popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

customer8.exe

Gen1 Malicious Library ASPack UPX Malicious Packer PE64 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6402 Oct. 18, 2021, 9:44 a.m. Oct. 18, 2021, 9:47 a.m.
Size 900.5KB
Type PE32+ executable (GUI) x86-64, for MS Windows
MD5 0d00d5fc759ec02252080b3906e3f1cf
SHA256 5fc07812cd80bb4273446753112cac81eef82e13b51a00f9d6f918833b539cc2
CRC32 2B99703E
ssdeep 12288:jx1vJopzeLkTqhqeEmC7sOSafeei7fq/Hf:HCzIkTgqeEVsOffesP
PDB Path calc.pdb
Yara
  • ASPack_Zero - ASPack packed file
  • Malicious_Packer_Zero - Malicious Packer
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature
  • Win32_Trojan_Gen_2_0904B0_Zero - Win32 Trojan Gen
  • Malicious_Library_Zero - Malicious_Library
  • UPX_Zero - UPX packed file
  • Win32_Trojan_Gen_1_0904B0_Zero - Win32 Trojan Emotet

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

pdb_path calc.pdb
resource name IMAGE
resource name MUI
resource name TXT
resource name WEVT_TEMPLATE
section {u'size_of_data': u'0x0005d200', u'virtual_address': u'0x00087000', u'entropy': 7.55145974855764, u'name': u'.rsrc', u'virtual_size': u'0x0005d108'} entropy 7.55145974856 description A section with a high entropy has been found
entropy 0.414118954975 description Overall entropy of this PE file is high
Lionic Trojan.Win32.Upatre.a!c
Elastic malicious (high confidence)
Cynet Malicious (score: 100)
McAfee GenericRXAA-FA!0D00D5FC759E
Cylance Unsafe
Sangfor Trojan.Win32.Upatre.izhi
Alibaba TrojanDownloader:Win64/Minerva.6d7e7dae
Arcabit Trojan.Mikey.D1EF45
Cyren W64/Upatre.MT.gen!Eldorado
Symantec Trojan.Gen.MBT
ESET-NOD32 a variant of Win64/TrojanDownloader.Agent.LI
APEX Malicious
ClamAV Win.Downloader.Upatre-9880459-0
Kaspersky Trojan-Downloader.Win32.Upatre.izhi
BitDefender Gen:Variant.Mikey.126789
MicroWorld-eScan Gen:Variant.Mikey.126789
Avast Win64:Malware-gen
Ad-Aware Gen:Variant.Mikey.126789
VIPRE Trojan.Win32.Generic!BT
FireEye Gen:Variant.Mikey.126789
Emsisoft Gen:Variant.Mikey.126789 (B)
Ikarus Win32.Outbreak
Avira TR/YAV.Minerva.inphn
MAX malware (ai score=100)
Kingsoft Win32.Troj.Generic_a.a.(kcloud)
Microsoft Trojan:Script/Phonzy.A!ml
GData Gen:Variant.Mikey.126789
AhnLab-V3 Trojan/Win.Upatre.C4584867
ALYac Gen:Variant.Mikey.126789
Malwarebytes Spyware.PasswordStealer
Fortinet W64/Agent.LI!tr.dldr
AVG Win64:Malware-gen
MaxSecure Trojan.Malware.120214328.susgen