popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Symbloa.dll

PE64 PE File DLL
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 Dec. 14, 2023, 6:52 p.m. Dec. 14, 2023, 7:09 p.m.
Size 220.3KB
Type PE32+ executable (DLL) (console) x86-64, for MS Windows
MD5 e55eb7a2b596ee04a0789a06b7d55db8
SHA256 791a18f606fa2fd23c23369e1c5759b53f9a465c223427a501ae1d81bcdb6f85
CRC32 768C3998
ssdeep 3072:YdAFFuKGVbp3MCnmtjPTLkNXSXm1sgIkDHQtoJ1CkSZ+7/uLSuz3T56cr8Q99Bh:Y4nAb2z/kRSdSv5Se43T56crt/Bh
Yara
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
  • IsPE64 - (no description)

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Time & API Arguments Status Return Repeated

IsDebuggerPresent

 0 0
Time & API Arguments Status Return Repeated

NtProtectVirtualMemory

 process_identifier: 2708
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
length: 4096
protection: 64 (PAGE_EXECUTE_READWRITE)
base_address: 0x000000007304c000
process_handle: 0xffffffffffffffff
1 0 0
Bkav W64.AIDetectMalware
Cynet Malicious (score: 100)
Cylance unsafe
Sangfor Trojan.Win64.Kryptik.Vymj
CrowdStrike win/malicious_confidence_100% (W)
Symantec ML.Attribute.HighConfidence
Elastic malicious (high confidence)
ESET-NOD32 a variant of Win64/Kryptik.DWA
Avast FileRepMalware [Misc]
Kaspersky UDS:DangerousObject.Multi.Generic
Alibaba Trojan:Win64/Meterpreter.8943af7e
Rising Trojan.Kryptik!8.8 (TFE:5:nYiZ0bvPHVT)
Sophos Mal/Generic-S
Antiy-AVL Trojan/Win64.Kryptik.dwa
Kingsoft Win32.Troj.Unknown.a
Microsoft Trojan:Win64/Meterpreter.CCAH!MTB
ZoneAlarm UDS:DangerousObject.Multi.Generic
AhnLab-V3 Trojan/Win.Generic.C5542114
DeepInstinct MALICIOUS
Malwarebytes Trojan.Crypt.Generic
AVG FileRepMalware [Misc]