popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Balanza.exe

UPX MZP Format PE32 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6403_us July 5, 2024, 11:04 a.m. July 5, 2024, 11:09 a.m.
Size 823.5KB
Type PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed
MD5 91256800ace9fbe4fe2158ec132fc01e
SHA256 3172ab53e2d338d52b803e6edd210a74f30c231b1e0d8aaf5d2fc143267eae57
CRC32 0DD9471A
ssdeep 24576:iG5gI8aPNeyL28L7lbO9z10g8pBITiBD:38EjLxO9z10gaB6w
Yara
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • UPX_Zero - UPX packed file
  • mzp_file_format - MZP(Delphi) file format

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
164.124.101.2 Active Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Time & API Arguments Status Return Repeated

GlobalMemoryStatusEx

 1 1 0
Bkav W32.AIDetectMalware
APEX Malicious
Kaspersky UDS:DangerousObject.Multi.Generic
Rising Trojan.Generic@AI.85 (RDMK:cmRtazrkIMzPYYrxfj6MgmhPBYlh)
Trapmine malicious.moderate.ml.score
ZoneAlarm UDS:DangerousObject.Multi.Generic
section {u'size_of_data': u'0x000c1800', u'virtual_address': u'0x00139000', u'entropy': 7.919628160926077, u'name': u'UPX1', u'virtual_size': u'0x000c2000'} entropy 7.91962816093 description A section with a high entropy has been found
entropy 0.94103343465 description Overall entropy of this PE file is high
section UPX0 description Section name indicates UPX
section UPX1 description Section name indicates UPX