Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
09.21 02:09
random.exe
09.21 02:09
sdhsfd.exe
09.21 02:09
66edb89bc4073_crypted....
09.21 02:09
66ed33772bbe7_vdfhsjf1...
09.21 02:09
game.exe
09.21 02:09
66ebb3bf78bd6_Send.exe...
09.21 02:09
66ed33717e4c1_vfdshfda...
09.21 02:09
random.exe
09.21 02:09
66ed336eac985_vdfhssfd...
09.21 02:09
66ed7ef071886_crypted....

Latest News
09.21 10:09
Fälschung enttarnt: De...
09.21 10:09
ChatGPT o1: Revolution...
09.21 09:09
Sicherheitsgründe: Ukr...
09.21 08:09
Steel Reinforcement To...
09.21 07:09
Iranian Hackers Tried ...
09.21 06:09
Prime Day is approachi...
09.21 06:09
heise-Angebot: NEU im ...
09.21 06:09
Datenschutzvorfall bei...
09.21 05:09
Ausfallzeiten gegen nu...
09.21 05:09
There’s No Lower Spec ...

Summary | ZeroBOX

test.exe

Generic Malware Malicious Library UPX PE64 PE File OS Processor Check

Category	Machine	Started	Completed
FILE	s1_win7_x6401	July 24, 2024, 9:45 p.m.	July 24, 2024, 9:45 p.m.

Size	259.0KB
Type	PE32+ executable (console) x86-64, for MS Windows
MD5	`0784da3d1a6ab997b2842fbf73b29688`
SHA256	`749c485da4adacfa775ecfd1d98c849b251157ef8df6de350d21a729d528e653`
CRC32	`D7881E7C`
ssdeep	`3072:c3+8oP9VR+EpZOEPot2pABIyzzZK0AujAbHchW6BzSMTIx5vD:C+pyUZVPot2aRzZKYsjeED`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsPE64 - (no description) UPX_Zero - UPX packed file Generic_Malware_Zero - Generic Malware OS_Processor_Check_Zero - OS Processor Check

test.exe "C:\Users\test22\AppData\Local\Temp\test.exe"
2552

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Checks amount of memory in system, this can be used to detect virtual machines that have a low amount of memory available (1 event)

Time & API	Arguments	Status	Return	Repeated
GlobalMemoryStatusEx July 24, 2024, 9:45 p.m.		1	1	0

File has been identified by 2 AntiVirus engines on VirusTotal as malicious (2 events)

Bkav	W64.AIDetectMalware
DeepInstinct	MALICIOUS

Expresses interest in specific running processes (1 event)

process: potential process injection target

winlogon.exe