popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Iss.exe

Generic Malware Malicious Library PE32 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 April 30, 2024, 7:32 a.m. April 30, 2024, 7:37 a.m.
Size 381.0KB
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 955211d8050bb619846140050fe5b6da
SHA256 2a516f2c1ae4b409339a9e1e32ebc5938cbfd1d9dddcbdd4c0743c99610dcba2
CRC32 85ECDCA1
ssdeep 6144:svcjKhk/i+a/jkgxDyLoxUcIIYteyvV//4NOxNxDiIMPUZIN:WUa/j1FHUfIsYgNDfMPH
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • Generic_Malware_Zero - Generic Malware

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

name RT_ICON language LANG_TURKISH filetype GLS_BINARY_LSB_FIRST sublanguage SUBLANG_DEFAULT offset 0x0271a6d0 size 0x00000468
name RT_ICON language LANG_TURKISH filetype GLS_BINARY_LSB_FIRST sublanguage SUBLANG_DEFAULT offset 0x0271a6d0 size 0x00000468
name RT_ICON language LANG_TURKISH filetype GLS_BINARY_LSB_FIRST sublanguage SUBLANG_DEFAULT offset 0x0271a6d0 size 0x00000468
name RT_ICON language LANG_TURKISH filetype GLS_BINARY_LSB_FIRST sublanguage SUBLANG_DEFAULT offset 0x0271a6d0 size 0x00000468
name RT_ICON language LANG_TURKISH filetype GLS_BINARY_LSB_FIRST sublanguage SUBLANG_DEFAULT offset 0x0271a6d0 size 0x00000468
name RT_ICON language LANG_TURKISH filetype GLS_BINARY_LSB_FIRST sublanguage SUBLANG_DEFAULT offset 0x0271a6d0 size 0x00000468
name RT_ICON language LANG_TURKISH filetype GLS_BINARY_LSB_FIRST sublanguage SUBLANG_DEFAULT offset 0x0271a6d0 size 0x00000468
name RT_GROUP_ICON language LANG_TURKISH filetype data sublanguage SUBLANG_DEFAULT offset 0x0271ab38 size 0x00000068
section {u'size_of_data': u'0x0004b000', u'virtual_address': u'0x0000c000', u'entropy': 7.583936215867441, u'name': u'.rdata', u'virtual_size': u'0x0004ae5e'} entropy 7.58393621587 description A section with a high entropy has been found
entropy 0.789473684211 description Overall entropy of this PE file is high
Bkav W32.AIDetectMalware
Lionic Trojan.Win32.Strab.4!c
tehtris Generic.Malware
Cynet Malicious (score: 100)
Skyhigh BehavesLike.Win32.Lockbit.fc
ALYac Gen:Variant.FakeAlert.2
Cylance unsafe
VIPRE Gen:Variant.FakeAlert.2
Sangfor Trojan.Win32.Save.a
BitDefender Gen:Variant.FakeAlert.2
K7GW Trojan ( 003e58dd1 )
K7AntiVirus Trojan ( 003e58dd1 )
Arcabit Trojan.FakeAlert.2
Symantec ML.Attribute.HighConfidence
Elastic malicious (high confidence)
ESET-NOD32 a variant of Win32/Kryptik.HWYM
APEX Malicious
McAfee Artemis!955211D8050B
Avast Win32:PWSX-gen [Trj]
ClamAV Win.Trojan.Windigo-10028444-0
Kaspersky HEUR:Trojan.Win32.Strab.gen
Alibaba Trojan:Win32/Redcap.a0055e2c
MicroWorld-eScan Gen:Variant.FakeAlert.2
Rising Trojan.Generic@AI.100 (RDML:8m1Bs2KzPaoFl2shXi9BeA)
Emsisoft Gen:Variant.FakeAlert.2 (B)
F-Secure Trojan.TR/Redcap.taqao
DrWeb Trojan.PWS.Siggen3.37023
TrendMicro Trojan.Win32.SMOKELOADER.YXED3Z
Trapmine malicious.moderate.ml.score
FireEye Generic.mg.955211d8050bb619
Sophos Mal/Generic-S
Ikarus Trojan.Win32.Krypt
Google Detected
Avira TR/Redcap.taqao
MAX malware (ai score=87)
Antiy-AVL Trojan/Win32.Convagent
Kingsoft Win32.Trojan.Strab.gen
Gridinsoft Ransom.Win32.Sabsik.sa
Microsoft Trojan:Win32/Znyonm
ZoneAlarm HEUR:Trojan.Win32.Strab.gen
GData Win32.Packed.Kryptik.1LAM9V
Varist W32/Kryptik.MDH.gen!Eldorado
AhnLab-V3 Trojan/Win.Generic.R646608
BitDefenderTheta Gen:NN.ZexaF.36804.xq0@aOSU!OlG
DeepInstinct MALICIOUS
Malwarebytes Trojan.MalPack.GS
TrendMicro-HouseCall Trojan.Win32.SMOKELOADER.YXED3Z
SentinelOne Static AI - Suspicious PE
MaxSecure Trojan.Malware.300983.susgen
Fortinet W32/Kryptik.HCOV!tr