popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

1.exe

UPX PE32 PE File .NET EXE
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6403_us Aug. 16, 2022, 9:28 a.m. Aug. 16, 2022, 9:28 a.m.
Size 252.5KB
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 fbde807c77c8a702774129ac160bb75b
SHA256 f65884056c28b6bc4745e21b94b7c46e36a59009645bbae4122df2f418c7026f
CRC32 CCE624C2
ssdeep 6144:rLHzFCZNq9QYwG4CLH/75TupRUcSwAl3:/wHq974U/75TuccSdl3
Yara
  • IsPE32 - (no description)
  • UPX_Zero - UPX packed file
  • Win_Backdoor_AsyncRAT_Zero - Win Backdoor AsyncRAT
  • PE_Header_Zero - PE File Signature
  • Is_DotNET_EXE - (no description)

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

resource name EDPENLIGHTENEDAPPINFOID
resource name EDPPERMISSIVEAPPINFOID
section {u'size_of_data': u'0x00038000', u'virtual_address': u'0x00002000', u'entropy': 7.966076840133836, u'name': u'.text', u'virtual_size': u'0x00037fbf'} entropy 7.96607684013 description A section with a high entropy has been found
entropy 0.888888888889 description Overall entropy of this PE file is high
Bkav W32.AIDetectNet.01
Lionic Trojan.MSIL.Stealer.l!c
tehtris Generic.Malware
FireEye Generic.mg.fbde807c77c8a702
Cylance Unsafe
Sangfor Suspicious.Win32.Save.a
Alibaba Trojan:Win32/runner.ali1000123
Cybereason malicious.53d988
BitDefenderTheta Gen:NN.ZemsilF.34592.pm0@aGh3q9hO
Cyren W32/MSIL_Agent.DTF.gen!Eldorado
Symantec ML.Attribute.HighConfidence
Elastic malicious (high confidence)
ESET-NOD32 a variant of MSIL/Kryptik.AFZX
APEX Malicious
Paloalto generic.ml
Kaspersky UDS:DangerousObject.Multi.Generic
Avast PWSX-gen [Trj]
McAfee-GW-Edition BehavesLike.Win32.Generic.dc
Trapmine malicious.moderate.ml.score
Sophos Mal/Generic-S + Mal/MSIL-VD
SentinelOne Static AI - Malicious PE
Google Detected
Microsoft HackTool:Win64/Mimikatz.A
Cynet Malicious (score: 100)
Acronis suspicious
McAfee Artemis!FBDE807C77C8
Malwarebytes MachineLearning/Anomalous.95%
Rising Trojan.Generic/MSIL@AI.98 (RDM.MSIL:bmodEn50C/BmEqoNNheDJg)
Ikarus Trojan-Spy.Keylogger.AgentTesla
MaxSecure Trojan.Malware.300983.susgen
AVG PWSX-gen [Trj]
CrowdStrike win/malicious_confidence_100% (W)