Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
09.22 06:09
audiodg.exe
09.22 06:09
psfod.exe
09.22 06:09
73EtsZxIoDetWTu.exe
09.22 06:09
otqp9.exe
09.22 06:09
xx.exe
09.22 06:09
fck.exe
09.22 06:09
LummaC222222.exe
09.22 06:09
seethebestwayforunders...
09.22 06:09
Name.exe
09.22 06:09
needmoney.exe

Latest News
09.22 08:09
옥타코, MFA와 이지핑거 지문 보안키 ...
09.22 08:09
Hackfest, A New Event ...
09.22 08:09
엠클라우독, 문서 관리 및 정보보안 분야...
09.22 08:09
엘세븐시큐리티, 개인정보 차단 솔루션 시...
09.22 07:09
Examining Mobile Threa...
09.22 07:09
스패로우, SW 공급망 보안 시장서 리더...
09.22 07:09
스콥정보통신, 네트워크 자원관리 및 접근...
09.22 06:09
Unicorn2 Devblog: mmap...
09.22 06:09
국제 사이버범죄조직들에 맞서 치열한 전투...
09.22 05:09
Staffelstabübergabe de...

Summary | ZeroBOX

crypted.exe

UPX Malicious Library OS Processor Check PE32 PE File

Category	Machine	Started	Completed
FILE	s1_win7_x6401	Nov. 16, 2023, 7:50 a.m.	Nov. 16, 2023, 7:54 a.m.

Size	798.3KB
Type	PE32 executable (console) Intel 80386, for MS Windows
MD5	`8ddb35a58ac6c397b91541620a493008`
SHA256	`525b154b2bae8eda0627e58af0dbeaceda5cd83589a7d697700a9bc9780d8940`
CRC32	`6E14D5C7`
ssdeep	`12288:vlaZgr31TIkkJxauYuRWdSA6t3FzhC1K1C:vzBTbk9t3eQ1C`
PDB Path	C:\OA4dqUiqtOf1oMFpATgPaOzjwAqMrWxt\Inspection.pdb
Yara	Malicious_Library_Zero - Malicious_Library IsPE32 - (no description) PE_Header_Zero - PE File Signature UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

This executable has a PDB path (1 event)

pdb_path

C:\OA4dqUiqtOf1oMFpATgPaOzjwAqMrWxt\Inspection.pdb

The executable contains unknown PE section names indicative of a packer (could be a false positive) (3 events)

section	.bSs
section	.bSS
section	.00cfg

The executable uses a known packer (1 event)

packer

Microsoft Visual C++ V8.0 (Debug)