Summary | ZeroBOX

echo-D3FG-2.DE.exe

Gen1 UPX Malicious Library Anti_VM PE64 PE File OS Processor Check ZIP Format DLL
Category Machine Started Completed
FILE s1_win7_x6401 July 10, 2023, 8:08 a.m. July 10, 2023, 8:11 a.m.
Size 7.5MB
Type PE32+ executable (console) x86-64, for MS Windows
MD5 d61c17656e28348150c5d17dcc0106cd
SHA256 369fce162239045403c87f8c83445d9d300fe2d8656899cb079ce4acca77a99a
CRC32 821F3915
ssdeep 196608:leY3avuuDfyGR21X5Sp6GemDMPwuW23vYPGshGRx:MY3aJDfDspfaMP5z
Yara
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
  • IsPE64 - (no description)
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Time & API Arguments Status Return Repeated

GlobalMemoryStatusEx

1 1 0
section _RDATA
file C:\Users\test22\AppData\Local\Temp\_MEI25522\python311.dll
file C:\Users\test22\AppData\Local\Temp\_MEI25522\libcrypto-1_1.dll
file C:\Users\test22\AppData\Local\Temp\_MEI25522\libffi-8.dll
file C:\Users\test22\AppData\Local\Temp\_MEI25522\VCRUNTIME140.dll
file C:\Users\test22\AppData\Local\Temp\_MEI25522\libssl-1_1.dll
Lionic Trojan.Win32.Shelm.tso7
MicroWorld-eScan Trojan.GenericKD.67377904
FireEye Generic.mg.d61c17656e283481
ALYac Trojan.GenericKD.67377904
Malwarebytes Spyware.PasswordStealer.Python
VIPRE Trojan.GenericKD.67377904
Sangfor Spyware.Win32.Agent.Vpn5
K7AntiVirus Riskware ( 0040eff71 )
Alibaba TrojanSpy:Win32/Stealer.a31809b5
K7GW Riskware ( 0040eff71 )
CrowdStrike win/malicious_confidence_60% (W)
Arcabit Trojan.Generic.D4041AF0
Cyren W64/ABRisk.JEEJ-8733
Symantec Trojan.Gen.MBT
Cynet Malicious (score: 100)
APEX Malicious
Kaspersky Trojan-Spy.Win32.Stealer.dxwk
BitDefender Trojan.GenericKD.67377904
Avast FileRepMalware [Misc]
Sophos Mal/Generic-S
F-Secure Trojan.TR/Spy.Stealer.tfchy
McAfee-GW-Edition BehavesLike.Win64.TrojanCoinMiner.wc
Emsisoft Trojan.GenericKD.67377904 (B)
Avira TR/Spy.Stealer.tfchy
MAX malware (ai score=87)
Microsoft Program:Win32/Wacapew.C!ml
ZoneAlarm Trojan-Spy.Win32.Stealer.dxwk
GData Win32.Trojan-Downloader.Generic.RSB3QB
Google Detected
McAfee Artemis!D61C17656E28
Cylance unsafe
Panda Trj/Chgt.AD
TrendMicro-HouseCall TROJ_GEN.R002H09F323
MaxSecure Trojan.Malware.209430322.susgen
Fortinet W32/PossibleThreat
AVG FileRepMalware [Misc]
DeepInstinct MALICIOUS