popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

PO 102230.PDF (Fizaexports. Private Ltd. Trading Company Limited) Signed Copy.exe

PWS PE32 PE File .NET EXE
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 Sept. 26, 2022, 2:13 p.m. Sept. 26, 2022, 2:16 p.m.
Size 1.1MB
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 b09d19efcc3d748a63efe5360ff57360
SHA256 c45973ba17fd56f948222e36cbdcdebd45489a0215cfef782d99ac7928a43554
CRC32 AF8EE4BD
ssdeep 12288:9iFPhLuyAHe4iY8eewc8xRNxXoVzA6s4rBfLot9P4TArnXoGsvKCdAA:ohLuyyHiYtRTo1AJ4Nfu9Q8rcvVA
Yara
  • IsPE32 - (no description)
  • Win32_Trojan_PWS_Net_1_Zero - Win32 Trojan PWS .NET Azorult
  • PE_Header_Zero - PE File Signature
  • Is_DotNET_EXE - (no description)

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section {u'size_of_data': u'0x000fbe00', u'virtual_address': u'0x00002000', u'entropy': 7.022683726726603, u'name': u'.text', u'virtual_size': u'0x000fbc54'} entropy 7.02268372673 description A section with a high entropy has been found
entropy 0.910117434508 description Overall entropy of this PE file is high
Bkav W32.AIDetectNet.01
tehtris Generic.Malware
Cynet Malicious (score: 100)
Cylance Unsafe
Sangfor Suspicious.Win32.Save.a
K7AntiVirus Trojan ( 0059891f1 )
Cybereason malicious.bd179f
Arcabit IL:Trojan.MSILZilla.D5A38
Cyren W32/MSIL_Kryptik.IBK.gen!Eldorado
Symantec Scr.Malcode!gdn34
Elastic malicious (high confidence)
ESET-NOD32 a variant of MSIL/Kryptik.AGOG
APEX Malicious
Kaspersky HEUR:Trojan-Spy.MSIL.SnakeLogger.gen
BitDefender IL:Trojan.MSILZilla.23096
MicroWorld-eScan IL:Trojan.MSILZilla.23096
Avast Win32:PWSX-gen [Trj]
Ad-Aware IL:Trojan.MSILZilla.23096
Sophos ML/PE-A
DrWeb Trojan.PackedNET.1587
VIPRE IL:Trojan.MSILZilla.23096
Trapmine malicious.moderate.ml.score
FireEye Generic.mg.b09d19efcc3d748a
Emsisoft IL:Trojan.MSILZilla.23096 (B)
Avira HEUR/AGEN.1250021
Gridinsoft Malware.Win32.Gen.vl!i
Microsoft Trojan:MSIL/NanoBot.D!MTB
SUPERAntiSpyware Trojan.Agent/Gen-Injector
ZoneAlarm HEUR:Trojan-Spy.MSIL.SnakeLogger.gen
GData IL:Trojan.MSILZilla.23096
Google Detected
AhnLab-V3 Trojan/Win.MSIL.C5115219
ALYac IL:Trojan.MSILZilla.23096
MAX malware (ai score=89)
Malwarebytes Malware.AI.4256222547
TrendMicro-HouseCall TROJ_GEN.R06CH0CIP22
SentinelOne Static AI - Malicious PE
MaxSecure Trojan.Malware.300983.susgen
Fortinet MSIL/Kryptik.DLB!tr
BitDefenderTheta Gen:NN.ZemsilF.34682.fn0@amPIsjm
AVG Win32:PWSX-gen [Trj]
CrowdStrike win/malicious_confidence_70% (D)