Summary | ZeroBOX

cdump.exe

PE32 PE File
Category Machine Started Completed
FILE s1_win7_x6401 April 13, 2023, 9:07 a.m. April 13, 2023, 9:20 a.m.
Size 1.3MB
Type PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed
MD5 6799f43f598169aebc476455c624f014
SHA256 4d6e78684cf71bf7a2ee846e717f65ac85f7c8dc1a07ea5857e5f4965700729a
CRC32 A78D166E
ssdeep 24576:xodPTSmyVjXXVEyOLoRjMzbOWQVw+yG3LLsNXEJLvQdc99zRg:x0TSmyVjHHO0RjtVL72wvQdi9l
Yara
  • IsPE32 - (no description)
  • PE_Header_Zero - PE File Signature

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Time & API Arguments Status Return Repeated

WriteConsoleA

buffer: panic:
console_handle: 0x0000000b
1 1 0

WriteConsoleA

buffer: runtime error: slice bounds out of range [5:0]
console_handle: 0x0000000b
1 1 0

WriteConsoleA

buffer: goroutine
console_handle: 0x0000000b
1 1 0

WriteConsoleA

buffer: running
console_handle: 0x0000000b
1 1 0

WriteConsoleA

buffer: HackChrome/core.GetMaster
console_handle: 0x0000000b
1 1 0

WriteConsoleA

buffer: 0x12414190
console_handle: 0x0000000b
1 1 0

WriteConsoleA

buffer: 0x41
console_handle: 0x0000000b
1 1 0

WriteConsoleA

buffer: 0x62f602
console_handle: 0x0000000b
1 1 0

WriteConsoleA

buffer: 0x7
console_handle: 0x0000000b
1 1 0

WriteConsoleA

buffer: 0x1
console_handle: 0x0000000b
1 1 0

WriteConsoleA

buffer: 0x124141e0
console_handle: 0x0000000b
1 1 0

WriteConsoleA

buffer: 0x48
console_handle: 0x0000000b
1 1 0

WriteConsoleA

buffer: C:/Users/lovebear96/Desktop/HackChrome-master/core/chromev80.go
console_handle: 0x0000000b
1 1 0

WriteConsoleA

buffer: 0x187
console_handle: 0x0000000b
1 1 0

WriteConsoleA

buffer: main.main
console_handle: 0x0000000b
1 1 0

WriteConsoleA

buffer: C:/Users/lovebear96/Desktop/HackChrome-master/main.go
console_handle: 0x0000000b
1 1 0

WriteConsoleA

buffer: 0xeb
console_handle: 0x0000000b
1 1 0
file C:\Users\test22\AppData\Local\Google\Chrome\User Data\Local State
file C:\Users\test22\AppData\Local\Google\Chrome\User Data\Default\Login Data
section {u'size_of_data': u'0x00153e00', u'virtual_address': u'0x0020c000', u'entropy': 7.921539659512209, u'name': u'UPX1', u'virtual_size': u'0x00154000'} entropy 7.92153965951 description A section with a high entropy has been found
entropy 0.999632352941 description Overall entropy of this PE file is high
section UPX0 description Section name indicates UPX
section UPX1 description Section name indicates UPX
section UPX2 description Section name indicates UPX
Time & API Arguments Status Return Repeated

LdrGetProcedureAddress

ordinal: 0
function_address: 0x0028fdcd
function_name: wine_get_version
module: ntdll
module_address: 0x76f10000
3221225785 0
Lionic Riskware.Win32.BroPass.1!c
Elastic malicious (moderate confidence)
MicroWorld-eScan Trojan.GenericKD.43007907
FireEye Trojan.GenericKD.43007907
McAfee Artemis!6799F43F5981
Cylance unsafe
Zillya Trojan.Agent.Win64.6119
Sangfor Trojan.Win64.Agent.T
K7AntiVirus Password-Stealer ( 005636f11 )
Alibaba TrojanPSW:Win32/BroPass.041789b7
K7GW Password-Stealer ( 005636f11 )
CrowdStrike win/malicious_confidence_100% (W)
Arcabit Trojan.Generic.D2903FA3
Symantec ML.Attribute.HighConfidence
ESET-NOD32 a variant of Win64/PSW.Agent.T
Cynet Malicious (score: 99)
APEX Malicious
Paloalto generic.ml
Kaspersky not-a-virus:PSWTool.Win32.BroPass.ag
BitDefender Trojan.GenericKD.43007907
NANO-Antivirus Trojan.Win32.Mlw.hqtthz
Avast Win32:Trojan-gen
Tencent Win32.Trojan.Bropass.Mqil
Sophos Generic Reputation PUA (PUA)
F-Secure Trojan.TR/PSW.Agent.vbiae
VIPRE Trojan.GenericKD.43007907
TrendMicro TROJ_GEN.R002C0GE922
McAfee-GW-Edition Artemis!Trojan
Emsisoft Trojan.GenericKD.43007907 (B)
Webroot Pua.Gen
Avira TR/PSW.Agent.vbiae
Antiy-AVL RiskWare[PSWTool]/Win32.BroPass
Microsoft Trojan:Win32/Skeeyah!MTB
ZoneAlarm not-a-virus:PSWTool.Win32.BroPass.ag
GData Trojan.GenericKD.43007907
Google Detected
ALYac Trojan.GenericKD.43007907
MAX malware (ai score=80)
Malwarebytes Trojan.MalPack.UPX
Panda Trj/CI.A
TrendMicro-HouseCall TROJ_GEN.R002C0GE922
Rising Stealer.Agent!8.C2 (CLOUD)
Yandex Trojan.PWS.Agent!wFU2GEJDE7U
Ikarus Trojan-PSW.Agent
MaxSecure Trojan.Malware.103941662.susgen
Fortinet W32/Agent.T!tr.pws
AVG Win32:Trojan-gen
DeepInstinct MALICIOUS