popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

old.exe

PE64 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 Aug. 11, 2023, 8:50 a.m. Aug. 11, 2023, 8:54 a.m.
Size 7.0KB
Type PE32+ executable (GUI) x86-64, for MS Windows
MD5 657dc4f38e42f897d0591605cb20ee3e
SHA256 00a69f8222c10b96f1b5826bcc718ee6cda420bcca779670c2395084e042db1c
CRC32 58DA8F94
ssdeep 24:eFGStrJ9u0/6j/wdnZdkBQAVn1YjGKZqoeNDMSCvOXpmB:is00/wdkBQAqCKSD9C2kB
Yara
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
134.122.75.115 Active Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section .taxq
Time & API Arguments Status Return Repeated

__exception__

 stacktrace: 
EnterCriticalSection+0x1e ExitThread-0x19 kernel32+0xaa404 @ 0x76cba404
old+0x41fe @ 0x1400041fe
0x7fffffdf250
0x12f708
0x12f740
old+0x41fe @ 0x1400041fe
0x58
0x58
0x58
0x58
0x58
0x58
0x58
0x58
0x58
0x58
0x58
0x58
0x58
0x58
0x58
0x58
0x58
0x58
0x58
0x58
0x58
0x58
0x58
0x58
0x58
0x58
0x58
0x58
0x58
0x58
0x58
0x58
0x58
0x58
0x58
0x58
0x58
0x58
0x58
0x58
0x58
0x58
0x58
0x58
0x58
0x58
0x58
0x58
0x58
0x58
0x58
0x58
0x58
0x58
0x58
0x58
0x58
0x58

exception.instruction_r: 4e 54 44 4c 4c 2e 52 74 6c 45 78 69 74 55 73 65
exception.symbol: EnterCriticalSection+0x1e ExitThread-0x19 kernel32+0xaa404
exception.instruction: push rsp
exception.module: kernel32.dll
exception.exception_code: 0xc0000005
exception.offset: 697348
exception.address: 0x76cba404
registers.r14: 0
registers.r15: 0
registers.rcx: 0
registers.rsi: 0
registers.r10: 5368726014
registers.rbx: 0
registers.rsp: 1244152
registers.r11: 514
registers.r8: 1242888
registers.r9: 1242944
registers.rdx: 8796092887632
registers.r12: 1244576
registers.rbp: 5368725514
registers.rdi: 88
registers.rax: 1993057284
registers.r13: 1244584
1 0 0
host 134.122.75.115
dead_host 192.168.56.101:49161
dead_host 134.122.75.115:447