popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

test.exe

UPX PE64 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 July 8, 2024, 5:03 p.m. July 8, 2024, 5:06 p.m.
Size 7.8MB
Type PE32+ executable (console) x86-64, for MS Windows
MD5 d19291fc64d40d67755f8a66e43200a3
SHA256 9932eb515829a84a391a384920cba7062532a0ebe6e090f59607c78e74f50b02
CRC32 052EC788
ssdeep 196608:D6fgb/EeMklOcMVDsO57iK94mrnfnxTlWkgHV74COv:D6gNIcKDsAiKOmrJUvY
Yara
  • PE_Header_Zero - PE File Signature
  • IsPE64 - (no description)
  • UPX_Zero - UPX packed file

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section {u'size_of_data': u'0x007c8200', u'virtual_address': u'0x00f38000', u'entropy': 7.89083687831528, u'name': u'UPX1', u'virtual_size': u'0x007c9000'} entropy 7.89083687832 description A section with a high entropy has been found
entropy 0.99993725687 description Overall entropy of this PE file is high
section UPX0 description Section name indicates UPX
section UPX1 description Section name indicates UPX
section UPX2 description Section name indicates UPX
Bkav W64.AIDetectMalware
Elastic malicious (moderate confidence)
Skyhigh BehavesLike.Win64.Generic.wc
Cylance Unsafe
McAfeeD ti!9932EB515829
FireEye Generic.mg.d19291fc64d40d67
Ikarus Trojan.WinGo.Shellcoderunner
Google Detected
Antiy-AVL GrayWare/Win32.Kryptik.ffp
Microsoft Program:Win32/Wacapew.C!ml
MaxSecure Trojan.Malware.300983.susgen
CrowdStrike win/malicious_confidence_60% (D)