popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

x_loader.exe

UPX OS Processor Check PE64 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6403_us Oct. 8, 2023, 10:41 a.m. Oct. 8, 2023, 10:47 a.m.
Size 187.0KB
Type PE32+ executable (GUI) x86-64, for MS Windows
MD5 28008ae8515c137603e3cb0a14c38795
SHA256 ca7f33e03be24e55e21620023e553a10975de033ae2ccdf82eb1b4066f570fe2
CRC32 B3CC0AC8
ssdeep 1536:7vach4C5miOAbFwwu6jSvhQrl4wRI/fun9auyR/M96i+ndOFleMYubd+pkuGRNA2:Dq84g3uFhQoAyR/g+nkBYOluhMHHDZ
Yara
  • UPX_Zero - UPX packed file
  • PE_Header_Zero - PE File Signature
  • IsPE64 - (no description)
  • OS_Processor_Check_Zero - OS Processor Check

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section .xObf
MicroWorld-eScan Trojan.GenericKD.69592952
Skyhigh BehavesLike.Win64.BadFile.ch
Sangfor Trojan.Win32.Agent.Vmq1
CrowdStrike win/malicious_confidence_100% (D)
Arcabit Trojan.Generic.D425E778
Symantec ML.Attribute.HighConfidence
Elastic malicious (high confidence)
APEX Malicious
Cynet Malicious (score: 100)
BitDefender Trojan.GenericKD.69592952
Emsisoft Trojan.GenericKD.69592952 (B)
VIPRE Trojan.GenericKD.69592952
TrendMicro Trojan.Win64.SMOKELOADER.YXDJDZ
FireEye Generic.mg.28008ae8515c1376
Sophos Mal/Generic-S
SentinelOne Static AI - Malicious PE
MAX malware (ai score=87)
Antiy-AVL Trojan/Win32.Caynamer
Gridinsoft Trojan.Win64.Caynamer.sa
Microsoft Trojan:Win32/ScarletFlash.A
GData Trojan.GenericKD.69592952
Cylance unsafe
TrendMicro-HouseCall Trojan.Win64.SMOKELOADER.YXDJDZ
Fortinet PossibleThreat.PALLAS.H
DeepInstinct MALICIOUS