Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
11.08 05:11
locker.exe
11.08 05:11
PowerView.ps1
11.08 05:11
cred64.dll
11.08 05:11
ngrok.exe
11.08 05:11
CollosalLoader.exe
11.08 05:11
SharpHound.exe
11.08 05:11
Reaper%20cfx%20Spoofer...
11.08 05:11
dxwebsetup.exe
11.08 05:11
hell9o.exe
11.08 05:11
jerniuiopu.exe

Latest News
11.11 05:11
Spam-Anrufe adé: Diese...
11.11 05:11
Bilderkontrolle in Wha...
11.11 05:11
Baguette statt Bitcoin...
11.11 05:11
Beware of the “India P...
11.11 03:11
Component Tester Teardown
11.11 03:11
JPMorgan Braces for ‘I...
11.11 02:11
Zipdump & PKZIP Re...
11.11 12:11
Strom und Heizkosten i...
11.11 12:11
Koffein-Tracking per A...
11.11 12:11
Ryzen 7 9800X3D: AMDs ...

Summary | ZeroBOX

autoupdate.exe

CoinMiner Antivirus UPX Malicious Library OS Processor Check PE32 PE File

Category	Machine	Started	Completed
FILE	s1_win7_x6401	Aug. 6, 2024, 9:13 a.m.	Aug. 6, 2024, 9:16 a.m.

Size	130.0KB
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`0c6e9d70bef24a7bfacfb744e4cd3368`
SHA256	`453e3c1266d62585c853ab63291b365ccdd3c8bb1eed0008e94b58decf6978fd`
CRC32	`A786ED34`
ssdeep	`3072:fxIOnaZVEoAh54W91l8nWOMFcCmejUaaacoreXAeDHk+:OOnaZMhF96ujaWreXASHr`
PDB Path	D:\projects\autoupdate\Release\autoupdate.pdb
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature CoinMiner_IN - CoinMiner Antivirus - Contains references to security software IsPE32 - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

This executable has a PDB path (1 event)

pdb_path

D:\projects\autoupdate\Release\autoupdate.pdb

File has been identified by 9 AntiVirus engines on VirusTotal as malicious (9 events)

Bkav	W32.AIDetectMalware
Elastic	malicious (moderate confidence)
APEX	Malicious
Kaspersky	UDS:DangerousObject.Multi.Generic
McAfeeD	ti!453E3C1266D6
Kingsoft	Win32.Troj.Unknown.a
Microsoft	Trojan:Win32/Sonbokli.A!cl
ZoneAlarm	UDS:DangerousObject.Multi.Generic
CrowdStrike	win/malicious_confidence_60% (W)