popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

50_2023-10-04_13-27.exe

UPX Malicious Library OS Processor Check PE32 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 Oct. 5, 2023, 7:40 a.m. Oct. 5, 2023, 7:49 a.m.
Size 799.0KB
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 1a341a36cd0d3e3ab04a1898194fba3a
SHA256 f085d02e9963e01c80fec62d35da0b433db957333a0d4bae4d7fe38d4ba41992
CRC32 E4B33B29
ssdeep 24576:t7uIkweuPIi6tHrlVZaaaNg8eCmLeLmkSGrcP:tpkweuPd8HrlVlaNZ2aLmkS++
PDB Path C:\fefo92.pdb
Yara
  • Malicious_Library_Zero - Malicious_Library
  • UPX_Zero - UPX packed file
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • OS_Processor_Check_Zero - OS Processor Check

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
164.124.101.2 Active Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

pdb_path C:\fefo92.pdb
resource name KELA
resource name LOXAWANAYATIJ
resource name None
section {u'size_of_data': u'0x000ba600', u'virtual_address': u'0x00001000', u'entropy': 7.967565146376964, u'name': u'.text', u'virtual_size': u'0x000ba4c4'} entropy 7.96756514638 description A section with a high entropy has been found
entropy 0.934210526316 description Overall entropy of this PE file is high