popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

eth.exe

Malicious Library Antivirus UPX Anti_VM PE64 PE File OS Processor Check
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 Aug. 11, 2024, 2:47 p.m. Aug. 11, 2024, 3:18 p.m.
Size 2.0MB
Type PE32+ executable (GUI) x86-64, for MS Windows
MD5 841e052a11d2ea9148d356ae0f9c3577
SHA256 1c6981858bb6bfdc80538a0b791238736cbe2f238d973b9b21c516af8c5315ae
CRC32 8124FD0F
ssdeep 49152:appzEXtbTwc3pV8O91Evi67eHXy3hoEnny+4RxkcN5:apKSPXrYxkS5
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsPE64 - (no description)
  • Antivirus - Contains references to security software
  • anti_vm_detect - Possibly employs anti-virtualization techniques
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section {u'size_of_data': u'0x000df800', u'virtual_address': u'0x00110000', u'entropy': 6.81646806645216, u'name': u'.data', u'virtual_size': u'0x000e05a0'} entropy 6.81646806645 description A section with a high entropy has been found
entropy 0.442245857037 description Overall entropy of this PE file is high
Bkav W64.AIDetectMalware
Lionic Trojan.Win32.GameHack.4!c
Elastic malicious (high confidence)
Cynet Malicious (score: 99)
Skyhigh BehavesLike.Win64.Downloader.th
McAfee Artemis!841E052A11D2
VIPRE Gen:Variant.Zusy.555247
Sangfor Trojan.Win32.Gamehack.Vgsq
K7AntiVirus Unwanted-Program ( 005b35181 )
BitDefender Gen:Variant.Zusy.555247
K7GW Unwanted-Program ( 005b35181 )
Cybereason malicious.a11d2e
Arcabit Trojan.Zusy.D878EF
Symantec ML.Attribute.HighConfidence
ESET-NOD32 a variant of Win64/GameHack.JJ potentially unsafe
APEX Malicious
MicroWorld-eScan Gen:Variant.Zusy.555247
Emsisoft Gen:Variant.Zusy.555247 (B)
F-Secure Heuristic.HEUR/AGEN.1371818
Zillya Trojan.GameHack.Win64.634
McAfeeD ti!1C6981858BB6
FireEye Gen:Variant.Zusy.555247
Sophos Generic Reputation PUA (PUA)
SentinelOne Static AI - Suspicious PE
Google Detected
Avira HEUR/AGEN.1371818
MAX malware (ai score=84)
Antiy-AVL RiskWare/Win64.Gamehack.jj
Gridinsoft Hack.Win64.GameHack.sa
Microsoft Program:Win32/Wacapew.C!ml
GData Gen:Variant.Zusy.555247
Varist W64/ABApplication.NBHD-3925
AhnLab-V3 Malware/Win.Generic.R639555
DeepInstinct MALICIOUS
Malwarebytes Malware.AI.2193996335
Ikarus Trojan.Win32.Generic
TrendMicro-HouseCall TROJ_GEN.R002H09GS24
Yandex Riskware.Agent!j2KoxLbeuf4
MaxSecure Trojan.Malware.273350062.susgen
Fortinet Adware/GameHack
Paloalto generic.ml
CrowdStrike win/malicious_confidence_60% (W)