popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

645d8620ab56f.zip

ZIP Format
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6402 May 12, 2023, 9:52 a.m. May 12, 2023, 9:55 a.m.
Size 2.2MB
Type Zip archive data, at least v2.0 to extract
MD5 f273ad23fb6109a3d45643dc29084a86
SHA256 7d08c204524028da771f3a050fdf63d38c5dbceaef82b3050d39a827095ff3b3
CRC32 0222A06B
ssdeep 49152:6Q6J3WM202p5GutgAJuIxyxWCIZsS85PWZ5FvcBu:p89i7JDmWgzP+Uu
Yara
  • zip_file_format - ZIP file format

Name Response Post-Analysis Lookup
geo.netsupportsoftware.com
A 51.142.119.24
CNAME geography.netsupportsoftware.com
A 62.172.138.67
62.172.138.67
blahadfurtik.com
A 89.22.237.94
89.22.237.94
IP Address Status Action
164.124.101.2 Active Moloch
51.142.119.24 Active Moloch
89.22.237.94 Active Moloch

suspicious_features GET method with no useragent header suspicious_request GET http://geo.netsupportsoftware.com/location/loca.asp
request GET http://geo.netsupportsoftware.com/location/loca.asp