popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

minerxd.exe

ftp PE64 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6403_us Sept. 16, 2023, 2:02 p.m. Sept. 16, 2023, 2:08 p.m.
Size 5.2MB
Type PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
MD5 0e9cc5c2145bae2f6ab41f186dac87d1
SHA256 0949ed19896c7add471a5caa7fd5018113d602921a185d911f0cbbadb0ce35c8
CRC32 EBFA98BF
ssdeep 98304:w8ZEl7sMD+0Jz27AoQDu4oI87ozUUG77J6mzRLmvV7FLcVXaR:w4mgMD+0Jz2cDu4e6mzNmthL+C
Yara
  • PE_Header_Zero - PE File Signature
  • IsPE64 - (no description)
  • ftp_command - ftp command

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
172.217.24.238 Active Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section {u'size_of_data': u'0x0051e000', u'virtual_address': u'0x00008000', u'entropy': 7.69652523006925, u'name': u'.data', u'virtual_size': u'0x0051df20'} entropy 7.69652523007 description A section with a high entropy has been found
entropy 0.992236318879 description Overall entropy of this PE file is high
host 172.217.24.238
Bkav W32.AIDetectMalware.64
Lionic Trojan.Win32.Agent.Y!c
Elastic malicious (high confidence)
MicroWorld-eScan Trojan.GenericKD.69289682
FireEye Trojan.GenericKD.69289682
McAfee Artemis!0E9CC5C2145B
Cylance unsafe
Sangfor Trojan.Win32.Rozena.Vp5q
K7AntiVirus Trojan ( 005aa74a1 )
K7GW Trojan ( 005aa74a1 )
CrowdStrike win/malicious_confidence_100% (W)
Arcabit Trojan.Generic.D42146D2
Cyren W64/Rozena.HA.gen!Eldorado
Symantec ML.Attribute.HighConfidence
ESET-NOD32 a variant of Win64/Rozena.XN
Kaspersky Trojan.Win32.Agent.xbeauj
BitDefender Trojan.GenericKD.69289682
Avast MalwareX-gen [Trj]
Tencent Win32.Trojan.Agent.Tzfl
Emsisoft Trojan.GenericKD.69289682 (B)
F-Secure Trojan.TR/Crypt.EPACK.Gen2
DrWeb Trojan.MulDrop23.55393
McAfee-GW-Edition BehavesLike.Win64.Backdoor.tc
Sophos Mal/Generic-S
SentinelOne Static AI - Suspicious PE
Webroot W32.Malware.Gen
Google Detected
Avira TR/Crypt.EPACK.Gen2
MAX malware (ai score=83)
Antiy-AVL Trojan/Win64.Rozena
Gridinsoft Ransom.Win64.Wacatac.sa
Microsoft Trojan:Win32/Malgent!MSR
ZoneAlarm Trojan.Win32.Agent.xbeauj
GData Trojan.GenericKD.69289682
Cynet Malicious (score: 100)
AhnLab-V3 Malware/Win.Generic.C5487627
Acronis suspicious
Malwarebytes Trojan.CoinMiner
Panda Trj/Chgt.AD
TrendMicro-HouseCall TROJ_GEN.R002H0DIF23
Rising Trojan.Rozena!8.6D (TFE:5:kC3zMNTE3QN)
Ikarus Win32.Outbreak
Fortinet W64/Rozena.AN!tr
AVG MalwareX-gen [Trj]
Cybereason malicious.ddc1ed
DeepInstinct MALICIOUS