popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

cust9.exe

Gen1 Malicious Library ASPack UPX Malicious Packer PE64 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 Oct. 18, 2021, 9:44 a.m. Oct. 18, 2021, 9:44 a.m.
Size 900.5KB
Type PE32+ executable (GUI) x86-64, for MS Windows
MD5 22f5d12116ee1c11f3173f977bafc744
SHA256 fd4d1fc83330c5cf818e557ef882ca147ba98fee4128fe00bda07c6c2f79050a
CRC32 FE5B61A4
ssdeep 12288:Tx1vJopzeLkTqhqeEmC7sOSafaei7fqBHf:3CzIkTgqeEVsOffasF
PDB Path calc.pdb
Yara
  • ASPack_Zero - ASPack packed file
  • Malicious_Packer_Zero - Malicious Packer
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature
  • Win32_Trojan_Gen_2_0904B0_Zero - Win32 Trojan Gen
  • Malicious_Library_Zero - Malicious_Library
  • UPX_Zero - UPX packed file
  • Win32_Trojan_Gen_1_0904B0_Zero - Win32 Trojan Emotet

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

pdb_path calc.pdb
resource name IMAGE
resource name MUI
resource name TXT
resource name WEVT_TEMPLATE
section {u'size_of_data': u'0x0005d200', u'virtual_address': u'0x00087000', u'entropy': 7.551450978760667, u'name': u'.rsrc', u'virtual_size': u'0x0005d104'} entropy 7.55145097876 description A section with a high entropy has been found
entropy 0.414118954975 description Overall entropy of this PE file is high
Lionic Trojan.Win32.Upatre.a!c
Elastic malicious (high confidence)
MicroWorld-eScan Gen:Variant.Mikey.126789
FireEye Gen:Variant.Mikey.126789
McAfee GenericRXAA-FA!22F5D12116EE
Cylance Unsafe
VIPRE Trojan.Win32.Generic!BT
Sangfor Trojan.Win32.Upatre.izhj
CrowdStrike win/malicious_confidence_100% (W)
Alibaba TrojanDownloader:Win32/Upatre.dd17f738
Cyren W64/Upatre.MT.gen!Eldorado
ESET-NOD32 a variant of Win64/TrojanDownloader.Agent.LI
APEX Malicious
Paloalto generic.ml
ClamAV Win.Downloader.Upatre-9880459-0
Kaspersky Trojan-Downloader.Win32.Upatre.izhj
BitDefender Gen:Variant.Mikey.126789
Avast Win64:Malware-gen
Ad-Aware Gen:Variant.Mikey.126789
Emsisoft Gen:Variant.Mikey.126789 (B)
TrendMicro TROJ_FRS.0NA103JH21
McAfee-GW-Edition BehavesLike.Win64.Rootkit.dh
Sophos Mal/Generic-S
Webroot W32.Malware.Gen
Avira TR/YAV.Minerva.xjudi
MAX malware (ai score=100)
Kingsoft Win32.Troj.Generic_a.a.(kcloud)
Gridinsoft Trojan.Win64.Downloader.vb
Microsoft Trojan:Script/Phonzy.B!ml
GData Gen:Variant.Mikey.126789
Cynet Malicious (score: 100)
AhnLab-V3 Trojan/Win.Upatre.C4584867
ALYac Gen:Variant.Mikey.126789
Malwarebytes Spyware.PasswordStealer
TrendMicro-HouseCall TROJ_FRS.0NA103JH21
Tencent Win32.Trojan-downloader.Upatre.Hsiv
Ikarus Trojan-Downloader.Win64.Agent
Fortinet W64/Agent.LI!tr.dldr
AVG Win64:Malware-gen
Panda Trj/CI.A
MaxSecure Trojan.Malware.120334419.susgen