Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
09.22 06:09
audiodg.exe
09.22 06:09
psfod.exe
09.22 06:09
73EtsZxIoDetWTu.exe
09.22 06:09
otqp9.exe
09.22 06:09
xx.exe
09.22 06:09
fck.exe
09.22 06:09
LummaC222222.exe
09.22 06:09
seethebestwayforunders...
09.22 06:09
Name.exe
09.22 06:09
needmoney.exe

Latest News
09.22 11:09
Lula Seeks to Lead Pus...
09.22 11:09
Emoji-Erweiterung: Ach...
09.22 11:09
Slack wird noch smarte...
09.22 11:09
지란지교데이터, 개인정보 비식별화와 AI...
09.22 11:09
Robotic Touch Using a ...
09.22 10:09
좋을, IT외주인력 보안관리의 새로운 패...
09.22 10:09
잉카인터넷, 엔드포인트 중앙 관리 보안 ...
09.22 09:09
인스피언, SAP 개인정보보호 솔루션과 ...
09.22 09:09
Apple’s New iPhone 16 ...
09.22 09:09
이너버스, 통합로그관리 넘어 SIEM 시...

Summary | ZeroBOX

DS_Store.exe

Generic Malware Malicious Packer UPX PE32 PE File

Category	Machine	Started	Completed
FILE	s1_win7_x6401	July 9, 2024, 6:47 p.m.	July 9, 2024, 6:47 p.m.

Size	307.0KB
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`14df06539b72837adb9f8d13cfcea6db`
SHA256	`f77f73ebd9efa0dc88a9e1b013c36a5567fc9f39157645912cbd7900f177eb8b`
CRC32	`C3C3408C`
ssdeep	`3072:Yz/dDSMbWDhILjyCvJqxEm4x1ESuQG+3SeyRS6CSfKVu1xgCAWUMZSD:YLdDSMbWDeLjyCvoxEvTEPp/F`
PDB Path	cttune.pdb
Yara	PE_Header_Zero - PE File Signature Malicious_Packer_Zero - Malicious Packer IsPE32 - (no description) UPX_Zero - UPX packed file Generic_Malware_Zero - Generic Malware

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

This executable has a PDB path (1 event)

pdb_path

cttune.pdb

The file contains an unknown PE resource name possibly indicative of a packer (2 events)

resource name	MUI
resource name	WEVT_TEMPLATE

File has been identified by 7 AntiVirus engines on VirusTotal as malicious (7 events)

Bkav	W32.AIDetectMalware
tehtris	Generic.Malware
APEX	Malicious
Rising	Trojan.Generic@AI.89 (RDMK:cmRtazrnF3/GKE8zsnw4G/aqjuRR)
AhnLab-V3	Malware/Win.Generic.C5648133
Paloalto	generic.ml
CrowdStrike	win/malicious_confidence_60% (D)