popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

a3d5715a81f2fbeb_memz.exe

Malicious Library PE32 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 Oct. 7, 2023, 3:31 p.m. Oct. 7, 2023, 3:33 p.m.
Size 14.5KB
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 19dbec50735b5f2a72d4199c4e184960
SHA256 a3d5715a81f2fbeb5f76c88c9c21eeee87142909716472f911ff6950c790c24d
CRC32 D987E890
ssdeep 192:sIvxdXSQeWSg9JJS/lcIEiwqZKBkDFR43xWTM3LHn8f26gyr6yfFCj3r:sMVSaSEglcIqq3agmLc+6gyWqFCj
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Time & API Arguments Status Return Repeated

GlobalMemoryStatusEx

 1 1 0
Time & API Arguments Status Return Repeated

__exception__

 stacktrace: 
GetThreadDesktop+0xd7 GetWindowLongW-0x2c4 user32+0x16d3a @ 0x75856d3a
CharPrevW+0x138 TranslateMessage-0x45 user32+0x177c4 @ 0x758577c4
DispatchMessageW+0xf GetMessageW-0x58 user32+0x1788a @ 0x7585788a
DialogBoxIndirectParamW+0x20a DialogBoxIndirectParamAorW-0x57 user32+0x3cdfd @ 0x7587cdfd
DialogBoxIndirectParamAorW+0x108 SetDlgItemTextW-0x44 user32+0x3cf5c @ 0x7587cf5c
SoftModalMessageBox+0x757 MessageBoxTimeoutW-0x391 user32+0x6f73c @ 0x758af73c
SoftModalMessageBox+0xa33 MessageBoxTimeoutW-0xb5 user32+0x6fa18 @ 0x758afa18
MessageBoxTimeoutW+0x52 MessageBoxTimeoutA-0x9 user32+0x6fb1f @ 0x758afb1f
New_user32_MessageBoxTimeoutW@24+0x5e New_user32_RegisterHotKey@16-0x159 @ 0x736f76de
MessageBoxTimeoutA+0x76 MessageBoxIndirectA-0x33 user32+0x6fb9e @ 0x758afb9e
New_user32_MessageBoxTimeoutA@24+0x137 New_user32_MessageBoxTimeoutW@24-0x80 @ 0x736f7600
MessageBoxExA+0x1b MessageBoxExW-0x9 user32+0x6fcf1 @ 0x758afcf1
MessageBoxA+0x18 MessageBoxW-0x9 user32+0x6fd36 @ 0x758afd36
a3d5715a81f2fbeb_memz+0x1479 @ 0x12e1479
BaseThreadInitThunk+0x12 VerifyConsoleIoHandle-0xb3 kernel32+0x133ca @ 0x755c33ca
RtlInitializeExceptionChain+0x63 RtlAllocateActivationContextStack-0xa1 ntdll+0x39ed2 @ 0x76f49ed2
RtlInitializeExceptionChain+0x36 RtlAllocateActivationContextStack-0xce ntdll+0x39ea5 @ 0x76f49ea5

exception.symbol:
exception.exception_code: 0xc0000005
exception.address: 0x73403c8c
registers.esp: 3340248
registers.edi: 0
registers.eax: 1933589644
registers.ebp: 3340288
registers.edx: 0
registers.ebx: 0
registers.esi: 1933589644
registers.ecx: 9637224
1 0 0
Bkav W32.AIDetectMalware
Lionic Trojan.Win32.DiskWriter.tnbd
Cynet Malicious (score: 100)
CAT-QuickHeal Trojan.Mauvaise.S2299117
ALYac Trojan.Diskwriter.gen
Cylance unsafe
VIPRE Trojan.AgentWDCR.PKD
Sangfor Suspicious.Win32.Save.a
K7AntiVirus Riskware ( 0040eff71 )
Alibaba Trojan:Win32/DiskWriter.ded37607
K7GW Riskware ( 0040eff71 )
VirIT Trojan.Win32.KillMBR.BKSD
Cyren W32/Diskwriter.RJSJ-6696
Symantec Deltree Trojan
Elastic malicious (high confidence)
ESET-NOD32 Win32/Zmem.A
APEX Malicious
ClamAV Win.Malware.Diskwriter-6914536-0
Kaspersky Trojan.Win32.DiskWriter.ez
BitDefender Trojan.AgentWDCR.PKD
NANO-Antivirus Trojan.Win32.DiskWriter.ekeock
ViRobot Trojan.Win32.S.Agent.14848.MW
MicroWorld-eScan Trojan.AgentWDCR.PKD
Avast Win32:MalwareX-gen [Trj]
Tencent Malware.Win32.Gencirc.10b18ce5
Emsisoft Trojan.AgentWDCR.PKD (B)
F-Secure Trojan.TR/Rozena.AP
DrWeb Trojan.KillMBR.24807
Zillya Trojan.DiskWriter.Win32.211
TrendMicro TROJ_MEMZWIPER.A
McAfee-GW-Edition BehavesLike.Win32.Generic.lh
Trapmine malicious.high.ml.score
FireEye Generic.mg.19dbec50735b5f2a
Sophos Mal/EncPk-YG
GData Win32.Trojan.Agent.TLUCQP
Jiangmin Trojan.DiskWriter.aa
Webroot W32.Trojan.Gen
Avira TR/Rozena.AP
MAX malware (ai score=100)
Antiy-AVL Trojan/Win32.TSGeneric
Kingsoft Win32.Troj.DiskWriter.ez
Gridinsoft Trojan.Win32.Agent.dg
Xcitium Malware@#azw7fthdwxzq
Arcabit Trojan.AgentWDCR.PKD
SUPERAntiSpyware Trojan.Agent/Gen-Crypt
ZoneAlarm Trojan.Win32.DiskWriter.ez
Microsoft Trojan:Win32/Dynamer!bit
Google Detected
AhnLab-V3 Trojan/Win32.DiskWriter.C1514156
McAfee RDN/Generic.grp