popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

diufhloadme.exe

PE64 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6403_us April 5, 2024, 11:37 p.m. April 5, 2024, 11:37 p.m.
Size 4.0MB
Type PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
MD5 7010962cccd78789767380410a70b7c8
SHA256 a91faefd1f8df889ca61c00266044044857c3da4984ccb34240bb75849bbd549
CRC32 9C67A3AB
ssdeep 24576:4FWOIZDTZtm0NtTM4vEsfB/vv1xshIsqwbHgbtN:4FWr9trEsR3HshRqUH6t
Yara
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section {u'size_of_data': u'0x000a4000', u'virtual_address': u'0x00002000', u'entropy': 7.989604928160253, u'name': u'.text', u'virtual_size': u'0x000a3ea3'} entropy 7.98960492816 description A section with a high entropy has been found
section {u'size_of_data': u'0x00016c00', u'virtual_address': u'0x000a6000', u'entropy': 7.913346408020921, u'name': u'.rsrc', u'virtual_size': u'0x00016acb'} entropy 7.91334640802 description A section with a high entropy has been found
entropy 1.0 description Overall entropy of this PE file is high