popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

kub54.exe

Generic Malware Malicious Library PE32 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6403_us May 16, 2024, 7:22 a.m. May 16, 2024, 7:33 a.m.
Size 206.5KB
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 f5db5ea5dc2a7675f2060a03dc46b49a
SHA256 31d4ac5b0f1068f18c1d627a90db41f63094d3cb4921b1eed02450c7c8b84fe2
CRC32 88DE78BD
ssdeep 3072:bM6Vzzphxp3OKorZTAGUctD8IWobX5QMJ601jtd:rhEKGAQII9SUL
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • Generic_Malware_Zero - Generic Malware

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
164.124.101.2 Active Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

name RT_ICON language LANG_TURKISH filetype GLS_BINARY_LSB_FIRST sublanguage SUBLANG_DEFAULT offset 0x0231c078 size 0x00000468
name RT_ICON language LANG_TURKISH filetype GLS_BINARY_LSB_FIRST sublanguage SUBLANG_DEFAULT offset 0x0231c078 size 0x00000468
name RT_ICON language LANG_TURKISH filetype GLS_BINARY_LSB_FIRST sublanguage SUBLANG_DEFAULT offset 0x0231c078 size 0x00000468
name RT_ICON language LANG_TURKISH filetype GLS_BINARY_LSB_FIRST sublanguage SUBLANG_DEFAULT offset 0x0231c078 size 0x00000468
name RT_ICON language LANG_TURKISH filetype GLS_BINARY_LSB_FIRST sublanguage SUBLANG_DEFAULT offset 0x0231c078 size 0x00000468
name RT_ICON language LANG_TURKISH filetype GLS_BINARY_LSB_FIRST sublanguage SUBLANG_DEFAULT offset 0x0231c078 size 0x00000468
name RT_ICON language LANG_TURKISH filetype GLS_BINARY_LSB_FIRST sublanguage SUBLANG_DEFAULT offset 0x0231c078 size 0x00000468
name RT_ICON language LANG_TURKISH filetype GLS_BINARY_LSB_FIRST sublanguage SUBLANG_DEFAULT offset 0x0231c078 size 0x00000468
name RT_ICON language LANG_TURKISH filetype GLS_BINARY_LSB_FIRST sublanguage SUBLANG_DEFAULT offset 0x0231c078 size 0x00000468
name RT_ICON language LANG_TURKISH filetype GLS_BINARY_LSB_FIRST sublanguage SUBLANG_DEFAULT offset 0x0231c078 size 0x00000468
name RT_ICON language LANG_TURKISH filetype GLS_BINARY_LSB_FIRST sublanguage SUBLANG_DEFAULT offset 0x0231c078 size 0x00000468
name RT_ICON language LANG_TURKISH filetype GLS_BINARY_LSB_FIRST sublanguage SUBLANG_DEFAULT offset 0x0231c078 size 0x00000468
name RT_ICON language LANG_TURKISH filetype GLS_BINARY_LSB_FIRST sublanguage SUBLANG_DEFAULT offset 0x0231c078 size 0x00000468
name RT_ICON language LANG_TURKISH filetype GLS_BINARY_LSB_FIRST sublanguage SUBLANG_DEFAULT offset 0x0231c078 size 0x00000468
name RT_ICON language LANG_TURKISH filetype GLS_BINARY_LSB_FIRST sublanguage SUBLANG_DEFAULT offset 0x0231c078 size 0x00000468
name RT_GROUP_ICON language LANG_TURKISH filetype data sublanguage SUBLANG_DEFAULT offset 0x0231c4e0 size 0x00000076
name RT_GROUP_ICON language LANG_TURKISH filetype data sublanguage SUBLANG_DEFAULT offset 0x0231c4e0 size 0x00000076
Bkav W32.AIDetectMalware
Elastic malicious (high confidence)
Cynet Malicious (score: 100)
Skyhigh BehavesLike.Win32.PUPXAC.dm
Cylance unsafe
Sangfor Ransom.Win32.Save.a
K7AntiVirus Trojan ( 003e58dd1 )
K7GW Trojan ( 003e58dd1 )
VirIT Trojan.Win32.Stealc.A
Symantec ML.Attribute.HighConfidence
tehtris Generic.Malware
APEX Malicious
McAfee Artemis!F5DB5EA5DC2A
Avast TrojanX-gen [Trj]
ClamAV Win.Ransomware.Stop-10029959-0
Kaspersky UDS:Backdoor.Win32.Mokes.gen
Rising Trojan.Generic@AI.100 (RDML:3ZFpLrZ1TuHY9al7AcY/qA)
Trapmine malicious.high.ml.score
FireEye Generic.mg.f5db5ea5dc2a7675
Sophos Troj/Krypt-AEE
Ikarus Trojan.Win32.Raccoon
Google Detected
Kingsoft malware.kb.a.998
Microsoft Trojan:Win32/Caynamer.A!ml
ZoneAlarm UDS:Backdoor.Win32.Mokes.gen
Varist W32/FakeAlert.VV.gen!Eldorado
BitDefenderTheta Gen:NN.ZexaF.36804.mq0@aClY1LaG
DeepInstinct MALICIOUS
VBA32 BScope.TrojanSpy.Convagent
Malwarebytes Generic.Malware/Suspicious
SentinelOne Static AI - Suspicious PE
MaxSecure Trojan.Malware.300983.susgen
Fortinet W32/Kryptik.GYYS!tr
AVG TrojanX-gen [Trj]
Paloalto generic.ml