popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

BNSREveZbTkD.exe

UPX Malicious Library OS Processor Check PE32 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6403_us Dec. 13, 2022, 5:09 p.m. Dec. 13, 2022, 5:11 p.m.
Size 1.4MB
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 1f00638214824577f764026104668add
SHA256 78d2ae83a34339fd455214e96d9465360eff9c8a99d654f673350815f8f19c59
CRC32 61C46977
ssdeep 24576:siMLG8NWP8751MuO72cRopWkQ1D56jrBMm+3ZN2LwEQq2KNIxH1FUmmkng:QLG2WP8751Y72/4kQtyrBz+3ZQwEH1Si
PDB Path C:\fehoxexe sopakiv key\Xejawa_leviw\patin dir.pdb
Yara
  • IsPE32 - (no description)
  • OS_Processor_Check_Zero - OS Processor Check
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • UPX_Zero - UPX packed file

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

pdb_path C:\fehoxexe sopakiv key\Xejawa_leviw\patin dir.pdb
Time & API Arguments Status Return Repeated

GlobalMemoryStatusEx

 1 1 0
section {u'size_of_data': u'0x00122600', u'virtual_address': u'0x00001000', u'entropy': 7.924856197108475, u'name': u'.text', u'virtual_size': u'0x001225c6'} entropy 7.92485619711 description A section with a high entropy has been found
section {u'size_of_data': u'0x00028800', u'virtual_address': u'0x002f1000', u'entropy': 7.573283532843979, u'name': u'.rsrc', u'virtual_size': u'0x000287a8'} entropy 7.57328353284 description A section with a high entropy has been found
entropy 0.961496549219 description Overall entropy of this PE file is high
Bkav W32.AIDetect.malware2
FireEye Generic.mg.1f00638214824577
McAfee Artemis!1F0063821482
Cylance Unsafe
Sangfor Trojan.Win32.Save.a
BitDefender Trojan.GenericKD.64151888
Symantec ML.Attribute.HighConfidence
Elastic malicious (high confidence)
ESET-NOD32 a variant of Generik.JABKJZ
Kaspersky HEUR:Trojan-PSW.Win32.Reline.gen
MicroWorld-eScan Trojan.GenericKD.64151888
Rising Trojan.Kryptik!8.8 (TFE:5:pYfVodzM5IU)
Ad-Aware Trojan.GenericKD.64151888
Emsisoft Trojan.GenericKD.64151888 (B)
McAfee-GW-Edition Artemis
Sophos Mal/Generic-S
GData Trojan.GenericKD.64151888
Webroot W32.Trojan.Gen
MAX malware (ai score=83)
Antiy-AVL Trojan/Win32.Wacatac
Gridinsoft Ransom.Win32.Wacatac.sa
Microsoft Trojan:Win32/Sabsik.FL.B!ml
Malwarebytes MachineLearning/Anomalous.97%
Tencent Win32.Trojan.FalseSign.Qqil
MaxSecure Trojan.Malware.300983.susgen
BitDefenderTheta Gen:NN.ZexaF.36106.wvX@amLwy!oO
AVG Win32:PWSX-gen [Trj]
Avast Win32:PWSX-gen [Trj]