Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
09.22 04:09
2.exe
09.21 02:09
random.exe
09.21 02:09
sdhsfd.exe
09.21 02:09
66edb89bc4073_crypted....
09.21 02:09
66ed33772bbe7_vdfhsjf1...
09.21 02:09
game.exe
09.21 02:09
66ebb3bf78bd6_Send.exe...
09.21 02:09
66ed33717e4c1_vfdshfda...
09.21 02:09
random.exe
09.21 02:09
66ed336eac985_vdfhssfd...

Latest News
09.22 04:09
Was können Roboter wir...
09.22 04:09
Schluss mit Basis-Auth...
09.22 04:09
Deutsches Jugendherber...
09.22 02:09
Learn How to Dissect B...
09.22 02:09
Jumperless Breadboard ...
09.22 02:09
Hacker behind Snowflak...
09.22 01:09
03 - Identifying Signs...
09.22 01:09
Hacktivist Group Twelv...
09.22 01:09
Join us at Microsoft I...
09.22 01:09
How comprehensive secu...

Summary | ZeroBOX

random.exe

Malicious Library UPX Malicious Packer PE64 PE File OS Processor Check

Category	Machine	Started	Completed
FILE	s1_win7_x6403_us	Oct. 12, 2023, 7:42 a.m.	Oct. 12, 2023, 7:47 a.m.

Size	4.3MB
Type	PE32+ executable (console) x86-64, for MS Windows
MD5	`c47b267a11aaf34abcf7ceec04e629c1`
SHA256	`cdd242949c27e36165097665a7c381247579401853b06e88d2e430b55e115105`
CRC32	`7B3948DE`
ssdeep	`49152:rxjExlHWRF3fK9D+dXbk9BDkIG3uhgFt6kppmmSkHpf:rwloVT3zmil`
Yara	Malicious_Library_Zero - Malicious_Library UPX_Zero - UPX packed file Malicious_Packer_Zero - Malicious Packer PE_Header_Zero - PE File Signature IsPE64 - (no description) OS_Processor_Check_Zero - OS Processor Check

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

The executable contains unknown PE section names indicative of a packer (could be a false positive) (2 events)

section	.managed
section	_RDATA

File has been identified by 16 AntiVirus engines on VirusTotal as malicious (16 events)

Bkav	W64.AIDetectMalware
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Lazy.408893
Arcabit	Trojan.Lazy.D63D3D
ESET-NOD32	a variant of Win64/Kryptik.EAV
BitDefender	Gen:Variant.Lazy.408893
Avast	Win64:MalwareX-gen [Trj]
Emsisoft	Gen:Variant.Lazy.408893 (B)
FireEye	Gen:Variant.Lazy.408893
MAX	malware (ai score=86)
Antiy-AVL	Trojan/Win32.Wacatac
Microsoft	Trojan:Win32/Sabsik.RD.A!ml
GData	Gen:Variant.Lazy.408893
Malwarebytes	Trojan.MalPack.Generic
Fortinet	W64/GenKryptik.GMLB!tr
AVG	Win64:MalwareX-gen [Trj]