popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

calc2.exe

UPX Malicious Library OS Processor Check PE32 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6403_us Sept. 30, 2023, 1:14 p.m. Sept. 30, 2023, 1:40 p.m.
Size 245.0KB
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 02c0527b5d7ae4a6e5fb3176b3edef66
SHA256 1310c11b53ad451a8222bd308be8d809e6e8969c3ab298892825b69308e95177
CRC32 18F45DE6
ssdeep 3072:wXr4k+rXnUqEzmeA7BdPUdRQ0ziSXy63FTyWl65286qFGYTkp:k0kqnJEa7BudViUFTyWTV0GYTk
PDB Path C:\xubelakosacela13\bavi\fowebefumu27\jofodixe\rig cilopupok.pdb
Yara
  • Malicious_Library_Zero - Malicious_Library
  • UPX_Zero - UPX packed file
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • OS_Processor_Check_Zero - OS Processor Check

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
34.104.35.123 Active Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

pdb_path C:\xubelakosacela13\bavi\fowebefumu27\jofodixe\rig cilopupok.pdb
section {u'size_of_data': u'0x00029200', u'virtual_address': u'0x00001000', u'entropy': 7.551753426270648, u'name': u'.text', u'virtual_size': u'0x0002905c'} entropy 7.55175342627 description A section with a high entropy has been found
entropy 0.674180327869 description Overall entropy of this PE file is high
host 34.104.35.123
Bkav W32.AIDetectMalware
Lionic Trojan.Win32.Agent.Y!c
ClamAV Win.Packer.pkr_ce1a-9980177-0
FireEye Generic.mg.02c0527b5d7ae4a6
CAT-QuickHeal Ransom.Stop.P5
McAfee Artemis!02C0527B5D7A
Cylance unsafe
Sangfor Trojan.Win32.Save.a
K7AntiVirus Trojan ( 005690671 )
K7GW Trojan ( 005690671 )
CrowdStrike win/malicious_confidence_100% (W)
Cyren W32/Kryptik.KSR.gen!Eldorado
Symantec ML.Attribute.HighConfidence
Elastic malicious (high confidence)
APEX Malicious
Cynet Malicious (score: 100)
Kaspersky UDS:Trojan.Win32.Chapak
Avast BotX-gen [Trj]
Tencent Trojan.Win32.Obfuscated.gen
McAfee-GW-Edition BehavesLike.Win32.Lockbit.dh
SentinelOne Static AI - Malicious PE
Webroot W32.Infostealer.Gen
Kingsoft malware.kb.a.1000
Microsoft Ransom:Win32/StopCrypt!ml
Gridinsoft Malware.Win32.Gen.bot
ZoneAlarm UDS:Trojan.Win32.Chapak
Google Detected
VBA32 BScope.Trojan.GenKryptik
Malwarebytes Generic.Malware/Suspicious
Rising Trojan.SmokeLoader!1.EB63 (CLASSIC)
Ikarus Trojan-Spy.Agent
MaxSecure Trojan.Malware.300983.susgen
Fortinet W32/GenKryptik.ERHN!tr
AVG BotX-gen [Trj]
Cybereason malicious.98273c
DeepInstinct MALICIOUS