popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

1PDF.FaturaDetay_202407.exe

Malicious Library Antivirus UPX MZP Format PE File dll PE32 DllRegisterServer
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6403_us July 15, 2024, 9:18 a.m. July 15, 2024, 9:18 a.m.
Size 323.2KB
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 d8bf792f818877bf4848fde9511caeb8
SHA256 f5d96127b34730cf3bbbccd1c35098873fc0af897cc5d6dc3dd39a8e64c511d7
CRC32 9524EFE7
ssdeep 6144:CZABbWqsE/Ao+mv8Qv0LVmwq4FU0fNoy6BLtsorUC7ggXpTILMYSQpIIQENMshQt:kANwRo+mv8QD4+0V161tTNjkIIFN5c
Yara
  • DllRegisterServer_Zero - execute regsvr32.exe
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • Antivirus - Contains references to security software
  • IsPE32 - (no description)
  • UPX_Zero - UPX packed file
  • mzp_file_format - MZP(Delphi) file format

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section CODE
section DATA
section BSS
packer BobSoft Mini Delphi -> BoB / BobSoft
Lionic Trojan.Win32.Donut.4!c
Elastic malicious (moderate confidence)
Cynet Malicious (score: 100)
ALYac Gen:Variant.Tedy.577745
Cylance Unsafe
VIPRE Gen:Variant.Tedy.577745
Sangfor Trojan.Win32.Agent.Vkld
K7AntiVirus Trojan ( 005b23d21 )
BitDefender Gen:Variant.Tedy.577745
K7GW Trojan ( 005b23d21 )
Cybereason malicious.f81887
Arcabit Trojan.Tedy.D8D0D1
Symantec ML.Attribute.HighConfidence
APEX Malicious
McAfee Artemis!D8BF792F8188
Avast Win32:RansomX-gen [Ransom]
Kaspersky Trojan.MSIL.Donut.asy
MicroWorld-eScan Gen:Variant.Tedy.577745
Rising Dropper.Sysn!8.3D8 (CLOUD)
Emsisoft Gen:Variant.Tedy.577745 (B)
McAfeeD ti!F5D96127B347
Trapmine suspicious.low.ml.score
FireEye Generic.mg.d8bf792f818877bf
Sophos Mal/Generic-S
Ikarus Trojan.JS.Kilim
Jiangmin TrojanDropper.Injector.bekr
Google Detected
MAX malware (ai score=80)
Antiy-AVL Trojan[Dropper]/MSIL.Sysn
Kingsoft MSIL.Trojan.Donut.a
Gridinsoft Trojan.Win32.Downloader.sa
Microsoft Trojan:Win32/Casdet!rfn
ZoneAlarm Trojan.MSIL.Donut.asy
GData Gen:Variant.Tedy.577745
Varist W32/ABRisk.JBLM-3239
AhnLab-V3 Malware/Win32.Generic.C4244351
BitDefenderTheta Gen:NN.ZemsilF.36808.hu0@ay7e0Pc
DeepInstinct MALICIOUS
Malwarebytes Malware.AI.106378209
SentinelOne Static AI - Suspicious PE
MaxSecure Trojan-Ransom.Win32.Crypmod.zfq
Fortinet W32/PossibleThreat
AVG Win32:RansomX-gen [Ransom]
Paloalto generic.ml