popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis
Malicious Library PE64 PE File DLL
  1. Resubmit sample
Category Machine Started Completed
ARCHIVE s1_win7_x6402 March 9, 2023, 10:05 a.m. March 9, 2023, 10:05 a.m.

Archive Z5VhmI2NZZjijkdMu3uv21nvMfnvRCEuh.dll @ MFPcU6Uxwd1HGyQC2PUy0Yb1f9EXrO.zip

Summary

Size 518.7MB
Type PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
MD5 95ab53ac1cbd8a0f63bb6175b9c93f2b
SHA1 509148b2d9df7696116d17bf4281517978eb74ef
SHA256 90f5e743bf8577e665594047f02d214691dc1c14b6c3dfac2c30d019d9f0e976
SHA512
28da1c3f3059915e858f97164e4c59005fee2f9c37f5989fcf5401272e8f401127430f9dd39d878026753be3129ccff668e8d3427d55e9513e9f746e6276b991
CRC32 F056CE7F
ssdeep 24576:jdYCJMj0Bc3wxTwdmlyhHr7+k2bJuFKHQVZbb:jGCJMjmc3w3AT2b4FKG
Yara
  • Malicious_Library_Zero - Malicious_Library
  • IsDLL - (no description)
  • PE_Header_Zero - PE File Signature
  • IsPE64 - (no description)

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section .rodata
resource name OI
section {u'size_of_data': u'0x0003c800', u'virtual_address': u'0x00082000', u'entropy': 7.235209410896694, u'name': u'.rsrc', u'virtual_size': u'0x0003c664'} entropy 7.2352094109 description A section with a high entropy has been found
entropy 0.363636363636 description Overall entropy of this PE file is high