Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
11.15 01:11
msf.exe
11.15 01:11
lum250.exe
11.15 01:11
msf443.exe
11.13 04:11
hello.exe
11.13 03:11
espsemhvcioff.exe
11.13 02:11
Geek_se.exe
11.13 02:11
cred64.dll
11.13 02:11
svhost.exe
11.13 02:11
nb.exe
11.13 02:11
svcyr.exe

Latest News
11.15 01:11
마이다스그룹, ‘AI 기반 면접 가이드’...
11.15 01:11
Chinese Data Center Fi...
11.15 01:11
한국이엔티씨, 2024년 고용노동부 주관...
11.15 12:11
Nebraskan Farmers Were...
11.15 12:11
휘틀, 4L 대용량 음식물처리기 ‘더슬림...
11.15 12:11
깨끗한나라 '디어스킨' 올리브영 관악타운...
11.15 12:11
모카시스템, '2024 도시·지역혁신대상...
11.15 12:11
전략 RPG ‘리메멘토–하얀 그림자’ C...
11.15 12:11
케이스티파이(CASETiFY), 5층 규...
11.15 11:11
2024-11-14 - Raspberry...

Summary | ZeroBOX

AdobeSettings.exe

NSIS UPX Malicious Library PE File DLL PE32

Category	Machine	Started	Completed
FILE	s1_win7_x6401	Aug. 10, 2023, 7:43 a.m.	Aug. 10, 2023, 7:53 a.m.

Size	291.4KB
Type	PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
MD5	`e781ca8ce0cf2ede3c242c2bdc1ea2a4`
SHA256	`2cd6b5b83367c4796549a84161209ff9e32d4ce42fcffbe24015e603d3aad300`
CRC32	`2C5147B5`
ssdeep	`6144:4MMYNXqBB4j8z9qKelFO/uJORFZIv3L+8t9NMdfMUVjzbKCA+j8iG:En4jqIKmEmNz1t9NMeUVjzbHA+j8R`
Yara	UPX_Zero - UPX packed file NSIS_Installer - Null Soft Installer Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsPE32 - (no description)

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

The executable contains unknown PE section names indicative of a packer (could be a false positive) (1 event)

section

.ndata

Drops an executable to the user AppData folder (1 event)

file	C:\Users\test22\AppData\Local\Temp\nsbF57C.tmp\System.dll