popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

RunPE.dll

Generic Malware Malicious Packer .NET DLL PE File DLL PE32
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 Oct. 18, 2021, 5:53 p.m. Oct. 18, 2021, 5:53 p.m.
Size 66.5KB
Type PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 ef4602191703199ba701c12b66971c73
SHA256 7131e28cfb0c6c8f4a68b23eebf176be806cefe7ab402326fb6346ce2409b988
CRC32 44FA78EA
ssdeep 768:nkbYeMj4v1GLV9jPC3YHIDAyizxGIX2d+uxWvJt7uzPd20jmVOqE2Gqq:Lv0v1+V563IywrX2dhsvJt7uzPd2cSq
PDB Path RunPE.pdb
Yara
  • Malicious_Packer_Zero - Malicious Packer
  • PE_Header_Zero - PE File Signature
  • Generic_Malware_Zero - Generic Malware
  • IsPE32 - (no description)
  • Is_DotNET_DLL - (no description)
  • IsDLL - (no description)
  • Win_Backdoor_AsyncRAT_Zero - Win Backdoor AsyncRAT

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

pdb_path RunPE.pdb
MicroWorld-eScan Gen:Variant.Cerbu.116002
ALYac Gen:Variant.Cerbu.116002
Malwarebytes Trojan.Injector.MSIL
Sangfor Suspicious.Win32.Save.a
K7AntiVirus Trojan ( 004de2651 )
K7GW Trojan ( 004de2651 )
CrowdStrike win/malicious_confidence_60% (D)
Arcabit Trojan.Cerbu.D1C522
ESET-NOD32 a variant of MSIL/Injector.VSB
APEX Malicious
Kaspersky HEUR:Trojan.MSIL.Agent.gen
BitDefender Gen:Variant.Cerbu.116002
Avast Win32:InjectorX-gen [Trj]
Ad-Aware Gen:Variant.Cerbu.116002
FireEye Gen:Variant.Cerbu.116002
Emsisoft Gen:Variant.Cerbu.116002 (B)
SentinelOne Static AI - Malicious PE
GData Gen:Variant.Cerbu.116002
Cynet Malicious (score: 100)
MAX malware (ai score=81)
AVG Win32:InjectorX-gen [Trj]