popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

loaderred.exe

Malicious Library Antivirus UPX Anti_VM PE64 PE File OS Processor Check
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 Aug. 11, 2024, 2:32 p.m. Aug. 11, 2024, 3:33 p.m.
Size 2.0MB
Type PE32+ executable (GUI) x86-64, for MS Windows
MD5 a29a4be4bbb2a112d282606e9fc09ce0
SHA256 93cfdf1b7c664125036c9f35a81d5bf2c891f11ac5eeecf56467b0cd7e64553d
CRC32 C71C4AA1
ssdeep 49152:DTUexZqlFNsEs5oLb01kd4okXmq/iIn8v+4Rxkct5+:DZsein2Yxky5+
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsPE64 - (no description)
  • Antivirus - Contains references to security software
  • anti_vm_detect - Possibly employs anti-virtualization techniques
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section {u'size_of_data': u'0x000df800', u'virtual_address': u'0x00110000', u'entropy': 6.816482895062797, u'name': u'.data', u'virtual_size': u'0x000e0560'} entropy 6.81648289506 description A section with a high entropy has been found
entropy 0.442355269668 description Overall entropy of this PE file is high
Bkav W64.AIDetectMalware
Lionic Trojan.Win32.Generic.4!c
Elastic malicious (high confidence)
Cynet Malicious (score: 99)
Skyhigh BehavesLike.Win64.Downloader.th
ALYac Gen:Variant.Zusy.555247
Cylance Unsafe
VIPRE Gen:Variant.Zusy.555247
Sangfor Trojan.Win32.Agent.V1ak
K7AntiVirus Unwanted-Program ( 005b39d41 )
BitDefender Gen:Variant.Zusy.555247
K7GW Unwanted-Program ( 005b39d41 )
Cybereason malicious.4bbb2a
Arcabit Trojan.Zusy.D878EF
Symantec ML.Attribute.HighConfidence
ESET-NOD32 a variant of Win64/GameHack.JJ potentially unsafe
APEX Malicious
McAfee Artemis!A29A4BE4BBB2
Avast Win64:MalwareX-gen [Trj]
MicroWorld-eScan Gen:Variant.Zusy.555247
Emsisoft Gen:Variant.Zusy.555247 (B)
F-Secure Heuristic.HEUR/AGEN.1371818
McAfeeD ti!93CFDF1B7C66
FireEye Gen:Variant.Zusy.555247
Sophos Mal/Generic-S
SentinelOne Static AI - Suspicious PE
Google Detected
Avira HEUR/AGEN.1371818
MAX malware (ai score=87)
Antiy-AVL RiskWare/Win64.Gamehack.jj
Microsoft Program:Win32/Wacapew.C!ml
GData Gen:Variant.Zusy.555247
AhnLab-V3 Malware/Win.Generic.R639555
DeepInstinct MALICIOUS
Malwarebytes Malware.AI.2193996335
Ikarus Trojan.Win32.Generic
Panda Trj/Chgt.AD
TrendMicro-HouseCall TROJ_GEN.R002H09CC24
MaxSecure Trojan.Malware.236963639.susgen
Fortinet W32/PossibleThreat
AVG Win64:MalwareX-gen [Trj]
CrowdStrike win/malicious_confidence_60% (W)