popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

get4.exe

PE64 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6403_us Oct. 6, 2023, 5:42 p.m. Oct. 6, 2023, 5:51 p.m.
Size 1.2MB
Type PE32+ executable (GUI) x86-64, for MS Windows
MD5 ff7517e244f6545e7936becd68aa0578
SHA256 206004034a63418c586b4ef2795a92fdca32ecc001df9d58fcab4fd984eca3d0
CRC32 F6A8D448
ssdeep 24576:1eS7LM2REcToMGIZg5cPBI3/mjw25RtZDYBW8fRrR:1f/M2REcEMISsmdsZR
Yara
  • PE_Header_Zero - PE File Signature
  • IsPE64 - (no description)

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Time & API Arguments Status Return Repeated

GlobalMemoryStatusEx

 1 1 0
section {u'size_of_data': u'0x00134a00', u'virtual_address': u'0x002da000', u'entropy': 7.99960490339015, u'name': u'UPX1', u'virtual_size': u'0x00135000'} entropy 7.99960490339 description A section with a high entropy has been found
entropy 0.998382531338 description Overall entropy of this PE file is high
section UPX0 description Section name indicates UPX
section UPX1 description Section name indicates UPX
Bkav W64.AIDetectMalware
Elastic malicious (moderate confidence)
ALYac Gen:Variant.Ser.Lazy.5221
Symantec ML.Attribute.HighConfidence
Kaspersky UDS:DangerousObject.Multi.Generic
VIPRE Gen:Variant.Ser.Lazy.5221
Trapmine malicious.moderate.ml.score
Microsoft Trojan:Win32/Sabsik.TE.B!ml
ZoneAlarm UDS:DangerousObject.Multi.Generic
Rising Trojan.Kryptik!8.8 (TFE:5:hfONLuMLcMI)
Fortinet W64/GenKryptik.GMLB!tr