popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

wininit.exe

NSIS UPX Malicious Library PE File DLL PE32
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6403_us Aug. 7, 2023, 8:27 a.m. Aug. 7, 2023, 8:31 a.m.
Size 307.2KB
Type PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
MD5 87c5e0323049fb19c46cba988f525038
SHA256 eac716271ac8b624a2415c028578626a1fdfec31c69dfb7ebf07de247b817a33
CRC32 7254FBFA
ssdeep 6144:qMMYNXqBB+nbI0OVrZWjuuo1NsSaONfwJdBTTQewR1d5uRQMtGk9nFkXrrlOx+jM:+n+bI0cEjuT1/IJdB/Xwjd5uRN1FCtOf
Yara
  • UPX_Zero - UPX packed file
  • NSIS_Installer - Null Soft Installer
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
45.33.6.223 Active Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section .ndata
file C:\Users\test22\AppData\Local\Temp\nskC7FF.tmp\System.dll
host 45.33.6.223
Bkav W32.AIDetectMalware
Lionic Trojan.Win32.Makoob.4!c
Elastic malicious (high confidence)
MicroWorld-eScan Trojan.GenericKD.68526322
FireEye Generic.mg.87c5e0323049fb19
McAfee Artemis!87C5E0323049
Malwarebytes Trojan.GuLoader.NSIS
Sangfor Trojan.NSIS.Agent.Vhq1
K7AntiVirus Trojan ( 005a9a631 )
K7GW Trojan ( 005a9a631 )
Arcabit Trojan.Generic.D415A0F2
Symantec ML.Attribute.HighConfidence
ESET-NOD32 NSIS/Injector.BZW
Cynet Malicious (score: 100)
APEX Malicious
Kaspersky HEUR:Trojan.NSIS.Makoob.gen
BitDefender Trojan.GenericKD.68526322
Avast NSIS:MalwareX-gen [Trj]
Tencent Nsis.Trojan.Makoob.Bwnw
Emsisoft Trojan.GenericKD.68526322 (B)
F-Secure Trojan.TR/Redcap.mukmr
VIPRE Gen:Variant.Nemesis.26178
TrendMicro Trojan.Win32.GULOADER.YXDHCZ
McAfee-GW-Edition BehavesLike.Win32.Dropper.fc
Trapmine malicious.high.ml.score
Sophos Mal/Generic-S
Avira TR/Redcap.mukmr
MAX malware (ai score=82)
Microsoft Trojan:Win32/Casdet!rfn
ZoneAlarm HEUR:Trojan.NSIS.Makoob.gen
GData Trojan.GenericKD.68526322
Google Detected
AhnLab-V3 Downloader/Win.GuLoader.C5240677
ALYac Gen:Variant.Nemesis.26178
Cylance unsafe
Panda Trj/Chgt.AD
TrendMicro-HouseCall Trojan.Win32.GULOADER.YXDHCZ
Ikarus Trojan.NSIS.Guloader
AVG NSIS:MalwareX-gen [Trj]
DeepInstinct MALICIOUS
CrowdStrike win/malicious_confidence_90% (W)