popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

alph.exe

Malicious Library MZP Format PE File PE32
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6403_us April 13, 2023, 9:07 a.m. April 13, 2023, 9:09 a.m.
Size 138.5KB
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 e7465dd41c7a0fae866744b86c78f80a
SHA256 295899b745c86d2a2c3d418d71e0b045d003f2739af1e358ad39767287505276
CRC32 80D47CD7
ssdeep 3072:wqud+OXPiboWVSLaH1y48xrDTRiVfbSmCqYK8EgETcQJ:wqud/0bh11xNltbOd
Yara
  • mzp_file_format - MZP(Delphi) file format
  • Malicious_Library_Zero - Malicious_Library
  • IsPE32 - (no description)
  • PE_Header_Zero - PE File Signature

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
172.81.61.224 Active Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Time & API Arguments Status Return Repeated

GetComputerNameA

 computer_name: TEST22-PC
1 1 0
section CODE
section DATA
section BSS
host 172.81.61.224
Lionic Trojan.Win32.Fragtor.4!c
MicroWorld-eScan Gen:Variant.Fragtor.162477
FireEye Generic.mg.e7465dd41c7a0fae
ALYac Gen:Variant.Fragtor.162477
Cylance unsafe
VIPRE Gen:Variant.Fragtor.162477
Sangfor Virus.Win32.Save.a
CrowdStrike win/malicious_confidence_90% (W)
Arcabit Trojan.Fragtor.D27AAD
Symantec ML.Attribute.HighConfidence
Elastic malicious (high confidence)
ESET-NOD32 a variant of Win32/Delf.BQB
Cynet Malicious (score: 100)
APEX Malicious
Paloalto generic.ml
BitDefender Gen:Variant.Fragtor.162477
Avast Win32:RansomX-gen [Ransom]
Sophos Generic Reputation PUA (PUA)
McAfee-GW-Edition BehavesLike.Win32.SpywareLyndra.ch
Trapmine malicious.moderate.ml.score
Emsisoft Gen:Variant.Fragtor.162477 (B)
Ikarus VirTool.Win32.DelfInject
Webroot W32.Trojan.Gen
MAX malware (ai score=84)
Antiy-AVL Trojan/Win32.PossibleThreat
Gridinsoft Ransom.Win32.Delf.sa
Microsoft Trojan:Win32/Sabsik.FL.B!ml
GData Gen:Variant.Fragtor.162477
Google Detected
AhnLab-V3 Trojan/Win.Generic.C4592847
McAfee Artemis!E7465DD41C7A
Malwarebytes Generic.Malware/Suspicious
TrendMicro-HouseCall TROJ_GEN.R002H09DC23
Rising Trojan.Generic@AI.94 (RDML:pfUY2reTavC7YXfznZWlzA)
SentinelOne Static AI - Suspicious PE
MaxSecure Trojan.Malware.300983.susgen
BitDefenderTheta Gen:NN.ZelphiF.36132.iGW@a0flGWl
AVG Win32:RansomX-gen [Ransom]
DeepInstinct MALICIOUS