popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

12.exe

Generic Malware Admin Tool (Sysinternals etc ...) UPX PE32 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 Jan. 31, 2024, 3:42 p.m. Jan. 31, 2024, 4:07 p.m.
Size 1.5MB
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 ac481092ba6b334ba64482381726c022
SHA256 c230cf0d3c075b686aa8935996fc01b7012d1751d03fd760542318537a4f6177
CRC32 AB5727EA
ssdeep 24576:ausGRdrEAbm4zesGRdrEAbm4zf+dNzlg7+EZnBkzF7RDb9DBAb030++slpDB3vCv:aubdYAm4zebdYAm4zf+3C7+EZ+9b9t+d
Yara
  • IsPE32 - (no description)
  • PE_Header_Zero - PE File Signature
  • Admin_Tool_IN_Zero - Admin Tool Sysinternals
  • UPX_Zero - UPX packed file
  • Generic_Malware_Zero - Generic Malware

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section {u'size_of_data': u'0x00162000', u'virtual_address': u'0x00001000', u'entropy': 7.481046895057461, u'name': u'.text', u'virtual_size': u'0x0016167c'} entropy 7.48104689506 description A section with a high entropy has been found
entropy 0.951612903226 description Overall entropy of this PE file is high
Bkav W32.AIDetectMalware
Lionic Trojan.Win32.Injects.4!c
Elastic malicious (high confidence)
Cynet Malicious (score: 100)
Skyhigh Artemis!Trojan
ALYac Gen:Trojan.Heur.VB.Dn2@e8Vjkjg
Cylance unsafe
VIPRE Gen:Trojan.Heur.VB.Dn2@e8Vjkjg
Sangfor Trojan.Win32.Injector.Vkoj
K7AntiVirus Trojan ( 005b09491 )
BitDefender Gen:Trojan.Heur.VB.Dn2@e8Vjkjg
K7GW Trojan ( 005b09491 )
Cybereason malicious.103b28
Arcabit Trojan.Heur.VB.EED2402
VirIT Trojan.Win32.GenusT.DUPD
Symantec ML.Attribute.HighConfidence
ESET-NOD32 a variant of Win32/Injector.ETOS
McAfee Artemis!AC481092BA6B
Avast Win32:InjectorX-gen [Trj]
Kaspersky Trojan.Win64.Injects.cpp
Alibaba Trojan:Win32/Injects.05f7c64a
NANO-Antivirus Trojan.Win32.VB.khysav
MicroWorld-eScan Gen:Trojan.Heur.VB.Dn2@e8Vjkjg
Emsisoft Gen:Trojan.Heur.VB.Dn2@e8Vjkjg (B)
F-Secure Trojan.TR/Injector.yktfp
TrendMicro TROJ_GEN.R002C0XAO24
FireEye Generic.mg.ac481092ba6b334b
Sophos Mal/Generic-S
Ikarus Trojan.Win32.Krypt
Webroot W32.Trojan.Gen
Google Detected
Avira TR/Injector.yktfp
MAX malware (ai score=83)
Antiy-AVL Trojan/Win64.Injects
Kingsoft Win32.Trojan.Agent.gen
Gridinsoft Malware.Win32.ZgRAT.tr
Microsoft Trojan:Win32/Leonem
ZoneAlarm Trojan.Win64.Injects.cpp
GData Gen:Trojan.Heur.VB.Dn2@e8Vjkjg
Varist W32/ABRisk.TCQV-4922
AhnLab-V3 Trojan/Win.Azorult.C5579710
BitDefenderTheta AI:Packer.9BB8CCF71E
DeepInstinct MALICIOUS
VBA32 Trojan.VB.Hider
Malwarebytes Spyware.AzorUlt
Panda Trj/Chgt.AD
TrendMicro-HouseCall TROJ_GEN.R002C0XAO24
Rising Trojan.Injector!1.C6AF (CLASSIC)
Fortinet W32/ETOS!tr
AVG Win32:InjectorX-gen [Trj]