popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

setup1.exe

Generic Malware Malicious Library UPX Malicious Packer PE File OS Processor Check PE32
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 Aug. 12, 2024, 11:27 a.m. Aug. 12, 2024, 11:34 a.m.
Size 409.5KB
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 ac0e89743359913cf03f8d71e8971c43
SHA256 3285933552ef4f43a2f98030df7e1770d03d093c3959551c18bdc5e6c83b32ae
CRC32 D9997D7D
ssdeep 6144:vEtEGUyT5kLu7NnIVyU4Uo/V+YPZdYYQiLXRrYoYFEHRT:vEt5JT5kL4IVyU0zZiE1
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • Malicious_Packer_Zero - Malicious Packer
  • IsPE32 - (no description)
  • Generic_Malware_Zero - Generic Malware
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

resource name BENABAPEXERUKABOFEYUF
resource name FOWAMODAPISIBEHECOGEGOH
resource name RACUMOTETO
section {u'size_of_data': u'0x00040c00', u'virtual_address': u'0x00001000', u'entropy': 7.601057778681294, u'name': u'.text', u'virtual_size': u'0x00040a12'} entropy 7.60105777868 description A section with a high entropy has been found
entropy 0.634026927785 description Overall entropy of this PE file is high
Bkav W32.AIDetectMalware
Lionic Trojan.Win32.Generic.4!c
Elastic malicious (high confidence)
Cynet Malicious (score: 100)
Skyhigh BehavesLike.Win32.Lockbit.gh
Cylance Unsafe
Sangfor Ransom.Win32.Save.a
K7AntiVirus Trojan ( 005579741 )
K7GW Trojan ( 005579741 )
Symantec ML.Attribute.HighConfidence
tehtris Generic.Malware
APEX Malicious
Avast BootkitX-gen [Rtk]
ClamAV Win.Packer.pkr_ce1a-9980177-0
Kaspersky UDS:DangerousObject.Multi.Generic
Rising Trojan.Kryptik@AI.100 (RDML:OHjqc6p/kBK6Tu3um+1QhQ)
McAfeeD Real Protect-LS!AC0E89743359
Trapmine malicious.high.ml.score
FireEye Generic.mg.ac0e89743359913c
Sophos Troj/Krypt-VK
SentinelOne Static AI - Malicious PE
Google Detected
Kingsoft malware.kb.a.1000
Microsoft Trojan:Win32/Caynamer.A!ml
ZoneAlarm UDS:DangerousObject.Multi.Generic
Acronis suspicious
DeepInstinct MALICIOUS
VBA32 BScope.Trojan.AntiAV
Malwarebytes Generic.Malware/Suspicious
Ikarus Trojan-Banker.UrSnif
Tencent Trojan.Win32.Obfuscated.gen
MaxSecure Trojan.Malware.300983.susgen
AVG BootkitX-gen [Rtk]
Paloalto generic.ml
CrowdStrike win/malicious_confidence_100% (W)