popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

95.214.25.233:3002

Malicious Library UPX OS Processor Check PE32 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6403_us June 30, 2023, 9:42 a.m. June 30, 2023, 9:44 a.m.
Size 371.5KB
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 8eca708367942803dd00ee83d0a3944f
SHA256 43065af2c6ec6608d11054a01873b3b15a8e2ef2a35bf1e1c9098b50f63541c8
CRC32 3F312560
ssdeep 6144:F1S1JeTx0k9etQwbByFz8zxqgUgHVjKSWQjbviQ:qHeTx0l7bByFz8zU8WOb
Yara
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section .zitika
section {u'size_of_data': u'0x0002bc00', u'virtual_address': u'0x0001f000', u'entropy': 7.947361585333209, u'name': u'.data', u'virtual_size': u'0x0003d84c'} entropy 7.94736158533 description A section with a high entropy has been found
entropy 0.472334682861 description Overall entropy of this PE file is high