popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

sysup.exe

Generic Malware UPX PE32 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 June 21, 2024, 3:47 p.m. June 21, 2024, 3:49 p.m.
Size 1.7MB
Type PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed
MD5 e11e67d21c40e31313b4611bd0af0301
SHA256 44c1753d235bd0a849bd87b6fcfe6a1a5ac496ff36d043a6827ab9db0a446e03
CRC32 CBBEF888
ssdeep 49152:ymmPLnIXHFJPoXjQ9/U+O9fw8dB14QWlvdR3G+/ontfl:iPD4HPPoXc9/4fpWHR3N/ontf
Yara
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • UPX_Zero - UPX packed file
  • Generic_Malware_Zero - Generic Malware

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Time & API Arguments Status Return Repeated

IsDebuggerPresent

 0 0
Time & API Arguments Status Return Repeated

NtProtectVirtualMemory

 process_identifier: 2560
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
length: 4096
protection: 64 (PAGE_EXECUTE_READWRITE)
base_address: 0x734c2000
process_handle: 0xffffffff
1 0 0
section {u'size_of_data': u'0x001b1a00', u'virtual_address': u'0x0007c000', u'entropy': 7.803171355400968, u'name': u'UPX1', u'virtual_size': u'0x001b2000'} entropy 7.8031713554 description A section with a high entropy has been found
entropy 0.984672154414 description Overall entropy of this PE file is high
section UPX0 description Section name indicates UPX
section UPX1 description Section name indicates UPX
Bkav W32.AIDetectMalware
Lionic Trojan.Win32.BitMiner.4!c
Elastic malicious (moderate confidence)
Cynet Malicious (score: 100)
Skyhigh BehavesLike.Win32.Injector.tc
ALYac Trojan.GenericKD.66127680
Cylance Unsafe
VIPRE Trojan.GenericKD.66127680
Sangfor Trojan.Win32.Agent.Vcm3
BitDefender Trojan.GenericKD.66127680
Cybereason malicious.21c40e
Arcabit Trojan.Generic.D3F10740
VirIT Trojan.Win32.Crypt5.MKJ
tehtris Generic.Malware
ESET-NOD32 a variant of Generik.COUPVNY
APEX Malicious
McAfee Artemis!E11E67D21C40
Avast Win32:Malware-gen
ClamAV Win.Malware.Generic-9952838-0
Kaspersky VHO:Trojan.Win32.Convagent.gen
Alibaba RiskWare:Script/BitMiner.b2415987
MicroWorld-eScan Trojan.GenericKD.66127680
Rising Trojan.Obfus/Autoit!1.BEDE (CLOUD)
Emsisoft Trojan.GenericKD.66127680 (B)
Zillya Trojan.Convagent.Win32.18277
McAfeeD Real Protect-LS!E11E67D21C40
Trapmine malicious.high.ml.score
FireEye Generic.mg.e11e67d21c40e313
Sophos Mal/Generic-S (PUA)
Ikarus PUA.Autoit
Jiangmin Trojan.Selfdel.rvj
Google Detected
Antiy-AVL Trojan[Dropper]/Win32.Dorifel
Microsoft Program:Win32/Wacapew.C!ml
ZoneAlarm not-a-virus:HEUR:RiskTool.Script.BitMiner.gen
GData Trojan.GenericKD.66127680
Varist W32/ABRisk.GURY-3419
DeepInstinct MALICIOUS
VBA32 Backdoor.Bladabindi
Malwarebytes Malware.AI.2852723073
TrendMicro-HouseCall TROJ_GEN.R002H07ET24
Tencent Script.Risktool.Bitminer.Ymhl
MAX malware (ai score=86)
MaxSecure Trojan.Malware.109653022.susgen
Fortinet W32/PossibleThreat
AVG Win32:Malware-gen
Paloalto generic.ml
CrowdStrike win/malicious_confidence_100% (W)
alibabacloud Suspicious