popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

2.exe

UPX PE32 PE File .NET EXE
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 Aug. 16, 2022, 9:28 a.m. Aug. 16, 2022, 9:28 a.m.
Size 280.5KB
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 897741707d0f48e3fc4a504689b52c46
SHA256 ddd2c4cce129460b1b761eaea63aaae9384611d5ba9e6b1b26b9847992d52db3
CRC32 48AD1118
ssdeep 6144:JgaDLZ/R+NaXZ98/b3LUmKpZTnGj9QcQuzCgGG:Jga/YNaXZM7LUHvGj6VgGG
Yara
  • IsPE32 - (no description)
  • UPX_Zero - UPX packed file
  • Win_Backdoor_AsyncRAT_Zero - Win Backdoor AsyncRAT
  • PE_Header_Zero - PE File Signature
  • Is_DotNET_EXE - (no description)

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section {u'size_of_data': u'0x0003f400', u'virtual_address': u'0x00002000', u'entropy': 7.866769191262335, u'name': u'.text', u'virtual_size': u'0x0003f2df'} entropy 7.86676919126 description A section with a high entropy has been found
entropy 0.903571428571 description Overall entropy of this PE file is high
Bkav W32.AIDetectNet.01
Lionic Trojan.Win32.Lazy.4!c
MicroWorld-eScan Gen:Variant.Lazy.201137
FireEye Generic.mg.897741707d0f48e3
Cylance Unsafe
VIPRE Gen:Variant.Lazy.201137
Sangfor Suspicious.Win32.Save.a
Alibaba Trojan:Win32/runner.ali1000123
Cybereason malicious.07d0f4
Symantec ML.Attribute.HighConfidence
Elastic malicious (high confidence)
ESET-NOD32 a variant of MSIL/Kryptik.AFZX
Cynet Malicious (score: 100)
APEX Malicious
Paloalto generic.ml
Kaspersky UDS:DangerousObject.Multi.Generic
BitDefender Gen:Variant.Lazy.201137
Ad-Aware Gen:Variant.Lazy.201137
Trapmine malicious.moderate.ml.score
Sophos Mal/Generic-S + Mal/MSIL-VD
MAX malware (ai score=94)
Kingsoft Win32.Troj.Generic_a.a.(kcloud)
Microsoft Trojan:MSIL/AgentTesla.CWA!MTB
GData Gen:Variant.Lazy.201137
Google Detected
Acronis suspicious
BitDefenderTheta Gen:NN.ZemsilF.34592.rm0@aaEWKVoG
Malwarebytes Trojan.Crypt
SentinelOne Static AI - Malicious PE
Fortinet MSIL/Kryptik.IZ!tr
CrowdStrike win/malicious_confidence_100% (W)