popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

cryptography_module_windows.exe

Gen1 Generic Malware Malicious Library UPX Anti_VM PE64 PE File OS Processor Check ZIP Format DLL
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6403_us May 8, 2024, 7:46 a.m. May 8, 2024, 7:55 a.m.
Size 7.8MB
Type PE32+ executable (console) x86-64, for MS Windows
MD5 ec69806113c382160f37a6ace203e280
SHA256 779a5fe11a1db6a3b4a064a57106c126b306a027b89200c72744eeac0db0bfe2
CRC32 9A4FB79C
ssdeep 196608:uzy4Edk0FpymvdsCncs4njQthsiHzy7k7C7DZRdwKihxv/o13:p4DwBvaCncNnKhs57IC7vqva
Yara
  • IsPE64 - (no description)
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • UPX_Zero - UPX packed file
  • Generic_Malware_Zero - Generic Malware
  • OS_Processor_Check_Zero - OS Processor Check

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
104.21.18.166 Active Moloch
172.67.169.89 Active Moloch
172.67.193.79 Active Moloch
182.162.106.144 Active Moloch
182.162.106.33 Active Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Time & API Arguments Status Return Repeated

GlobalMemoryStatusEx

 1 1 0
section _RDATA
file C:\Users\test22\AppData\Local\Temp\_MEI14882\libcrypto-1_1.dll
file C:\Users\test22\AppData\Local\Temp\_MEI14882\libffi-7.dll
file C:\Users\test22\AppData\Local\Temp\_MEI14882\libssl-1_1.dll
file C:\Users\test22\AppData\Local\Temp\_MEI14882\python310.dll
file C:\Users\test22\AppData\Local\Temp\_MEI14882\VCRUNTIME140.dll
Bkav W64.AIDetectMalware
DeepInstinct MALICIOUS
section {u'size_of_data': u'0x0000f200', u'virtual_address': u'0x0004b000', u'entropy': 7.356303298008595, u'name': u'.rsrc', u'virtual_size': u'0x0000f014'} entropy 7.35630329801 description A section with a high entropy has been found
entropy 0.212280701754 description Overall entropy of this PE file is high
host 104.21.18.166
host 172.67.169.89
host 172.67.193.79
host 182.162.106.144
host 182.162.106.33
dead_host 104.21.18.166:443