popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

winlog.exe

Generic Malware Malicious Library UPX Malicious Packer Anti_VM PE64 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 Aug. 31, 2023, 11:20 a.m. Aug. 31, 2023, 11:22 a.m.
Size 12.7MB
Type PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
MD5 60255ef7d90a35361e5fe2f5d5514734
SHA256 611458b0884686eab54298c7e82e23daaad3a93482def2f42d8d259004e95774
CRC32 23EFCB69
ssdeep 49152:rlCm9habSnsmzuiuJtiks5bTJguq+Z0A19OO31Fb/n0EZOL/JGm/8sID0n1EY1eT:RrCliIid5nb/n5AM4mD01huEDmlvRrd
Yara
  • Malicious_Library_Zero - Malicious_Library
  • UPX_Zero - UPX packed file
  • PE_Header_Zero - PE File Signature
  • IsPE64 - (no description)
  • anti_vm_detect - Possibly employs anti-virtualization techniques
  • Malicious_Packer_Zero - Malicious Packer
  • Generic_Malware_Zero - Generic Malware

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Bkav W32.AIDetectMalware.64
DeepInstinct MALICIOUS
Time & API Arguments Status Return Repeated

LdrGetProcedureAddress

 ordinal: 0
function_address: 0x000007fefd6b7a50
function_name: wine_get_version
module: ntdll
module_address: 0x0000000076d30000
-1073741511 0