popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

t-rex.exe

Malicious Library PE64 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 Nov. 18, 2021, 1:01 p.m. Nov. 18, 2021, 1:01 p.m.
Size 20.4MB
Type PE32+ executable (console) x86-64, for MS Windows
MD5 d8a71db524074bb8b29928c141a570f9
SHA256 fe6b59e531ad6f04499fade069dc3551fb13cf58334682ecdcbdc64f1b14c592
CRC32 388AC570
ssdeep 393216:NGL0S0LUne01kvC+ah0TVhy5xeBBq3/K8WwdztFbpBSD5pHtb:NGL0S0onde8YVhy5E43/K5wfFbpE5L
Yara
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature
  • Malicious_Library_Zero - Malicious_Library

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section _RDATA
section .w0r0
section .w0r1
section {u'size_of_data': u'0x0144f600', u'virtual_address': u'0x02f5e000', u'entropy': 7.989426218573199, u'name': u'.w0r1', u'virtual_size': u'0x0144f584'} entropy 7.98942621857 description A section with a high entropy has been found
entropy 0.996741031847 description Overall entropy of this PE file is high
Lionic Trojan.Win64.Miner.4!c
Elastic malicious (high confidence)
MicroWorld-eScan Gen:Variant.Application.Razy.866081
FireEye Generic.mg.d8a71db524074bb8
CAT-QuickHeal Trojan.CoinMiner
ALYac Gen:Variant.Application.Razy.866081
Cylance Unsafe
Zillya Trojan.Miner.Win64.3412
Sangfor PUP.Win32.Razy.866081
K7AntiVirus Adware ( 005300251 )
K7GW Adware ( 005300251 )
Cyren W64/Trojan.AWWW-5253
Symantec Miner.Bitcoinminer
ESET-NOD32 a variant of Win64/CoinMiner.IZ potentially unwanted
TrendMicro-HouseCall TROJ_GEN.R002C0WE321
Paloalto generic.ml
BitDefender Gen:Variant.Application.Razy.866081
NANO-Antivirus Trojan.Win64.CoinMiner.ivfkrz
Avast Win64:Malware-gen
Ad-Aware Gen:Variant.Application.Razy.866081
Emsisoft Gen:Variant.Application.Razy.866081 (B)
Comodo ApplicUnwnt@#2v9rrkre0xlmx
VIPRE Trojan.Win32.Generic!BT
TrendMicro TROJ_GEN.R002C0WE321
McAfee-GW-Edition Artemis
SentinelOne Static AI - Suspicious PE
Sophos XMRig Miner (PUA)
Webroot W32.Adware.Gen
Antiy-AVL Trojan/Generic.ASMalwS.3324402
Gridinsoft Trojan.Win64.CoinMiner.vb
Arcabit Trojan.Application.Razy.DD3721
GData Gen:Variant.Application.Razy.866081
AhnLab-V3 CoinMiner/Win.TRexMiner.R419169
McAfee Artemis!D8A71DB52407
VBA32 Trojan.Win64.Miner
Malwarebytes RiskWare.BitCoinMiner
APEX Malicious
Tencent Win64.Trojan.Miner.Wtdn
Yandex Trojan.Miner!KFRYSrJD520
MAX malware (ai score=75)
MaxSecure Trojan.Malware.117263082.susgen
Fortinet Adware/Miner
AVG Win64:Malware-gen
Panda Trj/CI.A