Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
11.18 02:11
DOCTOR FIRM ORDER FORM...
11.18 09:11
babababa.exe
11.18 09:11
Jagtfalkenes.vbs
11.18 09:11
windows_update.dll
11.18 09:11
nicko.exe
11.18 09:11
GHO%E9%95%9C%E5%83%8F%...
11.18 09:11
stories.exe
11.17 10:11
wwbizsrvs.exe
11.15 01:11
wwbizsrvs.exe
11.15 01:11
op.exe

Latest News
11.18 05:11
Strela: A newcomer in ...
11.18 05:11
A week in security (No...
11.18 05:11
A week in security (No...
11.18 04:11
카페 어니언과 함께하는 2025 코리아브...
11.18 04:11
Singapore Oil Tycoon O...
11.18 04:11
Exploit attempts for u...
11.18 04:11
NSO Group Exploited Wh...
11.18 03:11
대한민국 전통가마 연구소 ‘태고사’ 20...
11.18 03:11
더 청담, '2024 전통문화혁신사업 수...
11.18 03:11
동방이기제작소, '2024 전통문화혁신사...

Summary | ZeroBOX

asdsada.exe

Malicious Library UPX OS Processor Check PE32 PE File

Category	Machine	Started	Completed
FILE	s1_win7_x6402	April 11, 2023, 9:40 a.m.	April 11, 2023, 9:43 a.m.

Size	82.2KB
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`cbbdef6c4d82eb4ff01ed43f1e641907`
SHA256	`37a5d7960b09d3f0ec4c8d39203ce285a9ced3c70c3e3fbd5c6f3f21678bdec4`
CRC32	`8E85BECD`
ssdeep	`1536:qce5tx7pMyapco9fGaIZ0rViEddJo9YLndeB5SvE6LSvaNIsWWcdv+mh1FB3x3hC:qLx7my0cA1IZxMJo9YLnUBoLSCov+mhM`
PDB Path	C:\JobRelease\tools\msix-psf\Win32\Release\PsfRunDll32.pdb
Yara	UPX_Zero - UPX packed file Malicious_Library_Zero - Malicious_Library OS_Processor_Check_Zero - OS Processor Check IsPE32 - (no description) PE_Header_Zero - PE File Signature

asdsada.exe "C:\Users\test22\AppData\Local\Temp\asdsada.exe"
3000

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
164.124.101.2	Active	Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

This executable has a PDB path (1 event)

pdb_path

C:\JobRelease\tools\msix-psf\Win32\Release\PsfRunDll32.pdb