popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

eyelidsfix.exe

Malicious Library UPX Malicious Packer PE64 PE File OS Processor Check
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 May 18, 2024, 11 a.m. May 18, 2024, 11 a.m.
Size 149.0KB
Type PE32+ executable (console) x86-64, for MS Windows
MD5 153f6ec6324b9c4bfc1843e437618953
SHA256 78827edc216b3c0b5da3c97dd6b3b3323a44b9f8230f95fc8048e41bcdf2cc43
CRC32 0F4B2F57
ssdeep 3072:1efQZKfOC31VwyY9egNtfNjJvjmqqF7Hb/LMm5MPDB0uL:1DewyY9egLRePYm5AJ
PDB Path D:\a\_work\1\s\artifacts\obj\win-x64.Release\corehost\apphost\standalone\apphost.pdb
Yara
  • IsPE64 - (no description)
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • Malicious_Packer_Zero - Malicious Packer
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Time & API Arguments Status Return Repeated

GetComputerNameA

 computer_name: TEST22-PC
1 1 0

GetComputerNameW

 computer_name: TEST22-PC
1 1 0
pdb_path D:\a\_work\1\s\artifacts\obj\win-x64.Release\corehost\apphost\standalone\apphost.pdb
Time & API Arguments Status Return Repeated

GlobalMemoryStatusEx

 1 1 0
section _RDATA