popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

taskeng.exe

UPX Malicious Library OS Processor Check PE32 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6403_us Nov. 14, 2023, 7:55 a.m. Nov. 14, 2023, 8:08 a.m.
Size 158.8KB
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 8cd79908aa72e2f763392a9fe45b46db
SHA256 61b37bf1f1ab876f1b9f0d6e407e7086f80c3f3fdea1ac7946c29464f8d66af3
CRC32 70E153E7
ssdeep 3072:EQFxZmgnIYhD8ZhnfXOCAvKjZRro15mQsANtX6FK8YBbo7WqfeTJp5zx:PFxZmgnh5knGnqVo1wQz3XTxB19p51
Yara
  • Malicious_Library_Zero - Malicious_Library
  • IsPE32 - (no description)
  • PE_Header_Zero - PE File Signature
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Time & API Arguments Status Return Repeated

GetComputerNameW

 computer_name: TEST22-PC
1 1 0
wmi SELECT Model FROM Win32_ComputerSystem
wmi SELECT Model FROM Win32_ComputerSystem