Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6402	Feb. 18, 2024, 1:19 p.m.	Feb. 18, 2024, 1:19 p.m.

Size	5.3MB
Type	PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
MD5	`ce91eb459e4f6a9e2871088d855cd211`
SHA256	`12b782570b3630a56f7645426a52628cad63f1a9b014fcadc3abb8c33b6ab7cc`
CRC32	`B3C600A4`
ssdeep	`98304:Yasvip4VObE39Wkz4lkz4iGisntBFx3MVB1tBSh3gKxHDz:YahuvWjljxn/3WSh3VxHD`
PDB Path	G:\New Private Panell Src 3.0 New\New Private Panell Src 3.0 2025\New Private Panell Src 3.0\CADASTRO DE CLIENTE Rump 2024\CADASTRO DE CLIENTE\PROJETOAUTOMACAO.VB1\obj\x86\Debug\PROJETOAUTOMACAO.VB1.pdb
Yara	IsPE32 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) Antivirus - Contains references to security software Generic_Malware_Zero - Generic Malware Is_DotNET_DLL - (no description)

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

This executable has a PDB path (1 event)

pdb_path

G:\New Private Panell Src 3.0 New\New Private Panell Src 3.0 2025\New Private Panell Src 3.0\CADASTRO DE CLIENTE Rump 2024\CADASTRO DE CLIENTE\PROJETOAUTOMACAO.VB1\obj\x86\Debug\PROJETOAUTOMACAO.VB1.pdb

The binary likely contains encrypted or compressed data indicative of a packer (3 events)

section

{u'size_of_data': u'0x00533600', u'virtual_address': u'0x00002000', u'entropy': 7.0990135344907825, u'name': u'.text', u'virtual_size': u'0x00533428'}

entropy

7.09901353449

description

A section with a high entropy has been found

section

{u'size_of_data': u'0x00012200', u'virtual_address': u'0x00536000', u'entropy': 7.200809744276274, u'name': u'.rsrc', u'virtual_size': u'0x00012098'}

entropy

7.20080974428

description

A section with a high entropy has been found

entropy

0.99990738168

description

Overall entropy of this PE file is high

File has been identified by 39 AntiVirus engines on VirusTotal as malicious (39 events)

Lionic	Trojan.Win32.Generic.4!c
Cynet	Malicious (score: 100)
Skyhigh	Artemis!Trojan
ALYac	Gen:Variant.Zusy.536283
Cylance	unsafe
VIPRE	Gen:Variant.Zusy.536283
Sangfor	Trojan.Msil.Injector.V5jn
CrowdStrike	win/malicious_confidence_100% (W)
BitDefender	Gen:Variant.Zusy.536283
Arcabit	Trojan.Zusy.D82EDB
Symantec	Trojan.Gen.MBT
ESET-NOD32	a variant of MSIL/Injector.VND
McAfee	Artemis!CE91EB459E4F
Avast	Win32:InjectorX-gen [Trj]
Kaspersky	HEUR:Trojan.MSIL.Agent.gen
Alibaba	Trojan:MSIL/Injector.8008e26b
MicroWorld-eScan	Gen:Variant.Zusy.536283
Emsisoft	Gen:Variant.Zusy.536283 (B)
F-Secure	Trojan.TR/Injector.zirwj
DrWeb	Trojan.InjectNET.17
FireEye	Gen:Variant.Zusy.536283
Sophos	Mal/Generic-S
Ikarus	Backdoor.Remcos
Google	Detected
Avira	TR/Injector.zirwj
MAX	malware (ai score=87)
Antiy-AVL	Trojan/Win32.Wacatac
Microsoft	Trojan:Win32/Wacatac.B!ml
ZoneAlarm	HEUR:Trojan.MSIL.Agent.gen
GData	Gen:Variant.Zusy.536283
Varist	W32/MSIL_Troj.C.gen!Eldorado
AhnLab-V3	Trojan/Win.Generic.C5588262
DeepInstinct	MALICIOUS
Malwarebytes	RiskWare.Agent.MSIL
Panda	Trj/Chgt.AD
TrendMicro-HouseCall	TROJ_GEN.R002H0CBD24
Tencent	Msil.Trojan.Agent.Ijgl
Fortinet	MSIL/Injector.VND!tr
AVG	Win32:InjectorX-gen [Trj]

new_image.jpg.exe

Process Tree Toggle all

Network Toggle all

Suricata Toggle all

Suricata Alerts

Suricata TLS

Signatures Toggle All