popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

adobe.exe

UPX PE64 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 June 17, 2024, 11:18 a.m. June 17, 2024, 11:19 a.m.
Size 30.0MB
Type PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
MD5 5fb6f9de46e67ad7d07418a02417aa92
SHA256 51c95198cd5f4f204ba2a6a829fb1e2bb098204cce1aa61cb579cf91ba74ddb1
CRC32 73F90D39
ssdeep 786432:dYO964MiabdNhjvYRXMnwMVl4xaaUm5H4lPLJDDevy21SFWeXgoUEs6wwxAKtG:dL96JiabdjjvYRTMV6xaawDgy2H7o46u
Yara
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature
  • UPX_Zero - UPX packed file

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
164.124.101.2 Active Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Time & API Arguments Status Return Repeated

NtAllocateVirtualMemory

 process_identifier: 2668
region_size: 159744
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
protection: 64 (PAGE_EXECUTE_READWRITE)
base_address: 0x0000000000620000
allocation_type: 12288 (MEM_COMMIT|MEM_RESERVE)
process_handle: 0xffffffffffffffff
1 0 0
section {u'size_of_data': u'0x01df7800', u'virtual_address': u'0x01aca000', u'entropy': 7.783130061322822, u'name': u'UPX1', u'virtual_size': u'0x01df8000'} entropy 7.78313006132 description A section with a high entropy has been found
entropy 0.999934827946 description Overall entropy of this PE file is high
section UPX0 description Section name indicates UPX
section UPX1 description Section name indicates UPX
Bkav W64.AIDetectMalware
Cynet Malicious (score: 99)
ALYac Gen:Variant.Barys.443644
Cylance Unsafe
VIPRE Gen:Variant.Barys.443644
Sangfor Virus.Win32.Save.a
BitDefender Gen:Variant.Barys.443644
Cybereason malicious.e46e67
Arcabit Trojan.Barys.D6C4FC
ESET-NOD32 a variant of Win64/TrojanDropper.Agent.IH
Avast Win64:Evo-gen [Trj]
MicroWorld-eScan Gen:Variant.Barys.443644
Rising Trojan.Kryptik!8.8 (TFE:5:tSjl4DNY5BP)
Emsisoft Gen:Variant.Barys.443644 (B)
F-Secure Heuristic.HEUR/AGEN.1367773
McAfeeD ti!51C95198CD5F
FireEye Gen:Variant.Barys.443644
Ikarus Malware.Win64.Coinminer
Google Detected
Avira HEUR/AGEN.1367773
Microsoft Program:Win32/Wacapew.C!ml
GData Gen:Variant.Barys.443644
AhnLab-V3 Trojan/Win.Generic.C5392786
MAX malware (ai score=82)
Fortinet W64/GenKryptik.GIIA!tr
AVG Win64:Evo-gen [Trj]