspersky UDS:DangerousObject.Multi.Generic
SentinelOne Static AI - Suspicious PE
eGambit Unsafe.AI_Score_77%
Cynet Malicious (score: 100)
VBA32 BScope.TrojanSpy.Noon
Malwarebytes Malware.AI.573117890
Ikarus Trojan.Win32.Injector
MaxSecure Trojan.Malware.300983.susgen
Fortinet W32/Injector.EQAC!tr