popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

1.exe

UPX OS Processor Check PE64 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 July 1, 2024, 9:25 a.m. July 1, 2024, 9:25 a.m.
Size 1.4MB
Type PE32+ executable (native) x86-64, for MS Windows
MD5 07c1efc472c5c8424d6a4e529abc63c5
SHA256 36ced2ebd0665e53e6bf8cc629fe7567832beadafca5716c9338df231dad688d
CRC32 71B6F7E3
ssdeep 24576:G9oQP7aHQw68S/nfEgT2BqtiSqQU5xO0u7+WfNhvX7dTYek6H6E+:uoQP7aHQr/M210SnK5NyvX7usaT
Yara
  • PE_Header_Zero - PE File Signature
  • IsPE64 - (no description)
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section INIT
section .plp
section .YRx
section .,"!
section {u'size_of_data': u'0x00159200', u'virtual_address': u'0x00b2c000', u'entropy': 7.863760767597158, u'name': u'.,"!', u'virtual_size': u'0x00159174'} entropy 7.8637607676 description A section with a high entropy has been found
entropy 0.994954954955 description Overall entropy of this PE file is high
Bkav W64.AIDetectMalware
Lionic Trojan.Win32.Generic.4!c
Elastic malicious (high confidence)
Cynet Malicious (score: 99)
Cylance Unsafe
APEX Malicious
F-Secure Heuristic.HEUR/AGEN.1370877
Ikarus Win32.Outbreak
Google Detected
Avira HEUR/AGEN.1370877
Microsoft Trojan:Win32/Casdet!rfn
DeepInstinct MALICIOUS
Malwarebytes Malware.AI.4261116463
Fortinet W32/PossibleThreat
Paloalto generic.ml
CrowdStrike win/malicious_confidence_70% (W)