popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

chisel32.exe

Malicious Library UPX Malicious Packer PE File OS Processor Check PE32
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6403_us July 26, 2024, 10:25 a.m. July 26, 2024, 10:28 a.m.
Size 8.2MB
Type PE32 executable (console) Intel 80386, for MS Windows
MD5 7eae075c51e9bda629835d4b2815ee03
SHA256 f82edf0228b8e58517659bc465599a85609377f34c9e4a8b1279e10806109b61
CRC32 286D1A8C
ssdeep 98304:cjkwV6+I5dc/mwpg27Ee3A58mDB739NWfAz:An/4e3A6mj
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • Malicious_Packer_Zero - Malicious Packer
  • IsPE32 - (no description)
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Time & API Arguments Status Return Repeated

WriteConsoleA

 buffer: fatal error:
console_handle: 0x0000000b
1 1 0

WriteConsoleA

 buffer: kernel32.dll not found
console_handle: 0x0000000b
1 1 0

WriteConsoleA

 buffer: runtime: panic before malloc heap initialized
console_handle: 0x0000000b
1 1 0
section .symtab
Time & API Arguments Status Return Repeated

__exception__

 stacktrace: 

        
      
      
      

    
  
    
      
        exception.symbol:
        
        

      
        exception.exception_code:
        0xc0000005
        

      
        exception.address:
        0x0
        

      
    
  
    
      
        registers.esp:
        1637676
        

      
        registers.edi:
        4461568
        

      
        registers.eax:
        0
        

      
        registers.ebp:
        1637680
        

      
        registers.edx:
        4294967295
        

      
        registers.ebx:
        1637692
        

      
        registers.esi:
        1637608
        

      
        registers.ecx:
        0
        

      
    
  


    
        1
    

0

    
        0
    


                                


                            

                        

                    


                    

                

            
            
        
            


                

                
                

                    

                    

                        
                        

                            

                                

                                    Bkav
                                    W32.AIDetectMalware
                                    
                                


                            

                        

                            

                                

                                    Lionic
                                    Hacktool.Win32.Chisel.3!c
                                    
                                


                            

                        

                            

                                

                                    Elastic
                                    malicious (moderate confidence)
                                    
                                


                            

                        

                            

                                

                                    Cynet
                                    Malicious (score: 99)
                                    
                                


                            

                        

                            

                                

                                    Skyhigh
                                    BehavesLike.Win32.Ransomware.rh
                                    
                                


                            

                        

                            

                                

                                    ALYac
                                    Application.Generic.3517430
                                    
                                


                            

                        

                            

                                

                                    Cylance
                                    Unsafe
                                    
                                


                            

                        

                            

                                

                                    VIPRE
                                    Application.Generic.3517430
                                    
                                


                            

                        

                            

                                

                                    Sangfor
                                    Hacktool.Win32.Chisel.Vfgm
                                    
                                


                            

                        

                            

                                

                                    K7AntiVirus
                                    Trojan ( 005ab92d1 )
                                    
                                


                            

                        

                            

                                

                                    BitDefender
                                    Application.Generic.3517430
                                    
                                


                            

                        

                            

                                

                                    K7GW
                                    Trojan ( 005ab92d1 )
                                    
                                


                            

                        

                            

                                

                                    Cybereason
                                    malicious.c51e9b
                                    
                                


                            

                        

                            

                                

                                    Arcabit
                                    Application.Generic.D35ABF6
                                    
                                


                            

                        

                            

                                

                                    Symantec
                                    Trojan.Gen.MBT
                                    
                                


                            

                        

                            

                                

                                    ESET-NOD32
                                    a variant of WinGo/HackTool.Chisel.AB
                                    
                                


                            

                        

                            

                                

                                    McAfee
                                    GenericRXAA-AA!7EAE075C51E9
                                    
                                


                            

                        

                            

                                

                                    Avast
                                    Win32:Malware-gen
                                    
                                


                            

                        

                            

                                

                                    ClamAV
                                    Win.Tool.Chisel-9987492-0
                                    
                                


                            

                        

                            

                                

                                    Kaspersky
                                    HEUR:HackTool.Win32.Chisel.b
                                    
                                


                            

                        

                            

                                

                                    Alibaba
                                    HackTool:Win32/Chisel.8336420e
                                    
                                


                            

                        

                            

                                

                                    MicroWorld-eScan
                                    Application.Generic.3517430
                                    
                                


                            

                        

                            

                                

                                    Emsisoft
                                    Application.Generic.3517430 (B)
                                    
                                


                            

                        

                            

                                

                                    F-Secure
                                    Trojan.TR/Redcap.gepbx
                                    
                                


                            

                        

                            

                                

                                    Zillya
                                    Tool.Chisel.Win32.523
                                    
                                


                            

                        

                            

                                

                                    TrendMicro
                                    HackTool.Win32.Chisel.SM.go
                                    
                                


                            

                        

                            

                                

                                    McAfeeD
                                    ti!F82EDF0228B8
                                    
                                


                            

                        

                            

                                

                                    FireEye
                                    Application.Generic.3517430
                                    
                                


                            

                        

                            

                                

                                    Sophos
                                    ATK/Chisel-F
                                    
                                


                            

                        

                            

                                

                                    Jiangmin
                                    NetTool.FRP.fy
                                    
                                


                            

                        

                            

                                

                                    Webroot
                                    W32.Hacktool.Chisel
                                    
                                


                            

                        

                            

                                

                                    Google
                                    Detected
                                    
                                


                            

                        

                            

                                

                                    Avira
                                    TR/Redcap.gepbx
                                    
                                


                            

                        

                            

                                

                                    MAX
                                    malware (ai score=77)
                                    
                                


                            

                        

                            

                                

                                    Antiy-AVL
                                    HackTool/Win32.Chisel
                                    
                                


                            

                        

                            

                                

                                    Kingsoft
                                    Win32.HackTool.Chisel.a
                                    
                                


                            

                        

                            

                                

                                    Microsoft
                                    HackTool:Win32/Chisel!MTB
                                    
                                


                            

                        

                            

                                

                                    ZoneAlarm
                                    HEUR:HackTool.Win32.Agent.gen
                                    
                                


                            

                        

                            

                                

                                    GData
                                    Application.Generic.3517430
                                    
                                


                            

                        

                            

                                

                                    Varist
                                    W32/ABApplication.OKBG-3118
                                    
                                


                            

                        

                            

                                

                                    AhnLab-V3
                                    HackTool/Win.Chisel.C5620038
                                    
                                


                            

                        

                            

                                

                                    DeepInstinct
                                    MALICIOUS
                                    
                                


                            

                        

                            

                                

                                    Malwarebytes
                                    Malware.AI.4160149273
                                    
                                


                            

                        

                            

                                

                                    Ikarus
                                    Win32.Outbreak
                                    
                                


                            

                        

                            

                                

                                    Panda
                                    Trj/CI.A
                                    
                                


                            

                        

                            

                                

                                    Tencent
                                    Win32.Hacktool.Chisel.Qcnw
                                    
                                


                            

                        

                            

                                

                                    MaxSecure
                                    Trojan.Malware.241417505.susgen
                                    
                                


                            

                        

                            

                                

                                    Fortinet
                                    W32/PossibleThreat
                                    
                                


                            

                        

                            

                                

                                    AVG
                                    Win32:Malware-gen
                                    
                                


                            

                        

                            

                                

                                    CrowdStrike
                                    win/grayware_confidence_100% (W)