popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

chrmap.exe

Malicious Library UPX Malicious Packer PE File OS Processor Check PE32
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 Oct. 10, 2023, 6:35 p.m. Oct. 10, 2023, 6:37 p.m.
Size 810.0KB
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 e02a020b9184bc97405f337e6463fb8b
SHA256 b89c5a9c7ae50cdd6825a645c72d8a7009c38f0372db4fe5224c7e2af8200be4
CRC32 52AC1CA3
ssdeep 12288:EassGvch66hNN0XKCstHcOkh2Saw7biHondcOFcWnuo:EddMbwKllcPowMonlzu
Yara
  • Malicious_Library_Zero - Malicious_Library
  • UPX_Zero - UPX packed file
  • Malicious_Packer_Zero - Malicious Packer
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • OS_Processor_Check_Zero - OS Processor Check

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section {u'size_of_data': u'0x00078e00', u'virtual_address': u'0x00006000', u'entropy': 7.999475786265984, u'name': u'.data', u'virtual_size': u'0x0007c994'} entropy 7.99947578627 description A section with a high entropy has been found
entropy 0.597651421508 description Overall entropy of this PE file is high
Bkav W32.AIDetectMalware
MicroWorld-eScan Trojan.GenericKD.69573538
McAfee Artemis!E02A020B9184
Cylance unsafe
Sangfor Trojan.Win32.Save.a
K7AntiVirus Riskware ( 00584baa1 )
K7GW Riskware ( 00584baa1 )
CrowdStrike win/malicious_confidence_90% (W)
Symantec ML.Attribute.HighConfidence
Elastic malicious (high confidence)
Cynet Malicious (score: 100)
APEX Malicious
BitDefender Trojan.GenericKD.69573538
Emsisoft Trojan.GenericKD.69573538 (B)
TrendMicro Backdoor.Win32.REMCOS.YXDJCZ
McAfee-GW-Edition BehavesLike.Win32.BadFile.ch
Trapmine malicious.moderate.ml.score
FireEye Generic.mg.e02a020b9184bc97
Sophos Mal/Generic-S
SentinelOne Static AI - Suspicious PE
GData Trojan.GenericKD.69573538
Antiy-AVL Trojan/Win32.Agent
Kingsoft malware.kb.a.998
Gridinsoft Trojan.Win32.Gen.sa
Arcabit Trojan.Generic.D4259BA2
Microsoft VirTool:Win32/Sysdupate.N!MTB
MAX malware (ai score=88)
Malwarebytes Backdoor.RemoteAccessTrojan
TrendMicro-HouseCall Backdoor.Win32.REMCOS.YXDJCZ
Rising Trojan.Generic@AI.100 (RDML:X94bPc7crQv7j8eCRquiIA)
Fortinet W32/PossibleThreat
Cybereason malicious.dfc103
DeepInstinct MALICIOUS