Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6403_us	Sept. 15, 2023, 7:47 a.m.	Sept. 15, 2023, 7:56 a.m.

Size	297.5KB
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`1d6a742534494f66081d5b70f44f6695`
SHA256	`9e89c31df9863bff75a294fdf1700a0a18607a0ddbf1bab54426a834c758e592`
CRC32	`0C4F1994`
ssdeep	`6144:mK8TiLuBECejBKMqlT/AsjX8eHHUtYvNG1a7B8Rrm3T1:58TisECejgCsjW8Mc7BImD`
PDB Path	C:\cupexo\tebasasayon\damulir zikonovovuya.pdb
Yara	UPX_Zero - UPX packed file Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsPE32 - (no description) OS_Processor_Check_Zero - OS Processor Check

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

No Suricata Alerts

No Suricata TLS

pdb_path

C:\cupexo\tebasasayon\damulir zikonovovuya.pdb

resource name

AFX_DIALOG_LAYOUT

section

{u'size_of_data': u'0x0003c600', u'virtual_address': u'0x00001000', u'entropy': 7.672021955130973, u'name': u'.text', u'virtual_size': u'0x0003c5f6'}

entropy

7.67202195513

description

A section with a high entropy has been found

entropy

0.814502529511

description

Overall entropy of this PE file is high

s1.exe