popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

cred64.dll

Browser Login Data Stealer Malicious Library UPX PE64 PE File DLL OS Processor Check
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6403_us Sept. 20, 2023, 5:56 p.m. Sept. 20, 2023, 6:07 p.m.
Size 1.1MB
Type PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5 be88f13ad2e21025d52e61a57bc1fe12
SHA256 8e811ce651e84105b197539e75d3f7ee69b58f68cbe2f15521669aadf7d23cf3
CRC32 EB69A356
ssdeep 24576:caSL9yrK87ycT+RZCP8Z10xlcyolNVJ5QD3oi:5K87ycTsZ5Z1IPWJQD3oi
PDB Path D:\Mktmp\Amadey\StealerDLL\x64\Release\STEALERDLL.pdb
Yara
  • Malicious_Library_Zero - Malicious_Library
  • UPX_Zero - UPX packed file
  • infoStealer_browser_b_Zero - browser info stealer
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
  • IsPE64 - (no description)
  • OS_Processor_Check_Zero - OS Processor Check

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

pdb_path D:\Mktmp\Amadey\StealerDLL\x64\Release\STEALERDLL.pdb
section _RDATA
Bkav W32.AIDetectMalware.64
Lionic Trojan.Win32.Convagent.4!c
MicroWorld-eScan Gen:Variant.Zusy.477261
ClamAV Win.Malware.Zusy-9985435-0
FireEye Gen:Variant.Zusy.477261
ALYac Gen:Variant.Zusy.477261
Malwarebytes Spyware.PasswordStealer
VIPRE Gen:Variant.Zusy.477261
Sangfor Trojan.Win32.Save.a
CrowdStrike win/malicious_confidence_100% (W)
BitDefender Gen:Variant.Zusy.477261
Arcabit Trojan.Zusy.D7484D
Cyren W64/Zusy.RV.gen!Eldorado
Symantec ML.Attribute.HighConfidence
Elastic malicious (high confidence)
ESET-NOD32 a variant of Win32/TrojanDownloader.Amadey.G
Cynet Malicious (score: 100)
Kaspersky Trojan-PSW.Win64.Stealer.cqc
Alibaba TrojanDownloader:Win32/Amadey.e3b44d7c
ViRobot Trojan.Win.Z.Zusy.1110016.H
Rising Stealer.Convagent!8.1326D (TFE:5:7c4j9hQ2SPS)
Emsisoft Gen:Variant.Zusy.477261 (B)
F-Secure Heuristic.HEUR/AGEN.1301090
TrendMicro TROJ_GEN.R002C0DIJ23
McAfee-GW-Edition BehavesLike.Win64.Emotet.th
Sophos Troj/Steal-DCI
Avira HEUR/AGEN.1301090
MAX malware (ai score=87)
Antiy-AVL Trojan[Downloader]/Win32.Amadey
Gridinsoft Trojan.Win64.Downloader.ns
Microsoft Trojan:Win32/Amadey!ic
ZoneAlarm Trojan-PSW.Win64.Stealer.cqc
GData Gen:Variant.Zusy.477261
Google Detected
AhnLab-V3 Trojan/Win.Generic.R595469
McAfee Artemis!BE88F13AD2E2
DeepInstinct MALICIOUS
Cylance unsafe
Panda Trj/GdSda.A
TrendMicro-HouseCall TROJ_GEN.R002C0DIJ23
Tencent Win32.Trojan.Agen.Xdkl
Ikarus Trojan-PSW.Agent
Fortinet W32/Amadey.G!tr.dldr
AVG Win64:PWSX-gen [Trj]
Avast Win64:PWSX-gen [Trj]