popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis
Generic Malware UPX OS Processor Check PE64 PE File
  1. Resubmit sample
Category Machine Started Completed
ARCHIVE s1_win7_x6401 June 7, 2024, 5:48 p.m. June 7, 2024, 5:48 p.m.

Archive 64npf.sys @ sandbox.zip

Summary

Size 35.7KB
Type PE32+ executable (native) x86-64, for MS Windows
MD5 de7fcc77f4a503af4ca6a47d49b3713d
SHA1 8206e2d8374f5e7bf626e47d56d2431edc939652
SHA256 4bfaa99393f635cd05d91a64de73edb5639412c129e049f0fe34f88517a10fc6
SHA512
fdace7ee2593ffe5724db32f4be62bb13aa1ec89e1e01c713d8c1e9891a5a0975d127450024c3388a987a35e546568ecdbcc60c185dc8f8b08ccef67a084b20d
CRC32 49E02A14
ssdeep 768:VVRRdUlDRJuOfUhk8ZX2ZeRY4soGLeTZ8wwfKRw:VVRsZREOfUhNK96TZ8wwi6
PDB Path c:\releases\winpcap_4_1_3\winpcap\packetntx\driver\bin\amd64\npf.pdb
Yara
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature
  • UPX_Zero - UPX packed file
  • Generic_Malware_Zero - Generic Malware
  • OS_Processor_Check_Zero - OS Processor Check

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

pdb_path c:\releases\winpcap_4_1_3\winpcap\packetntx\driver\bin\amd64\npf.pdb
section INIT