popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

davincizx.exe

.NET framework(MSIL) PE32 PE File .NET EXE
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6403_us Oct. 26, 2023, 10:17 a.m. Oct. 26, 2023, 10:21 a.m.
Size 488.5KB
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 9f12d35cb063268ba5e58c71c26ef0e4
SHA256 58d4abff5212da6745b6b5bc62862f87b336f215e96797c30f2ef4176643e1e2
CRC32 9C534213
ssdeep 12288:DAFn+p1xF8qiZXi3zWiG5MNLEeeDWvSwOBf4:inkYqB3Ct2LEeeDWbOBf
Yara
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • Is_DotNET_EXE - (no description)
  • Win32_Trojan_PWS_Net_1_Zero - Win32 Trojan PWS .NET Azorult

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section {u'size_of_data': u'0x00076e00', u'virtual_address': u'0x00002000', u'entropy': 7.939495241904659, u'name': u'.text', u'virtual_size': u'0x00076d34'} entropy 7.9394952419 description A section with a high entropy has been found
section {u'size_of_data': u'0x00003000', u'virtual_address': u'0x0007a000', u'entropy': 7.705677851401702, u'name': u'.rsrc', u'virtual_size': u'0x00002ec4'} entropy 7.7056778514 description A section with a high entropy has been found
entropy 0.998975409836 description Overall entropy of this PE file is high
Lionic Trojan.Win32.Noon.4!c
tehtris Generic.Malware
Skyhigh BehavesLike.Win32.Generic.gc
Malwarebytes Spyware.Noon.MSIL
Sangfor Spyware.Msil.Noon.Vzb4
CrowdStrike win/malicious_confidence_100% (W)
VirIT Trojan.Win32.MSIL_Heur.A
Symantec Scr.Malcode!gdn34
Elastic malicious (high confidence)
ESET-NOD32 a variant of MSIL/Kryptik.AJYK
APEX Malicious
Kaspersky HEUR:Trojan-Spy.MSIL.Noon.gen
Rising Spyware.Noon!8.E7C9 (CLOUD)
Sophos Troj/Krypt-ABH
F-Secure Trojan.TR/Kryptik.nppbu
DrWeb Trojan.Inject4.59820
Trapmine malicious.moderate.ml.score
Ikarus Win32.Outbreak
GData Trojan.GenericKD.70039462
Webroot W32.Malware.Gen
Google Detected
Avira TR/Kryptik.nppbu
Varist W32/MSIL_Kryptik.KAE.gen!Eldorado
Gridinsoft Ransom.Win32.LokiBot.bot
ZoneAlarm HEUR:Trojan-Spy.MSIL.Noon.gen
Microsoft Trojan:MSIL/FormBook.AFB!MTB
Cynet Malicious (score: 100)
McAfee Artemis!9F12D35CB063
DeepInstinct MALICIOUS
Cylance unsafe
Panda Trj/Chgt.AD
TrendMicro-HouseCall TROJ_GEN.R002H0DJP23
SentinelOne Static AI - Malicious PE
MaxSecure Trojan.Malware.300983.susgen
Fortinet MSIL/Kryptik.XSWP!tr
AVG Win32:PWSX-gen [Trj]
Avast Win32:PWSX-gen [Trj]