Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6403_us	Aug. 19, 2024, 2:16 p.m.	Aug. 19, 2024, 2:30 p.m.

Size	368.5KB
Type	PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed
MD5	`54fb16a53cf14d68db5111ed6530251d`
SHA256	`3e1672b6c3439065525692f518d4ce4b593daed5fd5e3a4707f7f0bdeb8d83ed`
CRC32	`F3208B9C`
ssdeep	`6144:KMJt6tTmWjp1P4xm0ovCs2Rh68815xYasf5eIltnaToecFHzpPoPWFnuEEi:p6tyWjX4LovCsYi5xYZheILnhXFTpqot`
Yara	PE_Header_Zero - PE File Signature IsPE32 - (no description) Generic_Malware_Zero - Generic Malware UPX_Zero - UPX packed file

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

No Suricata Alerts

No Suricata TLS

Time & API	Arguments	Status	Return	Repeated
IsDebuggerPresent Aug. 19, 2024, 2:16 p.m.			0	0

name

RT_MANIFEST

language

LANG_CHINESE

filetype

XML 1.0 document, ASCII text, with CRLF line terminators

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

offset

0x000e32e4

size

0x000001e1

section

{u'size_of_data': u'0x00055400', u'virtual_address': u'0x00087000', u'entropy': 7.937567530825908, u'name': u'UPX1', u'virtual_size': u'0x00056000'}

entropy

7.93756753083

description

A section with a high entropy has been found

entropy

0.927891156463

description

Overall entropy of this PE file is high

section	UPX0				description	Section name indicates UPX
section	UPX1				description	Section name indicates UPX

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Generic.4!c
Elastic	malicious (moderate confidence)
Cynet	Malicious (score: 100)
Skyhigh	BehavesLike.Win32.TrojanAitInject.fc
ALYac	Trojan.GenericKD.66127665
Cylance	Unsafe
VIPRE	Trojan.GenericKD.66127665
Sangfor	Trojan.Win32.Agent.Vrjj
BitDefender	Trojan.GenericKD.66127665
Cybereason	malicious.53cf14
Arcabit	Trojan.Generic.D3F10731
VirIT	Trojan.Win32.Crypt5.MKJ
tehtris	Generic.Malware
APEX	Malicious
McAfee	Artemis!54FB16A53CF1
ClamAV	Win.Malware.Generic-9952838-0
Kaspersky	Trojan.Win32.Agentb.mfic
Alibaba	Trojan:Win32/SelfDel.38afbc9b
MicroWorld-eScan	Trojan.GenericKD.66127665
Emsisoft	Trojan.GenericKD.66127665 (B)
McAfeeD	Real Protect-LS!54FB16A53CF1
Trapmine	malicious.high.ml.score
FireEye	Generic.mg.54fb16a53cf14d68
Sophos	Mal/Generic-S
Ikarus	Trojan.SelfDel
Jiangmin	Trojan.Selfdel.rvj
Webroot	W32.Trojan.Gen
Google	Detected
MAX	malware (ai score=80)
Antiy-AVL	Trojan[Dropper]/Win32.Dorifel
ZoneAlarm	Trojan.Win32.Agentb.mfic
GData	Trojan.GenericKD.66127665
DeepInstinct	MALICIOUS
VBA32	Backdoor.Bladabindi
Malwarebytes	Malware.AI.2852723073
TrendMicro-HouseCall	TROJ_GEN.R002H09ET24
Yandex	Trojan.GenAsa!NHzzuRkQa3Y
MaxSecure	Trojan.Malware.206601952.susgen
Fortinet	W32/PossibleThreat
Paloalto	generic.ml
CrowdStrike	win/malicious_confidence_90% (W)
alibabacloud	Suspicious

dbzinifix.exe