Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
11.11 10:11
bxn.exe
11.11 10:11
glued.hta
11.11 10:11
MONDAYconstraints.vbs
11.11 10:11
tartarises.vbs
11.11 10:11
xwo.exe
11.11 10:11
comehomeconstraints.vbs
11.11 10:11
hello.exe
11.11 10:11
chrome_130.exe
11.11 10:11
s.exe
11.11 10:11
Citatfusk.vbe

Latest News
11.13 10:11
로그인 정보를 훔치는것 으로 추정 되는 ...
11.13 10:11
유니닥스, AI 기반 주얼리 검색 시스템...
11.13 10:11
퓨어피크, ‘솔리드 라인’ 초도 물량 완...
11.13 10:11
커버낫 우먼, ‘호빵 X 클로버하트’ 카...
11.13 09:11
(주)아삭·(주)유독컴퍼니, 소상공인 및...
11.13 09:11
Weekly Detection Rule ...
11.13 09:11
그라스메디 ‘자유펫’, 2025 JKC ...
11.13 09:11
November Patch Tuesday...
11.13 09:11
WAV2VGM Plays Audio Vi...
11.13 09:11
로코모션뷰, 무료 AI 뉴스레터와 함께 ...

Summary | ZeroBOX

cmd.exe

Gen1 Generic Malware Malicious Library UPX Malicious Packer PE64 PE File OS Processor Check

Category	Machine	Started	Completed
FILE	s1_win7_x6401	Feb. 28, 2024, 7:49 a.m.	Feb. 28, 2024, 7:58 a.m.

Size	283.0KB
Type	PE32+ executable (console) x86-64, for MS Windows
MD5	`8a2122e8162dbef04694b9c3e0b6cdee`
SHA256	`b99d61d874728edc0918ca0eb10eab93d381e7367e377406e65963366c874450`
CRC32	`5B6564B2`
ssdeep	`6144:k4WA1B9BxDfQWKORSqY4zOcmpdlc3gJdmtolSm:H1BhkWvSqY4zvmjOwJIT`
PDB Path	cmd.pdb
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsPE64 - (no description) Malicious_Packer_Zero - Malicious Packer Win32_Trojan_Gen_1_0904B0_Zero - Win32 Trojan Emotet UPX_Zero - UPX packed file Generic_Malware_Zero - Generic Malware OS_Processor_Check_Zero - OS Processor Check

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

This executable has a PDB path (1 event)

pdb_path

cmd.pdb

The executable contains unknown PE section names indicative of a packer (could be a false positive) (1 event)

section

.didat

The file contains an unknown PE resource name possibly indicative of a packer (1 event)

resource name

MUI