popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

rPGGByeYLLNwbJK.exe

Generic Malware Admin Tool (Sysinternals etc ...) UPX PE File PE32 .NET EXE
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6403_us Aug. 23, 2022, 11:31 a.m. Aug. 23, 2022, 11:45 a.m.
Size 149.0KB
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 701664573b29574a7d73deb94d2166bb
SHA256 777a74c1024e20647970a356e11a6c268a58325c04cf83eb3c2e67044cc65197
CRC32 6A349FE1
ssdeep 3072:D0RLVpkbiy7tgjvee6GV7A7tkHIO6AtDbbTU0P7tepGR/JbVr:T7Wjvee6ozHIVAFbTBP7tepGDR
Yara
  • IsPE32 - (no description)
  • Generic_Malware_Zero - Generic Malware
  • UPX_Zero - UPX packed file
  • PE_Header_Zero - PE File Signature
  • Admin_Tool_IN_Zero - Admin Tool Sysinternals
  • Is_DotNET_EXE - (no description)

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
164.124.101.2 Active Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

No signatures