popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

77.exe

Malicious Library PE32 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6403_us Aug. 4, 2023, 10:18 a.m. Aug. 4, 2023, 10:20 a.m.
Size 1.9MB
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 43a466ea26d18d125bf8af925bb617b7
SHA256 a3f665043305d67f64f7386a8bcd89dc5ce86a76a6b5042827af58cd8b4e10f2
CRC32 A34A6671
ssdeep 49152:vdndufbt9ODXz12CkNram8AciuXRyjy0EjIdfCN:vdnd6av1iam8Ac4GbU6N
PDB Path C:\wikokaxigus\mifebabidura\japirazera80\ra.pdb
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

pdb_path C:\wikokaxigus\mifebabidura\japirazera80\ra.pdb
resource name None
name RT_ICON language LANG_PORTUGUESE filetype GLS_BINARY_LSB_FIRST sublanguage SUBLANG_PORTUGUESE_BRAZILIAN offset 0x021bbf58 size 0x00000468
name RT_ICON language LANG_PORTUGUESE filetype GLS_BINARY_LSB_FIRST sublanguage SUBLANG_PORTUGUESE_BRAZILIAN offset 0x021bbf58 size 0x00000468
name RT_ICON language LANG_PORTUGUESE filetype GLS_BINARY_LSB_FIRST sublanguage SUBLANG_PORTUGUESE_BRAZILIAN offset 0x021bbf58 size 0x00000468
name RT_ICON language LANG_PORTUGUESE filetype GLS_BINARY_LSB_FIRST sublanguage SUBLANG_PORTUGUESE_BRAZILIAN offset 0x021bbf58 size 0x00000468
name RT_ICON language LANG_PORTUGUESE filetype GLS_BINARY_LSB_FIRST sublanguage SUBLANG_PORTUGUESE_BRAZILIAN offset 0x021bbf58 size 0x00000468
name RT_ICON language LANG_PORTUGUESE filetype GLS_BINARY_LSB_FIRST sublanguage SUBLANG_PORTUGUESE_BRAZILIAN offset 0x021bbf58 size 0x00000468
name RT_ICON language LANG_PORTUGUESE filetype GLS_BINARY_LSB_FIRST sublanguage SUBLANG_PORTUGUESE_BRAZILIAN offset 0x021bbf58 size 0x00000468
name RT_ICON language LANG_PORTUGUESE filetype GLS_BINARY_LSB_FIRST sublanguage SUBLANG_PORTUGUESE_BRAZILIAN offset 0x021bbf58 size 0x00000468
name RT_ICON language LANG_PORTUGUESE filetype GLS_BINARY_LSB_FIRST sublanguage SUBLANG_PORTUGUESE_BRAZILIAN offset 0x021bbf58 size 0x00000468
name RT_ICON language LANG_PORTUGUESE filetype GLS_BINARY_LSB_FIRST sublanguage SUBLANG_PORTUGUESE_BRAZILIAN offset 0x021bbf58 size 0x00000468
name RT_GROUP_ICON language LANG_PORTUGUESE filetype data sublanguage SUBLANG_PORTUGUESE_BRAZILIAN offset 0x021b6558 size 0x00000030
name RT_GROUP_ICON language LANG_PORTUGUESE filetype data sublanguage SUBLANG_PORTUGUESE_BRAZILIAN offset 0x021b6558 size 0x00000030
section {u'size_of_data': u'0x001c2600', u'virtual_address': u'0x00001000', u'entropy': 7.987459041684326, u'name': u'.text', u'virtual_size': u'0x001c24e0'} entropy 7.98745904168 description A section with a high entropy has been found
entropy 0.948907031867 description Overall entropy of this PE file is high
Bkav W32.AIDetectMalware
Lionic Trojan.Win32.Generic.4!c
Elastic malicious (high confidence)
FireEye Generic.mg.43a466ea26d18d12
McAfee Artemis!43A466EA26D1
Malwarebytes Trojan.MalPack.GS
Sangfor Trojan.Win32.Save.a
K7AntiVirus Trojan ( 0056f95c1 )
K7GW Trojan ( 0056f95c1 )
CrowdStrike win/malicious_confidence_100% (W)
Symantec ML.Attribute.HighConfidence
tehtris Generic.Malware
APEX Malicious
ClamAV Win.Packer.pkr_ce1a-9980177-0
Kaspersky VHO:Exploit.Win32.Convagent.gen
Avast FileRepMalware [Cryp]
Sophos Troj/Krypt-VK
McAfee-GW-Edition BehavesLike.Win32.Lockbit.tc
Trapmine suspicious.low.ml.score
SentinelOne Static AI - Malicious PE
Gridinsoft Malware.Win32.Laplas.bot
ZoneAlarm VHO:Exploit.Win32.Convagent.gen
Cynet Malicious (score: 100)
Acronis suspicious
VBA32 Malware-Cryptor.Grygoryi.3
Cylance unsafe
Tencent Trojan.Win32.Obfuscated.gen
Ikarus Trojan-Banker.UrSnif
MaxSecure Trojan.Malware.300983.susgen
Fortinet W32/GenKryptik.ERHN!tr
AVG FileRepMalware [Cryp]
DeepInstinct MALICIOUS