Summary | ZeroBOX

jyi6mm2w2g.dll

UPX Malicious Library PE64 PE File dll OS Processor Check DLL DllRegisterServer
Category Machine Started Completed
FILE s1_win7_x6401 Sept. 14, 2023, 7:03 p.m. Sept. 14, 2023, 7:10 p.m.
Size 1.1MB
Type PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5 7d2156efddf126dfb4c466da06f15e11
SHA256 452bb497728f1eb2ccd56b83f7a13e51447bd79852085e68908cb6c47625060b
CRC32 51540091
ssdeep 24576:drD2uxNbJd3BU7XFLH9io8hAGOAHxLrQ+P3U:ZDBxNvR
Yara
  • UPX_Zero - UPX packed file
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
  • IsPE64 - (no description)
  • DllRegisterServer_Zero - execute regsvr32.exe
  • OS_Processor_Check_Zero - OS Processor Check

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section .gfids
resource name None
section {u'size_of_data': u'0x00041a00', u'virtual_address': u'0x00010000', u'entropy': 7.094995090657505, u'name': u'.rdata', u'virtual_size': u'0x000419d6'} entropy 7.09499509066 description A section with a high entropy has been found
entropy 0.240384615385 description Overall entropy of this PE file is high
Bkav W32.AIDetectMalware.64
Elastic malicious (high confidence)
Cynet Malicious (score: 100)
FireEye Generic.mg.7d2156efddf126df
Sangfor Trojan.Win32.Save.a
CrowdStrike win/malicious_confidence_100% (W)
Symantec ML.Attribute.HighConfidence
ESET-NOD32 a variant of Win64/Injector.NO
Kaspersky UDS:DangerousObject.Multi.Generic
Avast InjectorX-gen [Trj]
McAfee-GW-Edition BehavesLike.Win64.PinkSbot.th
ZoneAlarm UDS:DangerousObject.Multi.Generic
Acronis suspicious
AVG InjectorX-gen [Trj]
DeepInstinct MALICIOUS