popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

217.exe

Generic Malware Malicious Library UPX PE File OS Processor Check PE32
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6403_us July 15, 2024, 9:18 a.m. July 15, 2024, 9:18 a.m.
Size 338.0KB
Type PE32 executable (console) Intel 80386, for MS Windows
MD5 42e2d273ee6215957f2b979737a74b45
SHA256 1a5035edf2e2c8b92a5129e97c13e2114070d87c684a842491ebcdb3797b592f
CRC32 62A38733
ssdeep 6144:qwTS7/BpP+AegMMtRvu3LqBOkQWrpbRPSxkplz7ZfnvH2di8MEO:qPpP6gMEhNbRPwkplRSi8MEO
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • UPX_Zero - UPX packed file
  • Generic_Malware_Zero - Generic Malware
  • OS_Processor_Check_Zero - OS Processor Check

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section {u'size_of_data': u'0x0001d600', u'virtual_address': u'0x00034000', u'entropy': 7.943656290451496, u'name': u'.data', u'virtual_size': u'0x0001e55c'} entropy 7.94365629045 description A section with a high entropy has been found
entropy 0.358778625954 description Overall entropy of this PE file is high
Bkav W32.AIDetectMalware
Elastic malicious (high confidence)
Cynet Malicious (score: 100)
Cylance Unsafe
Sangfor Trojan.Win32.Save.a
Symantec ML.Attribute.HighConfidence
ESET-NOD32 a variant of Win32/Kryptik.HXIV
APEX Malicious
Avast Win32:CrypterX-gen [Trj]
ClamAV Win.Keylogger.Lazy-10031941-0
Kaspersky HEUR:Trojan-PSW.Win32.Reline.gen
Rising Stealer.Reline!8.132F4 (RDMK:cmRtazoF4a+nh0FFmBY)
McAfeeD ti!1A5035EDF2E2
Trapmine malicious.high.ml.score
FireEye Generic.mg.42e2d273ee621595
Ikarus Trojan-Spy.LummaStealer
Google Detected
Microsoft Trojan:Win32/Wacatac.B!ml
ZoneAlarm HEUR:Trojan-PSW.Win32.Reline.gen
Varist W32/Kryptik.MJE.gen!Eldorado
BitDefenderTheta Gen:NN.ZexaF.36808.vqY@aS299fb
VBA32 BScope.TrojanPSW.Vidar
SentinelOne Static AI - Malicious PE
MaxSecure Trojan.Malware.300983.susgen
AVG Win32:CrypterX-gen [Trj]
CrowdStrike win/malicious_confidence_100% (D)