popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

ma.exe

Generic Malware Malicious Library UPX Malicious Packer PE64 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 Dec. 4, 2023, 4:24 p.m. Dec. 4, 2023, 4:24 p.m.
Size 2.8MB
Type PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
MD5 81145190d0c6cb7c04a3c7b8de03fd16
SHA256 9f42a7790f14c3e857f8f2a26b6631387e93260d7c29e04f1a79e480bb3f0109
CRC32 E879A7E1
ssdeep 49152:lMogPZktaVfaQ2WShLvhFAumXAc7rF7IE:DkZktBhhLIubep7
Yara
  • Malicious_Library_Zero - Malicious_Library
  • Malicious_Packer_Zero - Malicious Packer
  • PE_Header_Zero - PE File Signature
  • IsPE64 - (no description)
  • UPX_Zero - UPX packed file
  • Generic_Malware_Zero - Generic Malware

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section {u'size_of_data': u'0x0029a000', u'virtual_address': u'0x00002000', u'entropy': 6.833754989334029, u'name': u'.text', u'virtual_size': u'0x00299e40'} entropy 6.83375498933 description A section with a high entropy has been found
entropy 0.932120363891 description Overall entropy of this PE file is high
Bkav W64.AIDetectMalware.CS
Elastic malicious (high confidence)
DrWeb Trojan.PackedNET.2228
Sangfor Virus.Win32.Save.a
Symantec ML.Attribute.HighConfidence
tehtris Generic.Malware
ESET-NOD32 a variant of MSIL/Packed.DotNetGuard.A suspicious
APEX Malicious
Kaspersky HEUR:Trojan.Win32.Generic
FireEye Generic.mg.81145190d0c6cb7c
Sophos Mal/Miner-AX
SentinelOne Static AI - Suspicious PE
Google Detected
Microsoft Trojan:Win32/Wacatac.B!ml
ZoneAlarm HEUR:Trojan.Win32.Generic
Cynet Malicious (score: 100)
CrowdStrike win/malicious_confidence_60% (D)