popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

nazi.exe

Generic Malware PE64 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6403_us Jan. 20, 2022, 10:30 a.m. Jan. 20, 2022, 10:32 a.m.
Size 2.4MB
Type PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
MD5 2559e97c13e731d9f37b1630dff2bb1e
SHA256 d71902d94f791bc465df2e02f65b2c45f1abce409d173a040df1dcdb64e5d2f7
CRC32 6D5ECCDE
ssdeep 49152:lU28piw00iECfC7lHkp+yDMI34iy10D8TNfqDxOTV8IV3Uov1lz3:dwuwTrx0OJ8IR31l
Yara
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature
  • Generic_Malware_Zero - Generic Malware

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
167.114.114.169 Active Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section {u'size_of_data': u'0x00259600', u'virtual_address': u'0x00002000', u'entropy': 7.99990855966083, u'name': u'.rdata', u'virtual_size': u'0x0025956e'} entropy 7.99990855966 description A section with a high entropy has been found
entropy 0.998132780083 description Overall entropy of this PE file is high
host 167.114.114.169
Lionic Trojan.Win64.Donut.4!c
Elastic malicious (high confidence)
DrWeb Trojan.Inject4.24705
MicroWorld-eScan Gen:Variant.Semper.Agent.3
FireEye Generic.mg.2559e97c13e731d9
McAfee Agent-FPX!2559E97C13E7
Cylance Unsafe
Sangfor Trojan.Win64.Agent.AVO
K7AntiVirus Trojan ( 0058be4b1 )
Alibaba Trojan:Win64/Donut.aa0192e6
K7GW Trojan ( 0058be4b1 )
Cybereason malicious.f9f03f
VirIT Trojan.Win64.CoinMiner.D
Cyren W64/Agent.ORAN-8248
Symantec Trojan.Gen.MBT
ESET-NOD32 a variant of Win64/Agent.AVO
TrendMicro-HouseCall TROJ_GEN.R002C0DAJ22
Paloalto generic.ml
Kaspersky HEUR:Trojan.Win64.Donut.pef
BitDefender Gen:Variant.Semper.Agent.3
Avast Win64:Evo-gen [Susp]
Tencent Malware.Win32.Gencirc.11e3f5e0
Ad-Aware Gen:Variant.Semper.Agent.3
Emsisoft Trojan.Agent (A)
Comodo Malware@#3u3ihdmddp7ie
TrendMicro TROJ_GEN.R002C0DAJ22
McAfee-GW-Edition BehavesLike.Win64.RAHack.vc
Sophos Mal/Generic-S
Ikarus Trojan.Win64.Agent
GData Gen:Variant.Semper.Agent.3
Webroot W32.Trojan.Dropper
Avira HEUR/AGEN.1145980
Antiy-AVL Trojan/Win64.Donut
Kingsoft Win32.Troj.Undef.(kcloud)
Microsoft Trojan:Win64/Donut.CIK!MTB
Cynet Malicious (score: 100)
ALYac Gen:Variant.Semper.Agent.3
Malwarebytes Trojan.MalPack
APEX Malicious
MAX malware (ai score=85)
MaxSecure Trojan.Malware.300983.susgen
Fortinet W64/Agent.AVO!tr
AVG Win64:Evo-gen [Susp]
Panda Trj/CI.A
CrowdStrike win/malicious_confidence_100% (W)