Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
09.22 06:09
audiodg.exe
09.22 06:09
psfod.exe
09.22 06:09
73EtsZxIoDetWTu.exe
09.22 06:09
otqp9.exe
09.22 06:09
xx.exe
09.22 06:09
fck.exe
09.22 06:09
LummaC222222.exe
09.22 06:09
seethebestwayforunders...
09.22 06:09
Name.exe
09.22 06:09
needmoney.exe

Latest News
09.23 02:09
Brass Propeller Gets I...
09.23 01:09
트리니티소프트, 애플리케이션 보안 분야에...
09.23 01:09
텔레그램 사용자 정책 위반 사칭 피싱 사...
09.23 01:09
SKYBOX 통합보안위험관리 솔루션, 다...
09.23 12:09
카스퍼스키, 클라우드·엔드포인트·OT 보...
09.22 11:09
Lula Seeks to Lead Pus...
09.22 11:09
Emoji-Erweiterung: Ach...
09.22 11:09
Slack wird noch smarte...
09.22 11:09
지란지교데이터, 개인정보 비식별화와 AI...
09.22 11:09
Robotic Touch Using a ...

Summary | ZeroBOX

lummac2.exe

PE32 PE File

Category	Machine	Started	Completed
FILE	s1_win7_x6403_us	June 14, 2024, 7:34 a.m.	June 14, 2024, 7:51 a.m.

Size	310.5KB
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`6e3d83935c7a0810f75dfa9badc3f199`
SHA256	`dc4f0a8e3d12c98eac09a42bd976579ccc1851056d9de447495e8be7519760ed`
CRC32	`320DD32C`
ssdeep	`6144:3lGhYe2gss2fHZq4uCDrgcKJCMBus902mdK/WI5O7KKKDi4G:3lGhYHh0CnYZSLP7KKKD1G`
Yara	IsPE32 - (no description) PE_Header_Zero - PE File Signature

lummac2.exe "C:\Users\test22\AppData\Local\Temp\lummac2.exe"
2004

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
164.124.101.2	Active	Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

The binary likely contains encrypted or compressed data indicative of a packer (1 event)

section

{u'size_of_data': u'0x00009800', u'virtual_address': u'0x00040000', u'entropy': 7.014920556264192, u'name': u'.data', u'virtual_size': u'0x00012b84'}

entropy

7.01492055626

description

A section with a high entropy has been found