popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

pconsnap.dll

Generic Malware Malicious Library UPX PE64 PE File DLL OS Processor Check
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6402 June 28, 2024, 6:32 p.m. June 28, 2024, 6:32 p.m.
Size 71.0MB
Type PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5 8fb5e72a31680189d9a529b49962a0b1
SHA256 4f9ef9f4b90d8e0928a36369e90d912b1f4a3b5afc173cddecb1790aa06cdc74
CRC32 C41A4882
ssdeep 1572864:jSGOD5R6/+fkA7n5gpO6TlY0C1U9j+JsTiV/Dn5+s24M/:jpODH63A75gpNhY0Cy96Js+VLJU
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
  • IsPE64 - (no description)
  • UPX_Zero - UPX packed file
  • Generic_Malware_Zero - Generic Malware
  • OS_Processor_Check_Zero - OS Processor Check

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
164.124.101.2 Active Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section _RDATA
Bkav W64.AIDetectMalware
Skyhigh Artemis
ALYac Backdoor.Agent.status
Cylance Unsafe
Sangfor Trojan.Win32.Save.a
ESET-NOD32 a variant of Win64/NukeSped.KP
Avast Win64:APTX-gen [Trj]
Kaspersky UDS:Trojan.Win64.Lazarus.gen
Alibaba Trojan:Win64/NukeSped.d298f49d
Rising Trojan.NukeSped!8.3184 (CLOUD)
McAfeeD ti!4F9EF9F4B90D
Sophos Mal/Generic-S
Microsoft Program:Win32/Wacapew.C!ml
AhnLab-V3 Trojan/Win.Lazardoor.R592967
DeepInstinct MALICIOUS
AVG Win64:APTX-gen [Trj]
alibabacloud Trojan:Win/NukeSped.KX