popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Akh.exe

PE64 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6403_us Oct. 6, 2023, 5:42 p.m. Oct. 6, 2023, 5:44 p.m.
Size 1.2MB
Type PE32+ executable (GUI) x86-64, for MS Windows
MD5 ea7e83d83566d5aeceef44caf31cc59d
SHA256 9d0ed01a625165d3d974f018400f6ffb354b1151ab6dfde032f49c0bdd5707d1
CRC32 BDAE5112
ssdeep 24576:jIfBznnRHmCciIqCoN7FLpn7oVIX6NS2zZ5hAhd9B4wN/a+aHZyp5:UfBznnAiIqCWZNqzZghdfNi7Z45
Yara
  • PE_Header_Zero - PE File Signature
  • IsPE64 - (no description)

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Time & API Arguments Status Return Repeated

GlobalMemoryStatusEx

 1 1 0
section {u'size_of_data': u'0x00134a00', u'virtual_address': u'0x002da000', u'entropy': 7.999723501130941, u'name': u'UPX1', u'virtual_size': u'0x00135000'} entropy 7.99972350113 description A section with a high entropy has been found
entropy 0.998382531338 description Overall entropy of this PE file is high
section UPX0 description Section name indicates UPX
section UPX1 description Section name indicates UPX
Bkav W64.AIDetectMalware
VIPRE Gen:Variant.Ser.Lazy.5221
Symantec ML.Attribute.HighConfidence
Elastic malicious (moderate confidence)
Kaspersky UDS:Trojan.Win32.Packed.emu
Trapmine malicious.moderate.ml.score
Microsoft Trojan:Win32/Sabsik.TE.B!ml
ZoneAlarm VHO:Backdoor.Win32.Agent.gen
ALYac Gen:Variant.Ser.Lazy.5221
Rising Trojan.Kryptik!8.8 (TFE:5:hfONLuMLcMI)
Fortinet W64/GenKryptik.GMLB!tr