popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

FA002.exe

UPX PE32 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 July 5, 2023, 5:18 p.m. July 5, 2023, 5:23 p.m.
Size 1.4MB
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 4ca5a34884534a5751b8e59d41cecdcb
SHA256 78a123cbb6dae6d4bb09a82e7c9551e385aee0f5eb8f9a4ff0de8f2fc4dbdd22
CRC32 0C0EB8DC
ssdeep 24576:NxdzBAGMq38k5CtXu/hX2hpQlmwgqyN3t2HnF2890ErDfpBws:Nl7Ou6pTAytt2HF2yfp
Yara
  • UPX_Zero - UPX packed file
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Time & API Arguments Status Return Repeated

__exception__

 stacktrace: 
fa002+0x122d @ 0xe7122d
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5

exception.symbol:
exception.exception_code: 0xc0000005
exception.address: 0x0
registers.esp: 3668408
registers.edi: 1972830208
registers.eax: 0
registers.ebp: 3668500
registers.edx: 1973072088
registers.ebx: 2130567168
registers.esi: 0
registers.ecx: 3668448
1 0 0
section {u'size_of_data': u'0x00086800', u'virtual_address': u'0x0008c000', u'entropy': 7.848225441301275, u'name': u'.data', u'virtual_size': u'0x00086734'} entropy 7.8482254413 description A section with a high entropy has been found
entropy 0.365861951717 description Overall entropy of this PE file is high
Bkav W32.AIDetectMalware
Malwarebytes Spyware.Stealer
Sangfor Trojan.Win32.Agent.Vise
Symantec ML.Attribute.HighConfidence
Elastic malicious (high confidence)
APEX Malicious
Kaspersky UDS:Trojan.Win32.GenericML.xnet
BitDefender Trojan.GenericKD.67965364
MicroWorld-eScan Trojan.GenericKD.67965364
Rising Trojan.Generic@AI.100 (RDML:pKGxdQwA8YhB7ENi5DljrQ)
Emsisoft Trojan.GenericKD.67965364 (B)
TrendMicro TrojanSpy.Win32.RHADAMANTHYS.YXDGDZ
McAfee-GW-Edition BehavesLike.Win32.Generic.th
Trapmine suspicious.low.ml.score
FireEye Trojan.GenericKD.67965364
Sophos Generic Reputation PUA (PUA)
GData Trojan.GenericKD.67965364
Webroot W32.Trojan.Gen
Arcabit Trojan.Generic.D40D11B4
ZoneAlarm UDS:Trojan.Win32.GenericML.xnet
Microsoft Trojan:Win32/Wacatac.B!ml
McAfee Artemis!4CA5A3488453
MAX malware (ai score=88)
Panda Trj/Chgt.AD
TrendMicro-HouseCall TrojanSpy.Win32.RHADAMANTHYS.YXDGDZ
Fortinet Malicious_Behavior.SB
BitDefenderTheta Gen:NN.ZexaCO.36270.Bv0@aub!J3iO
DeepInstinct MALICIOUS
CrowdStrike win/malicious_confidence_100% (W)