popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

last_stage

UPX PE32 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 April 19, 2024, 1:06 p.m. April 19, 2024, 1:14 p.m.
Size 184.5KB
Type PE32 executable (console) Intel 80386, for MS Windows
MD5 ad15c8f35af52d9258c025bc2f051e34
SHA256 41ca9b3177da771632347aeee0aabda5da37954f8933f80738f02f4fe07cbca1
CRC32 D0708869
ssdeep 768:lfGgTViahszDOtfGgTViahszDOKJBq9YfGgTViahszDOHefGgTViahszDO:F4WsO94WsOKJBq904WsOC4WsO
PDB Path BthUdTask.pdb
Yara
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • UPX_Zero - UPX packed file

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
164.124.101.2 Active Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

pdb_path BthUdTask.pdb
section .didat
resource name MUI
Skyhigh Artemis
ALYac Gen:Variant.Fugrafa.313649
VIPRE Gen:Variant.Fugrafa.313649
CrowdStrike win/malicious_confidence_60% (D)
BitDefender Gen:Variant.Fugrafa.313649
Arcabit Trojan.Fugrafa.D4C931
McAfee Artemis!AD15C8F35AF5
MicroWorld-eScan Gen:Variant.Fugrafa.313649
Emsisoft Gen:Variant.Fugrafa.313649 (B)
FireEye Gen:Variant.Fugrafa.313649
MAX malware (ai score=83)
Microsoft Trojan:Win32/Znyonm
GData Gen:Variant.Fugrafa.313649
DeepInstinct MALICIOUS