popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

u.exe

Generic Malware Malicious Library UPX Malicious Packer PE64 PE File OS Processor Check
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 July 11, 2024, 1:15 p.m. July 11, 2024, 1:28 p.m.
Size 112.0KB
Type PE32+ executable (console) x86-64, for MS Windows
MD5 59bf80bdf6c8f3723375b2d83d1610af
SHA256 e77881389e4aa30e4f740674f5c4fdebe6dbe98a569daa4beedbaf1b94d7a44a
CRC32 F7376046
ssdeep 3072:IBjZlfdgovOnGoDWvXdlNGbLxvg/H1RsTAk:I9fdg0OVDWvXd3kxvQzsE
PDB Path C:\Users\Administrator1\Desktop\BypassUAC-master\x64\Release\BypassUAC.pdb
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • Malicious_Packer_Zero - Malicious Packer
  • IsPE64 - (no description)
  • UPX_Zero - UPX packed file
  • Generic_Malware_Zero - Generic Malware
  • OS_Processor_Check_Zero - OS Processor Check

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

registry HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\MachineGuid
pdb_path C:\Users\Administrator1\Desktop\BypassUAC-master\x64\Release\BypassUAC.pdb
section _RDATA
Bkav W64.AIDetectMalware
Elastic malicious (high confidence)
ALYac Gen:Variant.Midie.141517
VIPRE Gen:Variant.Midie.141517
BitDefender Gen:Variant.Midie.141517
Cybereason malicious.df6c8f
Arcabit Trojan.Midie.D228CD
ESET-NOD32 a variant of Win64/HackTool.Agent.FB
APEX Malicious
Kaspersky VHO:Trojan.Win32.Agent.gen
MicroWorld-eScan Gen:Variant.Midie.141517
Emsisoft Gen:Variant.Midie.141517 (B)
McAfeeD ti!E77881389E4A
FireEye Gen:Variant.Midie.141517
MAX malware (ai score=89)
ZoneAlarm VHO:Trojan.Win32.Agent.gen
GData Gen:Variant.Midie.141517
DeepInstinct MALICIOUS
MaxSecure Trojan.Malware.300983.susgen
CrowdStrike win/malicious_confidence_70% (D)