popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

safer.dll

UPX Malicious Library PE64 PE File DLL OS Processor Check
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 July 31, 2023, 5:38 p.m. July 31, 2023, 5:38 p.m.
Size 119.5KB
Type PE32+ executable (DLL) (console) x86-64, for MS Windows
MD5 56a1858c7fcfe98b43e5f8913e937017
SHA256 25417efb92a7ba7f1d8fa5fd492e542b7e81e041a865f5b61fb17cb6db756023
CRC32 6D8FF860
ssdeep 1536:I1YXG5U3LF0xkhDVZswR7XzRVgf35vWES+cir1gPRpJf0sWxd7B9dlAmMB:yYXW0BKwR7XzHMjncir1IpJKVmmM
PDB Path E:\HackingTool\ReverseShell\x64\Release\BypassBit.pdb
Yara
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
  • IsDLL - (no description)
  • IsPE64 - (no description)
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

pdb_path E:\HackingTool\ReverseShell\x64\Release\BypassBit.pdb
section _RDATA