popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

d1e3511d22c7f4502e50699a6735aa38.exe

Malicious Library UPX .NET DLL PE File DLL OS Processor Check PE32
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 Sept. 23, 2023, 7:48 p.m. Sept. 23, 2023, 7:48 p.m.
Size 3.1MB
Type PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 d1e3511d22c7f4502e50699a6735aa38
SHA256 ceb1bd510da6ed1bbd8f4c4e4174f4c39d84d6b9b1b5efd4602b5c2a73e1c1d8
CRC32 521766D7
ssdeep 49152:Jh37CViUeB+VEBmIn5m0stUE766fLHKQPwhP5k0pR:JOe/BF5mnxxfLHHE60pR
PDB Path Fiber.pdb
Yara
  • Malicious_Library_Zero - Malicious_Library
  • Is_DotNET_DLL - (no description)
  • UPX_Zero - UPX packed file
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
  • IsPE32 - (no description)
  • OS_Processor_Check_Zero - OS Processor Check

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

pdb_path Fiber.pdb
section {u'size_of_data': u'0x00319a00', u'virtual_address': u'0x00002000', u'entropy': 7.396966714060866, u'name': u'.text', u'virtual_size': u'0x00319904'} entropy 7.39696671406 description A section with a high entropy has been found
entropy 0.999527707809 description Overall entropy of this PE file is high
Bkav W32.Common.41A49EE8
Lionic Trojan.Win32.Agent.Y!c
MicroWorld-eScan Gen:Variant.Zusy.472162
FireEye Gen:Variant.Zusy.472162
ALYac Gen:Variant.Zusy.472162
Cylance unsafe
Sangfor Downloader.Msil.Zusy.Vp11
K7AntiVirus Trojan-Downloader ( 005a77b81 )
Alibaba Trojan:MSIL/Generic.79ed4d5b
K7GW Trojan-Downloader ( 005a77b81 )
CrowdStrike win/malicious_confidence_100% (W)
Arcabit Trojan.Zusy.D73462
Baidu MSIL.Trojan.Crypto.a
Cyren W32/MSIL_Kryptik.JRF.gen!Eldorado
Symantec Trojan.Gen.MBT
Elastic malicious (high confidence)
ESET-NOD32 a variant of MSIL/TrojanDownloader.Agent.PIX
Cynet Malicious (score: 99)
Kaspersky HEUR:Trojan.MSIL.Agent.gen
BitDefender Gen:Variant.Zusy.472162
Avast Win32:Evo-gen [Trj]
Sophos Mal/Generic-S
F-Secure Trojan.TR/Dldr.Agent.ckhtg
VIPRE Gen:Variant.Zusy.472162
TrendMicro TROJ_GEN.R002C0PI323
McAfee-GW-Edition GenericRXWG-HW!D1E3511D22C7
Emsisoft Gen:Variant.Zusy.472162 (B)
Ikarus Trojan-Spy.Agent
Avira TR/Dldr.Agent.ckhtg
Antiy-AVL Trojan[Downloader]/MSIL.Agent
Microsoft Trojan:Win32/Wacatac.B!ml
ZoneAlarm HEUR:Trojan.MSIL.Agent.gen
GData Gen:Variant.Zusy.472162
Google Detected
AhnLab-V3 Trojan/Win.Generic.R526355
MAX malware (ai score=87)
Malwarebytes Trojan.Downloader.MSIL
TrendMicro-HouseCall TROJ_GEN.R002C0PI323
Fortinet MSIL/Agent.PIX!tr
AVG Win32:Evo-gen [Trj]
DeepInstinct MALICIOUS