popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

chromepass.exe

Gen1 Malicious Library UPX Anti_VM ftp PE64 PE File OS Processor Check ZIP Format DLL
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 Dec. 6, 2023, 12:12 p.m. Dec. 6, 2023, 12:16 p.m.
Size 7.7MB
Type PE32+ executable (console) x86-64, for MS Windows
MD5 83deabd1a3d271493c2084cb2cc0b975
SHA256 0f99ffd1922111c7dfa9f59f23bbd8490894c6d5640fe901f3bca388b1e4881b
CRC32 9CDFD901
ssdeep 196608:UoNdzUjpRpkL2Vmd6+DXLZy7YM30LzajY1ljvYDCSpXSg:7oVRpkL2Vmd6m70GzajYfrSc
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsPE64 - (no description)
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
164.124.101.2 Active Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Time & API Arguments Status Return Repeated

GlobalMemoryStatusEx

 1 1 0
section _RDATA
file C:\Users\test22\AppData\Local\Temp\_MEI26562\sqlite3.dll
file C:\Users\test22\AppData\Local\Temp\_MEI26562\libcrypto-1_1.dll
file C:\Users\test22\AppData\Local\Temp\_MEI26562\python39.dll
file C:\Users\test22\AppData\Local\Temp\_MEI26562\libffi-7.dll
file C:\Users\test22\AppData\Local\Temp\_MEI26562\win32\pywintypes39.dll
file C:\Users\test22\AppData\Local\Temp\_MEI26562\libssl-1_1.dll
file C:\Users\test22\AppData\Local\Temp\_MEI26562\VCRUNTIME140.dll
section {u'size_of_data': u'0x0000f200', u'virtual_address': u'0x00052000', u'entropy': 7.35626172668467, u'name': u'.rsrc', u'virtual_size': u'0x0000f00c'} entropy 7.35626172668 description A section with a high entropy has been found
Bkav W64.AIDetectMalware
Lionic Trojan.Win32.Shelm.tso7
Elastic malicious (high confidence)
FireEye Generic.mg.83deabd1a3d27149
Skyhigh BehavesLike.Win64.Backdoor.wc
Malwarebytes Spyware.PasswordStealer.Python
Sangfor Infostealer.Python.Agent.Vydh
Alibaba TrojanPSW:Win32/Almi_Stealer.c
Symantec Trojan.Gen.2
ESET-NOD32 Python/PSW.Agent.AYE
Kaspersky not-a-virus:HEUR:PSWTool.Python.LaZagne.gen
Avast FileRepMalware [Misc]
Sophos Generic Reputation PUA (PUA)
F-Secure Trojan.TR/PSW.Agent.ufzvk
Google Detected
Avira TR/PSW.Agent.ufzvk
Varist W64/ABRisk.SCTR-9076
Kingsoft Win32.Troj.Generic.jm
Microsoft Program:Win32/Wacapew.C!ml
Xcitium Malware@#2m7q18w41tpou
ZoneAlarm not-a-virus:HEUR:PSWTool.Python.LaZagne.gen
Cynet Malicious (score: 100)
McAfee Artemis!83DEABD1A3D2
Cylance unsafe
Panda Trj/CI.A
TrendMicro-HouseCall TROJ_GEN.R002H0CH723
Tencent Win32.Trojan.Lazagne.Edhl
MaxSecure Trojan.Malware.121218.susgen
Fortinet Adware/Agent
AVG FileRepMalware [Misc]
DeepInstinct MALICIOUS
CrowdStrike win/malicious_confidence_100% (W)