popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Major_0x00012BD4C3BDF0.exe

Generic Malware Malicious Library Admin Tool (Sysinternals etc ...) UPX PE64 PE File OS Processor Check
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6403_us July 31, 2024, 7:20 a.m. July 31, 2024, 7:22 a.m.
Size 1.3MB
Type PE32+ executable (GUI) x86-64, for MS Windows
MD5 c7ea74a05e864d4d67a2fba6be3bb667
SHA256 a01ac4244102e3958296c70d71e3d951f11abcc355458d1918d081587b151d90
CRC32 46104BD5
ssdeep 24576:fWljizSawkL2zmeaAit8v1hUw+hqPNKLkFh:+l2akSz+AitK5EAF
Yara
  • Malicious_Library_Zero - Malicious_Library
  • Admin_Tool_IN_Zero - Admin Tool Sysinternals
  • PE_Header_Zero - PE File Signature
  • IsPE64 - (no description)
  • UPX_Zero - UPX packed file
  • Generic_Malware_Zero - Generic Malware
  • OS_Processor_Check_Zero - OS Processor Check

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Time & API Arguments Status Return Repeated

__exception__

 stacktrace: 
major_0x00012bd4c3bdf0+0x12bb82 @ 0x14012bb82
major_0x00012bd4c3bdf0+0x13ebda @ 0x14013ebda
BaseThreadInitThunk+0xd CreateThread-0x53 kernel32+0x1652d @ 0x76fd652d
RtlUserThreadStart+0x21 strchr-0x3df ntdll+0x2c521 @ 0x776ec521

exception.instruction_r: f3 aa 48 8b 84 24 b8 55 01 00 8b 8c 24 94 62 00
exception.symbol: major_0x00012bd4c3bdf0+0x12bb82
exception.instruction: stosb byte ptr [rdi], al
exception.module: Major_0x00012BD4C3BDF0.exe
exception.exception_code: 0xc0000005
exception.offset: 1227650
exception.address: 0x14012bb82
registers.r14: 0
registers.r15: 0
registers.rcx: 27176
registers.rsi: 0
registers.r10: 0
registers.rbx: 0
registers.rsp: 1245152
registers.r11: 582
registers.r8: 1140312
registers.r9: 0
registers.rdx: 0
registers.r12: 0
registers.rbp: 0
registers.rdi: 0
registers.rax: 0
registers.r13: 0
1 0 0