popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

NimDllLoader.exe

UPX PE64 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6403_us May 31, 2024, 10:03 a.m. May 31, 2024, 10:25 a.m.
Size 846.5KB
Type PE32+ executable (console) x86-64, for MS Windows
MD5 8960bb93e3796d6fdd8d637d54bc2d24
SHA256 41dfa864f8603937bc72ac9f9f9eca22dae0fed561e54c8f27675e75e43a2d63
CRC32 5D01D5B2
ssdeep 12288:NUAc/V3MutnA3kXIK4y8SBUghSBvzmVDIbX:qAQV3Mu9A3OZ4y8SBUghSVzYDIbX
Yara
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature
  • UPX_Zero - UPX packed file

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Time & API Arguments Status Return Repeated

GlobalMemoryStatusEx

 1 1 0
Elastic malicious (high confidence)
Sangfor Trojan.Win32.Save.a
APEX Malicious
Kaspersky UDS:DangerousObject.Multi.Generic
McAfeeD ti!41DFA864F860
FireEye Generic.mg.8960bb93e3796d6f
Ikarus Trojan-Downloader.Win64.Agent
Webroot W32.Trojan.Gen
Google Detected
Kingsoft Win32.Troj.Unknown.a
ZoneAlarm UDS:DangerousObject.Multi.Generic
DeepInstinct MALICIOUS
Fortinet PossibleThreat.PALLAS.H
Paloalto generic.ml
CrowdStrike win/malicious_confidence_70% (W)