popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

rumpe.jpg.exe

Malicious Library UPX .NET DLL PE File DLL OS Processor Check PE32
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 Oct. 27, 2023, 1:27 p.m. Oct. 27, 2023, 1:27 p.m.
Size 3.1MB
Type PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 85fa49d81d22418534ded291306be57d
SHA256 f87ba211e66f239959055b6f1a57ab6a6a93763e104c52cbb6392496edfab6b7
CRC32 0FBD6941
ssdeep 49152:gQOt3DLbtmTQ9hJZreTkRg90S93P0L6ZWdWzQ7KzoxeKYVqWe+jl:V28TkeUqB0L6TzQpxe5Vdhh
PDB Path Fiber.pdb
Yara
  • Malicious_Library_Zero - Malicious_Library
  • Is_DotNET_DLL - (no description)
  • UPX_Zero - UPX packed file
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
  • IsPE32 - (no description)
  • OS_Processor_Check_Zero - OS Processor Check

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

pdb_path Fiber.pdb
section {u'size_of_data': u'0x00319200', u'virtual_address': u'0x00002000', u'entropy': 7.398304903921883, u'name': u'.text', u'virtual_size': u'0x003190b4'} entropy 7.39830490392 description A section with a high entropy has been found
entropy 0.999527410208 description Overall entropy of this PE file is high
MicroWorld-eScan Gen:Variant.Zusy.472162
Skyhigh BehavesLike.Win32.Generic.wc
ALYac Gen:Variant.Zusy.472162
Malwarebytes Trojan.Downloader.MSIL
K7AntiVirus Trojan-Downloader ( 005a77b81 )
K7GW Trojan-Downloader ( 005a77b81 )
CrowdStrike win/malicious_confidence_70% (D)
Arcabit Trojan.Zusy.D73462
Elastic malicious (high confidence)
ESET-NOD32 a variant of MSIL/TrojanDownloader.Agent.PIX
Kaspersky HEUR:Backdoor.MSIL.Remcos.gen
BitDefender Gen:Variant.Zusy.472162
Avast Win32:Evo-gen [Trj]
Emsisoft Gen:Variant.Zusy.472162 (B)
Baidu MSIL.Trojan.Crypto.a
VIPRE Gen:Variant.Zusy.472162
FireEye Gen:Variant.Zusy.472162
Varist W32/MSIL_Kryptik.JRF.gen!Eldorado
Microsoft Trojan:Win32/Sabsik.TE.B!ml
ZoneAlarm HEUR:Backdoor.MSIL.Remcos.gen
GData Gen:Variant.Zusy.472162
Google Detected
AhnLab-V3 Trojan/Win.Generic.R526355
McAfee Trojan-FVUC!85FA49D81D22
MAX malware (ai score=82)
Ikarus Trojan-Spy.Agent
AVG Win32:Evo-gen [Trj]