popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

5.26행사초청장&일정표.zip

Generic Malware PS PostScript MSOffice File ZIP Format HWP
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6402 May 16, 2023, 3:39 p.m. May 16, 2023, 3:39 p.m.
Size 50.9MB
Type Zip archive data, at least v1.0 to extract
MD5 487769a19f032e981f33023b2cb7fe10
SHA256 df89db0ec339a5e5109ecced0199c371a859aa0c721275e7556a2f34b33d7b01
CRC32 073EF71F
ssdeep 3072:UypPHTlizlhyLm5QXRHPvruwBa8veKS0908qpiI12WU7KHHEu7EmIbB2itL8HP7h:Uy9ggCKXRHHqwB7w09IpfbnJfkFIPE9a
Yara
  • zip_file_format - ZIP file format
  • Win32_HWP_PostScript_Zero - Detect a HWP with embedded Post Script code
  • HWP_file_format - HWP Document File
  • Microsoft_Office_File_Zero - Microsoft Office File
  • Generic_Malware_Zero - Generic Malware

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
164.124.101.2 Active Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

VIPRE Heur.BZC.YAX.Boxter.949.978B3956
Alibaba TrojanDropper:LNK/Powecod.5cdd5bcd
Cyren LNK/ABRisk.CTKX-4
Symantec Trojan.Gen.NPE
ESET-NOD32 LNK/TrojanDropper.Agent.DD
Avast Other:Malware-gen [Trj]
Cynet Malicious (score: 99)
Kaspersky HEUR:Trojan.WinLNK.Powecod.c
BitDefender Heur.BZC.YAX.Boxter.949.978B3956
Tencent Win32.Trojan.Powecod.Kmnw
Emsisoft Heur.BZC.YAX.Boxter.949.978B3956 (B)
F-Secure Malware.LNK/Drop.Agent.VPVF
McAfee-GW-Edition Artemis!Trojan
FireEye Heur.BZC.YAX.Boxter.949.978B3956
Sophos Troj/LnkDrop-M
SentinelOne Static AI - Suspicious OLE
GData Heur.BZC.YAX.Boxter.949.978B3956
Avira LNK/Drop.Agent.VPVF
Microsoft Trojan:Script/Woreflint.A!cl
Arcabit Heur.BZC.YAX.Boxter.949.978B3956
ZoneAlarm HEUR:Trojan.WinLNK.Powecod.c
Google Detected
AhnLab-V3 Dropper/LNK.Agent
VBA32 Trojan.Link.Crafted
MAX malware (ai score=99)
AVG Other:Malware-gen [Trj]