Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
09.22 04:09
2.exe
09.21 02:09
random.exe
09.21 02:09
sdhsfd.exe
09.21 02:09
66edb89bc4073_crypted....
09.21 02:09
66ed33772bbe7_vdfhsjf1...
09.21 02:09
game.exe
09.21 02:09
66ebb3bf78bd6_Send.exe...
09.21 02:09
66ed33717e4c1_vfdshfda...
09.21 02:09
random.exe
09.21 02:09
66ed336eac985_vdfhssfd...

Latest News
09.22 12:09
[PASCON 2024-리뷰] 굿모닝아이...
09.22 12:09
[PASCON 2024-강연] 박나룡 소...
09.22 12:09
2024-09-19 - File down...
09.22 11:09
The Surprising Effects...
09.22 10:09
두리코스 댕기머리, 중국인 300만 명이...
09.22 09:09
Announcing SecTemplate...
09.22 08:09
When Raw Network Socke...
09.22 08:09
Biden Administration t...
09.22 08:09
IT Sicherheitsnews tae...
09.22 07:09
September 22, 2024

Summary | ZeroBOX

2EU.file.exe

Malicious Library UPX ftp PE64 PE File OS Processor Check

Category	Machine	Started	Completed
FILE	s1_win7_x6401	July 7, 2024, 7 p.m.	July 7, 2024, 7:02 p.m.

Size	845.5KB
Type	PE32+ executable (GUI) x86-64, for MS Windows
MD5	`f7ea17cd71f263659d0ee0b82a95fbaf`
SHA256	`159a43318fc1e30622f9851a58e437114a925b4bf734340879dc59387a11debd`
CRC32	`AB365F3C`
ssdeep	`24576:lq3ZxrxkruJX5ybziv1jv5rjpQYbHfPwQ2qlZBM:lq3ZxryqJWzih5rt9P`
PDB Path	updater.pdb
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsPE64 - (no description) ftp_command - ftp command UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

This executable has a PDB path (1 event)

pdb_path

updater.pdb

File has been identified by 2 AntiVirus engines on VirusTotal as malicious (2 events)

APEX	Malicious
MaxSecure	Trojan.Malware.300983.susgen