popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Clip1.exe

Malicious Library PE64 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6403_us Dec. 20, 2022, 11:48 a.m. Dec. 20, 2022, 11:50 a.m.
Size 5.4MB
Type PE32+ executable (console) x86-64, for MS Windows
MD5 08e7e0da767d6c6a629627caad9f9a78
SHA256 ddf3e88009b31395bad6bdf11bd57e6b0f77d28ee29f2dda306c8a9147e45263
CRC32 15E95322
ssdeep 98304:tDfRit+1X5/S6mZid5Sm3jlhuhG2LGbQkVCdPnLIVKWqEFJSog:tD+mJ/SRZid5S7hTZkkIKWLZ
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsPE64 - (no description)

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section D#&A$FBZ
section D)%&(X$U
section OS__)Q^&
section $TEWRGFS
section Q$MLW^#N
section FTJ(IEAN
section AY^^U%IQ
section {u'size_of_data': u'0x00566600', u'virtual_address': u'0x00610000', u'entropy': 7.905235363271967, u'name': u'$TEWRGFS', u'virtual_size': u'0x00566518'} entropy 7.90523536327 description A section with a high entropy has been found
entropy 0.999367431773 description Overall entropy of this PE file is high
Elastic malicious (high confidence)
Cylance Unsafe
Cybereason malicious.912e40
Symantec ML.Attribute.HighConfidence
tehtris Generic.Malware
APEX Malicious
McAfee-GW-Edition BehavesLike.Win64.Trickbot.tc
Trapmine suspicious.low.ml.score
FireEye Generic.mg.08e7e0da767d6c6a
Sophos Generic ML PUA (PUA)
Gridinsoft Trojan.Heur!.03212023
Microsoft Trojan:Win32/Sabsik.FL.B!ml
Cynet Malicious (score: 100)
Acronis suspicious
SentinelOne Static AI - Suspicious PE
MaxSecure Trojan.Malware.300983.susgen