Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
11.20 09:11
mainbas.bat
11.20 09:11
dll007.dll
11.20 09:11
exe004.exe
11.20 09:11
exe010.exe
11.20 09:11
blecher.exe
11.20 09:11
GetAdapterInfo.exe
11.20 09:11
dll004.dll
11.20 09:11
dll008.dll
11.20 09:11
bestthingsalwaysgetbes...
11.20 09:11
DKM-9067291.pdf.lnk

Latest News
11.21 02:11
Detecting Pacific Rim ...
11.21 02:11
Senate Hearing Highlig...
11.21 02:11
Over 21K Equinox patie...
11.21 02:11
Misconfigured Jupyter ...
11.21 02:11
Meow, INC Ransom gangs...
11.21 02:11
Alleged Finastra breac...
11.21 02:11
Progress Kemp LoadMast...
11.21 02:11
GAO finds gaps in TSA'...
11.21 02:11
IT Sicherheitsnews stü...
11.21 02:11
Don't Get In the Way o...

Summary | ZeroBOX

Chia.exe

UPX Malicious Library OS Processor Check PE32 PE File

Category	Machine	Started	Completed
FILE	s1_win7_x6401	Nov. 18, 2021, 2:25 p.m.	Nov. 18, 2021, 2:27 p.m.

Size	280.0KB
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`902c73e20846823545f0e59b30f17013`
SHA256	`78a9962f22dee045e34d2e2259348d84b12e31a3fb5fa85f402bce9c91d08274`
CRC32	`809D7E24`
ssdeep	`3072:YZzaqLh5m21b4n86fZHi8c62bdq32BsWtEGwF4JOAg0FuDTT6EYuHPZlEmMUYC:YZzvhs2Z4n1E7g34XtVYAOfTdYGUNUZ`
PDB Path	C:\Users\ani\code\squirrel\squirrel.windows\build\Release\Win32\StubExecutable.pdb
Yara	PE_Header_Zero - PE File Signature OS_Processor_Check_Zero - OS Processor Check IsPE32 - (no description) Win32_Trojan_Gen_2_0904B0_Zero - Win32 Trojan Gen Malicious_Library_Zero - Malicious_Library UPX_Zero - UPX packed file

Chia.exe "C:\Users\test22\AppData\Local\Temp\Chia.exe"
2764

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

This executable has a PDB path (1 event)

pdb_path

C:\Users\ani\code\squirrel\squirrel.windows\build\Release\Win32\StubExecutable.pdb

One or more processes crashed (1 event)

Time & API	Arguments	Status	Return	Repeated
__exception__ Nov. 18, 2021, 2:25 p.m.	stacktrace: chia+0x4a3c @ 0xc74a3c chia+0x43ab @ 0xc743ab chia+0x481f @ 0xc7481f chia+0x87a7 @ 0xc787a7 BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x766e33ca RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x77679ed2 RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x77679ea5 exception.instruction_r: 66 8b 02 83 c2 02 66 85 c0 75 f5 2b d6 d1 fa 52 exception.symbol: chia+0x49a3 exception.instruction: mov ax, word ptr [edx] exception.module: Chia.exe exception.exception_code: 0xc0000005 exception.offset: 18851 exception.address: 0xc749a3 registers.esp: 3143040 registers.edi: 3144220 registers.eax: 0 registers.ebp: 3143044 registers.edx: 0 registers.ebx: 4294967295 registers.esi: 2 registers.ecx: 3144220	1	0	0