popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

ape2.exe

Malicious Library PE32 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6403_us March 12, 2023, 10:13 a.m. March 12, 2023, 10:17 a.m.
Size 1.7MB
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 bc2bec9810f53c3b1ca1220d05b0fea7
SHA256 7d36d865c07e911c5eff4d45c8f7e837b0ffe589cefcd7a8d812477f4e05b5d7
CRC32 09EB83B4
ssdeep 24576:ur99vy7F8EXAeRBf9zY7lXYZJ3oaHWuCpisNAbHWTWDlmhz:uZ9vy7uUl07WNhHuikAb2TWJs
PDB Path C:\Lelen firog rak fogehofo\ron\Solaquiq\Fij.pdb
Yara
  • Malicious_Library_Zero - Malicious_Library
  • IsPE32 - (no description)
  • PE_Header_Zero - PE File Signature

Name Response Post-Analysis Lookup
mnxrxyulbk05pdg.docywg7eumhcj4sgz
IP Address Status Action
164.124.101.2 Active Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

pdb_path C:\Lelen firog rak fogehofo\ron\Solaquiq\Fij.pdb
section {u'size_of_data': u'0x00197200', u'virtual_address': u'0x00001000', u'entropy': 7.920957362415588, u'name': u'.text', u'virtual_size': u'0x00197157'} entropy 7.92095736242 description A section with a high entropy has been found
entropy 0.963324460219 description Overall entropy of this PE file is high
Elastic malicious (high confidence)
FireEye Generic.mg.bc2bec9810f53c3b
McAfee Artemis!BC2BEC9810F5
Sangfor Trojan.Win32.Save.a
BitDefenderTheta Gen:NN.ZexaF.36308.QvX@aSLsKMmO
Symantec ML.Attribute.HighConfidence
ESET-NOD32 a variant of Win32/GenKryptik.GHIS
Cynet Malicious (score: 100)
APEX Malicious
Paloalto generic.ml
Kaspersky UDS:DangerousObject.Multi.Generic
Avast FileRepMalware [Misc]
TrendMicro Trojan.Win32.PRIVATELOADER.YXDCLZ
McAfee-GW-Edition Artemis!Trojan
Trapmine malicious.moderate.ml.score
Microsoft Trojan:Win32/Casdet!rfn
ZoneAlarm UDS:DangerousObject.Multi.Generic
Google Detected
VBA32 Malware-Cryptor.Limpopo
Ikarus Trojan-Ransom.Cerber
MaxSecure Trojan.Malware.300983.susgen
AVG FileRepMalware [Misc]