Summary | ZeroBOX

p0aw25.exe

Gen1 Malicious Packer Malicious Library PE64 PE File
Category Machine Started Completed
FILE s1_win7_x6401 May 30, 2023, 9:31 a.m. May 30, 2023, 9:35 a.m.
Size 211.5KB
Type PE32+ executable (GUI) x86-64, for MS Windows
MD5 8a8c08155bce86d582d32eee9defcfcd
SHA256 642431ee850811f23e1ac8ab13524a669d4c6ebe1704792879621e2746c05939
CRC32 E9D3813D
ssdeep 3072:DVFE/flYeQ6DRePKEywh8QUEH2e1zJLgf7nDVF6PUp1Yo3ICgy:IlYeDRChyI8rETz5gfzDVlVXg
PDB Path notepad.pdb
Yara
  • Win32_Trojan_Gen_2_0904B0_Zero - Win32 Trojan Gen
  • Win32_Trojan_Gen_1_0904B0_Zero - Win32 Trojan Emotet
  • Malicious_Library_Zero - Malicious_Library
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature
  • Malicious_Packer_Zero - Malicious Packer

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

pdb_path notepad.pdb
resource name MUI
section {u'size_of_data': u'0x00019800', u'virtual_address': u'0x0001f000', u'entropy': 7.3528440460545275, u'name': u'.rsrc', u'virtual_size': u'0x0001a000'} entropy 7.35284404605 description A section with a high entropy has been found
entropy 0.484560570071 description Overall entropy of this PE file is high