popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

timeSync.exe

Malicious Library UPX OS Processor Check PE32 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6403_us Sept. 15, 2023, 7:47 a.m. Sept. 15, 2023, 7:49 a.m.
Size 246.0KB
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 8816dec1704461c24f7575c00f7f86d4
SHA256 891daaeaed0ec160ca3c06fd3a5a896b776bc22a7f42cb9cb02afb49b989d4ed
CRC32 180B5112
ssdeep 6144:SdUPmv4LosfleBHL+Pd0rs9fPAzFI6Lw9T1K:S+e4dlWHCPg0OFJwJE
PDB Path C:\zigabeweju.pdb
Yara
  • UPX_Zero - UPX packed file
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • OS_Processor_Check_Zero - OS Processor Check

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

pdb_path C:\zigabeweju.pdb
resource name AFX_DIALOG_LAYOUT
section {u'size_of_data': u'0x0002f800', u'virtual_address': u'0x00001000', u'entropy': 7.436230919090695, u'name': u'.text', u'virtual_size': u'0x0002f776'} entropy 7.43623091909 description A section with a high entropy has been found
entropy 0.775510204082 description Overall entropy of this PE file is high