popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

csrss.exe

Generic Malware PWS PE32 .NET EXE PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6403_us Nov. 2, 2021, 7:45 a.m. Nov. 2, 2021, 7:46 a.m.
Size 486.5KB
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 c49da1c22e3983feb875ac2ba5e5188e
SHA256 f4836d7f1e0a6aea620b727084a620cca0f10819eb6b8646fa5b450a571fef19
CRC32 C6074E6A
ssdeep 12288:W78H19zkeTllat9YefaqECSknu+Fqpm1HS0ke:Hz3Ti5bTZT1HS0ke
Yara
  • PE_Header_Zero - PE File Signature
  • Generic_Malware_Zero - Generic Malware
  • IsPE32 - (no description)
  • Is_DotNET_EXE - (no description)
  • Win_Backdoor_AsyncRAT_Zero - Win Backdoor AsyncRAT
  • Win32_Trojan_PWS_Net_1_Zero - Win32 Trojan PWS .NET Azorult

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section {u'size_of_data': u'0x00078e00', u'virtual_address': u'0x00002000', u'entropy': 7.510717099702522, u'name': u'.text', u'virtual_size': u'0x00078df4'} entropy 7.5107170997 description A section with a high entropy has been found
entropy 0.994855967078 description Overall entropy of this PE file is high
Elastic malicious (high confidence)
DrWeb Trojan.Inject4.18180
MicroWorld-eScan Trojan.GenericKDZ.79499
FireEye Trojan.GenericKDZ.79499
McAfee Artemis!C49DA1C22E39
Cylance Unsafe
Sangfor Suspicious.Win32.Save.a
K7GW Trojan ( 00589bed1 )
Cybereason malicious.8101ae
BitDefenderTheta Gen:NN.ZemsilF.34236.Em0@au8ZY7h
Cyren W32/MSIL_Kryptik.FZT.gen!Eldorado
Symantec MSIL.Packed.19
ESET-NOD32 a variant of MSIL/Kryptik.ADIU
APEX Malicious
Paloalto generic.ml
Kaspersky HEUR:Trojan-PSW.MSIL.Agensla.gen
BitDefender Trojan.GenericKDZ.79499
Avast Win32:MalwareX-gen [Trj]
Ad-Aware Trojan.GenericKDZ.79499
TrendMicro TROJ_FRS.VSNW01K21
Emsisoft Trojan.Crypt (A)
SentinelOne Static AI - Malicious PE
Webroot W32.Malware.Gen
MAX malware (ai score=81)
Kingsoft Win32.PSWTroj.Undef.(kcloud)
Microsoft Trojan:Win32/Woreflint.A!cl
GData Win32.Trojan-Stealer.LokiBot.VCVKDU
Cynet Malicious (score: 100)
Malwarebytes Malware.AI.93142303
Ikarus Win32.Outbreak
Fortinet MSIL/Tesla.FIVJ!tr
AVG Win32:MalwareX-gen [Trj]
Panda Trj/GdSda.A
CrowdStrike win/malicious_confidence_90% (W)