popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Black_Saturn.exe

UPX Malicious Library OS Processor Check PE32 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6403_us Sept. 9, 2023, 9:51 p.m. Sept. 9, 2023, 9:54 p.m.
Size 750.6KB
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 33a22c3db8fe05d4c819a9c9360c8de4
SHA256 7f1f5182fa1e302f5e5dd7700fea36d1466b68216c73f6a30dd4750f988f705a
CRC32 E7F894E3
ssdeep 12288:76KX0OuRLZNV5DpMhnnsNWDDW7juQ/kd9oUTAmzwDbAbKj9GB6EEQd6:7H0Og0nnsNfI9oUTPw3AbKjsAEEQd6
PDB Path C:\A10\3q3te\output.pdb
Yara
  • Malicious_Library_Zero - Malicious_Library
  • UPX_Zero - UPX packed file
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • OS_Processor_Check_Zero - OS Processor Check

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

pdb_path C:\A10\3q3te\output.pdb
section .G1ss
section .00cfg
packer Microsoft Visual C++ V8.0 (Debug)
section {u'size_of_data': u'0x00012a00', u'virtual_address': u'0x000a5000', u'entropy': 7.583401248170616, u'name': u'.rsrc', u'virtual_size': u'0x000129f6'} entropy 7.58340124817 description A section with a high entropy has been found
Bkav W32.AIDetectMalware
Lionic Trojan.Win32.ClipBanker.Z!c
MicroWorld-eScan Gen:Variant.Midie.127631
ClamAV Win.Malware.Botx-10004968-0
McAfee Artemis!33A22C3DB8FE
Malwarebytes Neshta.Virus.FileInfector.DDS
VIPRE Gen:Variant.Midie.127631
Alibaba TrojanBanker:Win32/ClipBanker.a2aafe9e
Arcabit Trojan.Midie.D1F28F
Cyren W32/Agent.GTL.gen!Eldorado
Symantec ML.Attribute.HighConfidence
Elastic malicious (high confidence)
ESET-NOD32 a variant of Win32/Kryptik.HUBU
Cynet Malicious (score: 100)
Kaspersky HEUR:Trojan-Banker.Win32.ClipBanker.gen
BitDefender Gen:Variant.Midie.127631
Avast Win32:Trojan-gen
Tencent Win32.Trojan.FalseSign.Cujl
Emsisoft Gen:Variant.Midie.127631 (B)
DrWeb Trojan.PWS.RedLineNET.7
TrendMicro Trojan.Win32.AMADEY.YXDIIZ
McAfee-GW-Edition Artemis!Trojan
FireEye Generic.mg.33a22c3db8fe05d4
Sophos Mal/Generic-S
MAX malware (ai score=81)
Gridinsoft Trojan.Heur!.00012431
Microsoft Trojan:Win32/LaplasClipper.C!MTB
ZoneAlarm HEUR:Trojan-Banker.Win32.ClipBanker.gen
GData Gen:Variant.Midie.127631
Google Detected
VBA32 BScope.TrojanSpy.Stealer
ALYac Gen:Variant.Midie.127631
Cylance unsafe
Panda Trj/CI.A
TrendMicro-HouseCall Trojan.Win32.AMADEY.YXDIIZ
Rising Trojan.Kryptik!8.8 (TFE:5:aehnnhXOEfO)
Ikarus Win32.Outbreak
MaxSecure Trojan.Malware.121218.susgen
Fortinet W32/Kryptik.HUKQ!tr
BitDefenderTheta AI:Packer.F9CBCEF01F
AVG Win32:Trojan-gen
DeepInstinct MALICIOUS
CrowdStrike win/malicious_confidence_70% (W)