popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

spixa.exe

Craxs RAT PE32 PE File .NET EXE
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6403_us April 15, 2024, 8:48 a.m. April 15, 2024, 8:48 a.m.
Size 97.0KB
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 f696ed438605a49124bb0511a8ffd744
SHA256 d1587ecd390941f851fce0c7df7ef63d0f548c6a9a8f94fe334809ad7dd5e732
CRC32 4D118853
ssdeep 1536:/SugTXXY7/xCEWz3CaacjKpI4y1vYe76MJQEuy/3IsRNqLaBW:GnY7/xCEUSaacjV4juRA+hW
PDB Path C:\gifqu1lf8qrv\obj\Release\Current.pdb
Yara
  • Craxs_RAT - Craxs RAT
  • PE_Header_Zero - PE File Signature
  • Is_DotNET_EXE - (no description)
  • IsPE32 - (no description)

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

pdb_path C:\gifqu1lf8qrv\obj\Release\Current.pdb
section {u'size_of_data': u'0x00017a00', u'virtual_address': u'0x00002000', u'entropy': 7.975312352101679, u'name': u'.text', u'virtual_size': u'0x00017928'} entropy 7.9753123521 description A section with a high entropy has been found
entropy 0.979274611399 description Overall entropy of this PE file is high