popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

SIP.03746.XSLSX.exe

Malicious Library Antivirus UPX MZP Format PE File dll PE32 DllRegisterServer
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 July 15, 2024, 9:18 a.m. July 15, 2024, 9:18 a.m.
Size 321.7KB
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 a3e681364daaa68ce0177581573f483f
SHA256 a94869345f7f1f3a1bc6cca4aa94cc7bde30dcb0bb18198567ea58cc93ba2c15
CRC32 D2E3E8BC
ssdeep 6144:RZABbWqsE/Ao+mv8Qv0LVmwq4FU0fNoy6oHGx1d0RjzV5Pnz63LLHBN+:PANwRo+mv8QD4+0V16oHblLPkLLhN+
Yara
  • DllRegisterServer_Zero - execute regsvr32.exe
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • Antivirus - Contains references to security software
  • IsPE32 - (no description)
  • UPX_Zero - UPX packed file
  • mzp_file_format - MZP(Delphi) file format

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section CODE
section DATA
section BSS
packer BobSoft Mini Delphi -> BoB / BobSoft
Lionic Trojan.Win32.Sysn.b!c
Elastic malicious (moderate confidence)
Cynet Malicious (score: 100)
ALYac Gen:Variant.Tedy.577745
Cylance Unsafe
VIPRE Gen:Variant.Tedy.577745
Sangfor Trojan.Win32.Agent.Vuci
BitDefender Gen:Variant.Tedy.577745
Cybereason malicious.64daaa
Arcabit Trojan.Tedy.D8D0D1
Symantec ML.Attribute.HighConfidence
APEX Malicious
McAfee Artemis!E739795E2208
Avast Win32:MalwareX-gen [Trj]
Kaspersky Trojan-Dropper.Win32.Sysn.dbnn
MicroWorld-eScan Gen:Variant.Tedy.577745
Emsisoft Gen:Variant.Tedy.577745 (B)
McAfeeD ti!A94869345F7F
Trapmine suspicious.low.ml.score
FireEye Gen:Variant.Tedy.577745
Sophos Generic Reputation PUA (PUA)
Ikarus Trojan.JS.Kilim
Google Detected
MAX malware (ai score=89)
Kingsoft malware.kb.a.891
Gridinsoft Ransom.Win32.AI.sa
Microsoft Trojan:Win32/Casdet!rfn
ZoneAlarm Trojan-Dropper.Win32.Sysn.dbnn
GData Gen:Variant.Tedy.577745
Varist W32/ABTrojan.IRMF-8743
BitDefenderTheta Gen:NN.ZemsilF.36808.hu0@aO8zQFi
DeepInstinct MALICIOUS
Malwarebytes Malware.AI.106378209
SentinelOne Static AI - Suspicious PE
MaxSecure Trojan-Ransom.Win32.Crypmod.zfq
Fortinet W32/PossibleThreat
AVG Win32:MalwareX-gen [Trj]
Paloalto generic.ml