popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

rainbow_loop.exe

PE32 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 Aug. 9, 2023, 4:57 p.m. Aug. 9, 2023, 5:01 p.m.
Size 2.0KB
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 d6dc6b4155cfc36fe8ea78aa82949533
SHA256 f08804639b16a4f20eee9a183f8591727143da8262410acbbec5b38beb3f2d8d
CRC32 E936326B
ssdeep 12:e/1GSGMO9lmXnlcHSxbZffiZYcjQvpGnik6g8kXiYr:e/1GSNcl9yxVHiOGupG1r
Yara
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

description rainbow_loop.exe tried to sleep 124 seconds, actually delayed analysis time by 102 seconds
Bkav W32.AIDetectMalware
McAfee Artemis!D6DC6B4155CF
Sangfor Trojan.Win32.Agent.Vxqv
CrowdStrike win/malicious_confidence_70% (W)
Elastic malicious (high confidence)
Cynet Malicious (score: 99)
APEX Malicious
Avast Win32:Evo-gen [Trj]
F-Secure Trojan.TR/Crypt.XPACK.Gen
McAfee-GW-Edition BehavesLike.Win32.Infected.xz
Trapmine suspicious.low.ml.score
Avira TR/Crypt.XPACK.Gen
Microsoft Program:Win32/Wacapew.C!ml
BitDefenderTheta Gen:NN.ZexaF.36348.amW@aKa4ckg
Rising Trojan.Generic@AI.100 (RDML:9kpc4JU3cFxTTZmVbc9MSw)
Fortinet W32/PossibleThreat
AVG Win32:Evo-gen [Trj]
Cybereason malicious.421abf
DeepInstinct MALICIOUS