Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
11.15 01:11
wwbizsrvs.exe
11.15 01:11
op.exe
11.15 01:11
msf.exe
11.15 01:11
lum250.exe
11.15 01:11
msf443.exe
11.13 04:11
hello.exe
11.13 03:11
espsemhvcioff.exe
11.13 02:11
Geek_se.exe
11.13 02:11
cred64.dll
11.13 02:11
svhost.exe

Latest News
11.16 03:11
It’s a Soldering Iron!...
11.16 12:11
Critical Unauthenticat...
11.16 12:11
BASIC Co-Inventor Thom...
11.16 09:11
존쿡 델리미트 외식 매장서 ‘연말맞이 다...
11.16 09:11
서울퓨처랩, 누적체험객 6만명 돌파…프로...
11.16 09:11
니지모리스튜디오 갤러리, 일본 일러스트 ...
11.16 09:11
RISC-V Pushes 400 Mill...
11.16 09:11
IT Sicherheitsnews tae...
11.16 07:11
Anduril’s Chair Consul...
11.16 07:11
Senators Call for Prob...

Summary | ZeroBOX

imagd.jpg

Malicious Library OS Processor Check JPEG Format

Category	Machine	Started	Completed
FILE	s1_win7_x6403_us	July 3, 2023, 6:20 p.m.	July 3, 2023, 6:22 p.m.

Size	1.4MB
Type	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 1080x1440, frames 3
MD5	`8386d64448fbc6074b27a472cc074a35`
SHA256	`f6579ef33c0eaae0f87e6ce140297c317801eb9e9e0fc77f45fdfcd0a2394dda`
CRC32	`7CF71C9E`
ssdeep	`24576:VQo4CgDe/o8SEKFaGWWEfpVk3XFc8ZSK10CGWQw6tsJCetgJlfpsP4V:VQo4/xCWERVk3XsgQw6jeU2Ps`
Yara	OS_Processor_Check_Zero - OS Processor Check JPEG_Format_Zero - JPEG Format Malicious_Library_Zero - Malicious_Library

cmd.exe "C:\Windows\System32\cmd.exe" /c start /wait "dbJswKNztXJngwy" C:\Users\test22\AppData\Local\Temp\imagd.jpg
1460

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

File has been identified by 9 AntiVirus engines on VirusTotal as malicious (9 events)

MicroWorld-eScan	Exploit.Jpegdrop.2
Arcabit	Exploit.Jpegdrop.2
BitDefender	Exploit.Jpegdrop.2
Emsisoft	Exploit.Jpegdrop.2 (B)
VIPRE	Exploit.Jpegdrop.2
FireEye	Exploit.Jpegdrop.2
MAX	malware (ai score=81)
GData	Exploit.Jpegdrop.2
ALYac	Exploit.Jpegdrop.2