popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

vbc.exe

Malicious Library UPX OS Processor Check PE32 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 May 4, 2023, 6:41 p.m. May 4, 2023, 6:43 p.m.
Size 1.5MB
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 66d9a44a51599155c7a39a9a5a9dafa9
SHA256 ead5fbe849c5bf78f300a22a2142fb5a00a2246ce0cf792c2789dd0e36ec6c50
CRC32 EE9C77E0
ssdeep 24576:QfScnrJZy32uGrH3Zvz7ivzrm7AR+2G78EXpH0LD39jLJPnVml+BJQnEW+VC:Qf5JA2JHJvz7ivzrqdd0XNRPy8QnEW+0
PDB Path C:\Sanon majak liyil daboto\fowayih\Bavebo sehapiro.pdb
Yara
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
  • IsPE32 - (no description)
  • PE_Header_Zero - PE File Signature
  • Malicious_Library_Zero - Malicious_Library

Name Response Post-Analysis Lookup
fshovit8qcg8uvovvtixzg2.shmxodofaguezj
IP Address Status Action
164.124.101.2 Active Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

pdb_path C:\Sanon majak liyil daboto\fowayih\Bavebo sehapiro.pdb
section {u'size_of_data': u'0x0013da00', u'virtual_address': u'0x00001000', u'entropy': 7.827269018461856, u'name': u'.text', u'virtual_size': u'0x0013d9a0'} entropy 7.82726901846 description A section with a high entropy has been found
section {u'size_of_data': u'0x00025800', u'virtual_address': u'0x00246000', u'entropy': 7.332986503886314, u'name': u'.rsrc', u'virtual_size': u'0x00025730'} entropy 7.33298650389 description A section with a high entropy has been found
entropy 0.944167497507 description Overall entropy of this PE file is high
Bkav W32.AIDetectMalware
Cynet Malicious (score: 100)
McAfee Artemis!66D9A44A5159
Malwarebytes Trojan.Crypt
VIPRE Gen:Variant.Ser.Jaik.3792
Sangfor Trojan.Win32.Save.a
K7AntiVirus Trojan ( 005a447a1 )
Alibaba Trojan:Win32/GenKryptik.e8f9cb31
K7GW Trojan ( 005a447a1 )
Arcabit Trojan.Ser.Jaik.DED0
BitDefenderTheta Gen:NN.ZexaF.36196.EvX@a4qM54iG
Cyren W32/ABRisk.RTIK-8955
Elastic malicious (high confidence)
ESET-NOD32 a variant of Win32/GenKryptik.GJED
APEX Malicious
Paloalto generic.ml
Kaspersky Trojan.Win32.Strab.bgw
BitDefender Gen:Variant.Ser.Jaik.3792
MicroWorld-eScan Gen:Variant.Ser.Jaik.3792
Avast Win32:CrypterX-gen [Trj]
Emsisoft Gen:Variant.Ser.Jaik.3792 (B)
F-Secure Trojan.TR/AD.AgentTesla.cxwla
TrendMicro TrojanSpy.Win32.NEGASTEAL.YXDECZ
McAfee-GW-Edition Artemis!Trojan
FireEye Generic.mg.66d9a44a51599155
Sophos Mal/Generic-S
Avira TR/AD.AgentTesla.cxwla
MAX malware (ai score=85)
Antiy-AVL Trojan/Win32.GenKryptik
Microsoft Trojan:Win32/Sabsik.FL.B!ml
ZoneAlarm Trojan.Win32.Strab.bgw
GData Win32.Trojan.PSE.DSYQ1H
Google Detected
VBA32 BScope.TrojanPSW.RedLine
ALYac Gen:Variant.Ser.Jaik.3792
Cylance unsafe
Panda Trj/Chgt.AD
TrendMicro-HouseCall TrojanSpy.Win32.NEGASTEAL.YXDECZ
Rising Spyware.AveMaria!8.108C2 (TFE:5:gPYSJezLNfH)
MaxSecure Trojan.Malware.300983.susgen
Fortinet W32/GenKryptik.GJED!tr
AVG Win32:CrypterX-gen [Trj]
DeepInstinct MALICIOUS
CrowdStrike win/malicious_confidence_100% (W)