Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
09.21 02:09
l6E.exe
09.20 01:09
setup.exe
09.20 11:09
3uTools.exe
09.20 11:09
66ecb4573225b_vsbhfdg1...
09.20 10:09
66ecb452ba19c_sfbdsgfd...
09.20 10:09
66ecb44c35444_vfdhsgdf...
09.20 10:09
66ec0e61998bf_setup30.exe
09.20 10:09
66ebf725efe38_lyla.exe
09.20 10:09
Desktop_Explorer.exe
09.20 10:09
66ec3528901bb_winupdat...

Latest News
09.21 08:09
Google Judge Questions...
09.21 08:09
US Leans on Shipbuildi...
09.21 08:09
Mechanical Logic Gates...
09.21 08:09
Sarah Silverman Lawyer...
09.21 07:09
September 21, 2024
09.21 06:09
GAO to unveil findings...
09.21 06:09
Snowflake Hacker Still...
09.21 06:09
SEC Blasts Musk for At...
09.21 06:09
Silicon Valley Investo...
09.21 06:09
Shroombots, pagers, To...

Summary | ZeroBOX

autoupdate.exe

CoinMiner Antivirus UPX Malicious Library OS Processor Check PE32 PE File

Category	Machine	Started	Completed
FILE	s1_win7_x6401	Aug. 6, 2024, 9:13 a.m.	Aug. 6, 2024, 9:16 a.m.

Size	130.0KB
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`0c6e9d70bef24a7bfacfb744e4cd3368`
SHA256	`453e3c1266d62585c853ab63291b365ccdd3c8bb1eed0008e94b58decf6978fd`
CRC32	`A786ED34`
ssdeep	`3072:fxIOnaZVEoAh54W91l8nWOMFcCmejUaaacoreXAeDHk+:OOnaZMhF96ujaWreXASHr`
PDB Path	D:\projects\autoupdate\Release\autoupdate.pdb
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature CoinMiner_IN - CoinMiner Antivirus - Contains references to security software IsPE32 - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

This executable has a PDB path (1 event)

pdb_path

D:\projects\autoupdate\Release\autoupdate.pdb

File has been identified by 9 AntiVirus engines on VirusTotal as malicious (9 events)

Bkav	W32.AIDetectMalware
Elastic	malicious (moderate confidence)
APEX	Malicious
Kaspersky	UDS:DangerousObject.Multi.Generic
McAfeeD	ti!453E3C1266D6
Kingsoft	Win32.Troj.Unknown.a
Microsoft	Trojan:Win32/Sonbokli.A!cl
ZoneAlarm	UDS:DangerousObject.Multi.Generic
CrowdStrike	win/malicious_confidence_60% (W)