popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

setup294.dll

Malicious Library PE32 PE File DLL
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6403_us Dec. 23, 2023, 6:17 p.m. Dec. 23, 2023, 6:22 p.m.
Size 2.1MB
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 f8da2527550d3cd4ace397705dcfc72d
SHA256 62f90dc9cb5575d3147335e7e16b4d116cb3daf1b28ce7626e576d4099a3e956
CRC32 645B9871
ssdeep 49152:v2OQ9V8A4lQhbb2rR6JQ0f1uK7px2j2kHAxUQLPUa:Ai/Q5mF0f1uK7px2j24AxXPU
Yara
  • Malicious_Library_Zero - Malicious_Library
  • IsPE32 - (no description)
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section yvQ
section c83H3w4t
section {u'size_of_data': u'0x0005b000', u'virtual_address': u'0x00004000', u'entropy': 7.996711403716915, u'name': u'.rdata', u'virtual_size': u'0x0005ae03'} entropy 7.99671140372 description A section with a high entropy has been found
section {u'size_of_data': u'0x000f7000', u'virtual_address': u'0x00076000', u'entropy': 7.99884820454385, u'name': u'yvQ', u'virtual_size': u'0x000f6b02'} entropy 7.99884820454 description A section with a high entropy has been found
section {u'size_of_data': u'0x000ae000', u'virtual_address': u'0x0016d000', u'entropy': 7.998491777241314, u'name': u'c83H3w4t', u'virtual_size': u'0x000adb74'} entropy 7.99849177724 description A section with a high entropy has been found
entropy 0.934306569343 description Overall entropy of this PE file is high
Bkav W32.AIDetectMalware
MicroWorld-eScan Gen:Variant.Zusy.530679
FireEye Generic.mg.f8da2527550d3cd4
Skyhigh BehavesLike.Win32.Generic.vc
McAfee Artemis!F8DA2527550D
Cylance unsafe
Sangfor Trojan.Win32.Save.a
CrowdStrike win/malicious_confidence_100% (D)
BitDefenderTheta Gen:NN.ZedlaF.36608.jE8@auXoM0m
Symantec Packed.Generic.553
Elastic malicious (high confidence)
Cynet Malicious (score: 100)
APEX Malicious
Kaspersky VHO:Trojan.Win32.Zenpak.gen
BitDefender Gen:Variant.Zusy.530679
Sophos ML/PE-A
SentinelOne Static AI - Malicious PE
Varist W32/Kryptik.LCO.gen!Eldorado
Kingsoft malware.kb.a.968
Gridinsoft Trojan.Heur!.02092020
ZoneAlarm VHO:Trojan.Win32.Zenpak.gen
GData Gen:Variant.Zusy.530679
Google Detected
Acronis suspicious
MAX malware (ai score=83)
Rising Trojan.Generic@AI.94 (RDML:Zd2Onkga3C2zdksF4tWtLQ)
Fortinet W32/Kryptik.HUEI!tr
DeepInstinct MALICIOUS