popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

ticket2w.exe

Malicious Library MZP Format PE32 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 June 16, 2024, 9:56 a.m. June 16, 2024, 10:41 a.m.
Size 200.5KB
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 db063c7f3eeed0ac66c3c42fd3797f59
SHA256 daf69668d44a8a20bb0b544e4f36669735d849aaefae87c1a70fad220b85d1e5
CRC32 F248831F
ssdeep 3072:jHTXh1+sOsOHrHT/gd+RbJEj0z7g5h0gL41XxEvfXBsJy7BcJL29xGPV9I+Oxh:jHT33KP4gbJzT6+Jylc0eun
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • mzp_file_format - MZP(Delphi) file format

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section .itext
resource name TYPELIB
Time & API Arguments Status Return Repeated

NtProtectVirtualMemory

 process_identifier: 2560
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
length: 4096
protection: 64 (PAGE_EXECUTE_READWRITE)
base_address: 0x73662000
process_handle: 0xffffffff
1 0 0

NtAllocateVirtualMemory

 process_identifier: 2560
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
protection: 64 (PAGE_EXECUTE_READWRITE)
base_address: 0x01e30000
allocation_type: 4096 (MEM_COMMIT)
process_handle: 0xffffffff
1 0 0
Bkav W32.AIDetectMalware
Lionic Trojan.Win32.Generic.4!c
Cynet Malicious (score: 100)
Cylance Unsafe
K7AntiVirus Trojan-Downloader ( 004d688a1 )
BitDefender Trojan.GenericKD.73139288
K7GW Trojan-Downloader ( 004d688a1 )
MicroWorld-eScan Trojan.GenericKD.73139288
Rising Trojan.Generic@AI.88 (RDML:nDU0jlMfkU+e03EbYE9aGA)
Emsisoft Trojan.GenericKD.73139288 (B)
McAfeeD ti!DAF69668D44A
FireEye Trojan.GenericKD.73139288
Sophos Mal/Generic-S
Ikarus Win32.Outbreak
Jiangmin Worm.VBS.aad
Google Detected
MAX malware (ai score=84)
Kingsoft malware.kb.a.901
Microsoft Trojan:Win32/Casdet!rfn
GData Trojan.GenericKD.73139288
DeepInstinct MALICIOUS