popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

a.exe

UPX Malicious Library Malicious Packer PE File OS Processor Check PE32
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 July 10, 2023, 6:52 p.m. July 10, 2023, 6:55 p.m.
Size 7.1MB
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 1d35572dfa6a564b147bad355ad1be78
SHA256 38e1aa092a57e10bf67da9f4e643e59dc050d683900d7ff930191a174f191778
CRC32 B0F8A50D
ssdeep 196608:VhpnqHrY6/B0K8QSA0cv1FMEHF7vyMXwrEUxfY5PS/:Jr6uK8xvcvYe7vyAuEUsPS/
Yara
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • Malicious_Packer_Zero - Malicious Packer
  • IsPE32 - (no description)

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section .Y=L
section .Y.^
section .Lg]
section {u'size_of_data': u'0x006f8000', u'virtual_address': u'0x0068b000', u'entropy': 7.967797963967397, u'name': u'.Lg]', u'virtual_size': u'0x006f7f80'} entropy 7.96779796397 description A section with a high entropy has been found
entropy 0.983461962514 description Overall entropy of this PE file is high
Bkav W32.Common.636420C8
tehtris Generic.Malware
MicroWorld-eScan Gen:Heur.Zygug.3
FireEye Generic.mg.1d35572dfa6a564b
CAT-QuickHeal Trojan.Sabsik
ALYac Gen:Heur.Zygug.3
Cylance unsafe
Sangfor Trojan.Win32.Save.a
CrowdStrike win/malicious_confidence_100% (W)
Arcabit Trojan.Zygug.3
BitDefenderTheta Gen:NN.ZexaF.36302.@JW@a8F1Mabk
Cyren W32/ABRisk.DTZP-1900
Symantec Trojan Horse
Elastic malicious (high confidence)
ESET-NOD32 a variant of Win32/Packed.VMProtect.AU suspicious
APEX Malicious
Cynet Malicious (score: 100)
BitDefender Gen:Heur.Zygug.3
Avast Win32:Evo-gen [Trj]
Sophos Mal/Generic-S
VIPRE Gen:Heur.Zygug.3
McAfee-GW-Edition BehavesLike.Win32.Generic.wc
Trapmine malicious.moderate.ml.score
Emsisoft Gen:Heur.Zygug.3 (B)
SentinelOne Static AI - Malicious PE
Webroot W32.Malware.Gen
Antiy-AVL Trojan[Packed]/Win32.VMProtect
Gridinsoft Trojan.Heur!.02216021
Microsoft Trojan:Win32/Meterpreter!ml
GData Gen:Heur.Zygug.3
Google Detected
AhnLab-V3 Trojan/Win.Generic.C5450879
McAfee Artemis!1D35572DFA6A
MAX malware (ai score=89)
Malwarebytes Trojan.MalPack.VMP
Panda Trj/Genetic.gen
TrendMicro-HouseCall TROJ_GEN.R002H09G723
Rising Trojan.Generic@AI.100 (RDML:rfJD1UdPqUbNFbWV83k26g)
Yandex Riskware.VMProtect!L2QP+SogAHQ
MaxSecure Trojan.Malware.300983.susgen
Fortinet Riskware/Application
AVG Win32:Evo-gen [Trj]
DeepInstinct MALICIOUS