Summary | ZeroBOX
MPRESS UPX PE32 PE File
Category Machine Started Completed
ARCHIVE s1_win7_x6403_us Aug. 27, 2023, 4:37 p.m. Aug. 27, 2023, 4:40 p.m.

Archive Winamp.exe.exe @ Winamp.exe.zip

Summary

Size 662.0MB
Type MS-DOS executable, MZ for MS-DOS
MD5 041aa627c407511606ab46091bf1ee12
SHA1 2704f8d71dfd83df4f050e4d1f42ce2abf457b42
SHA256 a4eeef74cf89aef9ca5f49b528e2a970b30cb0861eb5e8933a4a540827f8db7d
SHA512
7ebd2a4846b6bcaf1ec4aa4c0c46e6c86aa1842172a5a22455766ed932547282e8273f295b2d559d48105cb159ffc9d8eb84a77f9178406c688edf20a4811676
CRC32 06DACA4B
ssdeep 98304:6t+4/xMmeN07DiBfU8bu0CIlyM4DC9B19Xxi6eqhlZQ4LKq0w7XU5Z5/5RRR2RRq:8+iMNNplfzCXDyBIOfQ4LKD/tp
Yara
  • UPX_Zero - UPX packed file
  • PE_Header_Zero - PE File Signature
  • MPRESS_Zero - MPRESS packed file
  • IsPE32 - (no description)

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
164.124.101.2 Active Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section .MPRESS1
section .MPRESS2
resource name PNG
resource name TEXT
section {u'size_of_data': u'0x00633000', u'virtual_address': u'0x00001000', u'entropy': 7.999971926023337, u'name': u'.MPRESS1', u'virtual_size': u'0x0108b000'} entropy 7.99997192602 description A section with a high entropy has been found
entropy 0.964595046346 description Overall entropy of this PE file is high