Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
09.21 02:09
random.exe
09.21 02:09
sdhsfd.exe
09.21 02:09
66edb89bc4073_crypted....
09.21 02:09
66ed33772bbe7_vdfhsjf1...
09.21 02:09
game.exe
09.21 02:09
66ebb3bf78bd6_Send.exe...
09.21 02:09
66ed33717e4c1_vfdshfda...
09.21 02:09
random.exe
09.21 02:09
66ed336eac985_vdfhssfd...
09.21 02:09
66ed7ef071886_crypted....

Latest News
09.22 01:09
03 - Identifying Signs...
09.22 01:09
Hacktivist Group Twelv...
09.22 01:09
Join us at Microsoft I...
09.22 01:09
How comprehensive secu...
09.21 11:09
LinkedIn Halts AI Data...
09.21 11:09
Ukraine Bans Telegram ...
09.21 11:09
Against Elitism
09.21 11:09
5 Best Practices For E...
09.21 10:09
Fälschung enttarnt: De...
09.21 10:09
ChatGPT o1: Revolution...

Summary | ZeroBOX

ytaa1115.exe

Gen1 Malicious Library UPX Malicious Packer PE64 PE File

Category	Machine	Started	Completed
FILE	s1_win7_x6403_us	Nov. 4, 2022, 5:53 p.m.	Nov. 4, 2022, 6 p.m.

Size	447.0KB
Type	PE32+ executable (GUI) x86-64, for MS Windows
MD5	`8b88b2436809e4e15539e77c90a49762`
SHA256	`72a38b7b1c14bb89928a4fcac764d081d0b9df697d101045140aa81be828a385`
CRC32	`97F2AFDD`
ssdeep	`6144:C8aMyDtA0r3XIMxEZ/mRfhTOWm5t5kktgRGerEhgVIXFML:C5lIuEZ/miN5Z5erLIX`
PDB Path	StikyNot.pdb
Yara	Win32_Trojan_Gen_2_0904B0_Zero - Win32 Trojan Gen Malicious_Library_Zero - Malicious_Library Win32_Trojan_Gen_1_0904B0_Zero - Win32 Trojan Emotet PE_Header_Zero - PE File Signature IsPE64 - (no description) Malicious_Packer_Zero - Malicious Packer UPX_Zero - UPX packed file

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

This executable has a PDB path (1 event)

pdb_path

StikyNot.pdb

The file contains an unknown PE resource name possibly indicative of a packer (4 events)

resource name	IMAGE
resource name	MUI
resource name	UIFILE
resource name	WEVT_TEMPLATE

File has been identified by 5 AntiVirus engines on VirusTotal as malicious (5 events)

ESET-NOD32	a variant of Win64/TrojanDownloader.Agent.LI
ClamAV	Win.Downloader.Upatre-9880459-0
Microsoft	Trojan:Win32/Wacatac.H!ml
Google	Detected
Ikarus	Trojan-Downloader.Win64.Agent