Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
11.20 09:11
mainbas.bat
11.20 09:11
dll007.dll
11.20 09:11
exe004.exe
11.20 09:11
exe010.exe
11.20 09:11
blecher.exe
11.20 09:11
GetAdapterInfo.exe
11.20 09:11
dll004.dll
11.20 09:11
dll008.dll
11.20 09:11
bestthingsalwaysgetbes...
11.20 09:11
DKM-9067291.pdf.lnk

Latest News
11.20 08:11
6 Common Persistence M...
11.20 07:11
Zimperium Predicts Dat...
11.20 07:11
Black Friday season ha...
11.20 07:11
Ghost Tap: New cash-ou...
11.20 07:11
AI Granny Daisy takes ...
11.20 07:11
heise-Angebot: heise s...
11.20 07:11
Google Chrome: Schwach...
11.20 07:11
Apple Safari, iOS, iPa...
11.20 07:11
[UPDATE] [mittel] Pyth...
11.20 07:11
[UPDATE] [mittel] Open...

Summary | ZeroBOX

_-Name

Malicious Library PE32 PE File

Category	Machine	Started	Completed
FILE	s1_win7_x6403_us	Nov. 10, 2021, 9:50 a.m.	Nov. 10, 2021, 9:52 a.m.

Size	215.0KB
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`d46b39b3c3a6dc15a18e90c0b28d5bc3`
SHA256	`2d40da8ee687152fcb99a36442390885767b667005dba437a79e6d12c91cd7a9`
CRC32	`422A3C50`
ssdeep	`3072:nOFp965ht3hLKKKKKU8AAFTbp8ELQHsoOJNuYnZIWH2qWUwZr+EM4EIGKEc6iZjM:OF5fJXnIZRS5`
PDB Path	C:\dvs\p4\build\sw\rel\gpu_drv\r390\r390_00\drivers\ui\NvSmartMax\NvSmartMaxapp\bin\release\NvSmartMaxApp.pdb
Yara	PE_Header_Zero - PE File Signature IsPE32 - (no description) Malicious_Library_Zero - Malicious_Library

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
164.124.101.2	Active	Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

This executable has a PDB path (1 event)

pdb_path

C:\dvs\p4\build\sw\rel\gpu_drv\r390\r390_00\drivers\ui\NvSmartMax\NvSmartMaxapp\bin\release\NvSmartMaxApp.pdb