Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
09.22 04:09
2.exe
09.21 02:09
random.exe
09.21 02:09
sdhsfd.exe
09.21 02:09
66edb89bc4073_crypted....
09.21 02:09
66ed33772bbe7_vdfhsjf1...
09.21 02:09
game.exe
09.21 02:09
66ebb3bf78bd6_Send.exe...
09.21 02:09
66ed33717e4c1_vfdshfda...
09.21 02:09
random.exe
09.21 02:09
66ed336eac985_vdfhssfd...

Latest News
09.22 12:09
[PASCON 2024-리뷰] 굿모닝아이...
09.22 12:09
[PASCON 2024-강연] 박나룡 소...
09.22 12:09
2024-09-19 - File down...
09.22 11:09
The Surprising Effects...
09.22 10:09
두리코스 댕기머리, 중국인 300만 명이...
09.22 09:09
Announcing SecTemplate...
09.22 08:09
When Raw Network Socke...
09.22 08:09
Biden Administration t...
09.22 08:09
IT Sicherheitsnews tae...
09.22 07:09
September 22, 2024

Summary | ZeroBOX

new-image_j.jpg.exe

Malicious Library UPX .NET DLL PE File DLL OS Processor Check PE32

Category	Machine	Started	Completed
FILE	s1_win7_x6401	July 4, 2024, 10:11 a.m.	July 4, 2024, 10:11 a.m.

Size	2.8MB
Type	PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
MD5	`f0fd5b8e5113d5a7afc164e15d732129`
SHA256	`1c9c5dd8687063a08ec259c46db5f3c0ad614530129a634e5944b9b085023bc2`
CRC32	`ED12E9DC`
ssdeep	`24576:vDWPdErzb1+Oe5vepu3NkxO5nUKzmBlaE7i3dmq3zbhdFWueMHo76o2Biz2G:vDW8bNQ40U1faE7i3Qqj7gz2B`
PDB Path	dnlib.pdb
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE32 - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check Is_DotNET_DLL - (no description)

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

This executable has a PDB path (1 event)

pdb_path

dnlib.pdb

File has been identified by 4 AntiVirus engines on VirusTotal as malicious (4 events)

Ikarus	Trojan.MSIL.Injector
Google	Detected
Varist	W32/Injector.BTO.gen!Eldorado
SentinelOne	Static AI - Suspicious PE