popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

AddMemreduct.exe

UPX PE32 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6403_us Aug. 19, 2024, 2:17 p.m. Aug. 19, 2024, 3:09 p.m.
Size 574.5KB
Type PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed
MD5 f013565b3f9e18d9ac83432b4f0c08f9
SHA256 a2da67b2c6bdded8424c239e2ddc36a5da7f556e967a25b5c3ec0db4473ae31e
CRC32 73177C97
ssdeep 12288:MFLN7pJxDibQF4ulRCX11Ab1i0n9aMd50jm6s6OgIUkBJoKISZxNex:gN7p/DjF7CHIkodP6OVjpZjex
Yara
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • UPX_Zero - UPX packed file

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Time & API Arguments Status Return Repeated

IsDebuggerPresent

 0 0
section {u'size_of_data': u'0x0005ca00', u'virtual_address': u'0x000bb000', u'entropy': 7.937092371801545, u'name': u'UPX1', u'virtual_size': u'0x0005d000'} entropy 7.9370923718 description A section with a high entropy has been found
section {u'size_of_data': u'0x00032c00', u'virtual_address': u'0x00118000', u'entropy': 7.842076583137826, u'name': u'.rsrc', u'virtual_size': u'0x00033000'} entropy 7.84207658314 description A section with a high entropy has been found
entropy 1.0 description Overall entropy of this PE file is high
section UPX0 description Section name indicates UPX
section UPX1 description Section name indicates UPX
Bkav W32.AIDetectMalware
Lionic Trojan.Win32.Generic.4!c
Elastic malicious (moderate confidence)
Cynet Malicious (score: 100)
Cylance Unsafe
VIPRE Trojan.GenericKD.73486708
Sangfor Trojan.Win32.Save.a
K7AntiVirus Riskware ( 00584baa1 )
K7GW Riskware ( 00584baa1 )
VirIT Trojan.Win32.AUTOIT
tehtris Generic.Malware
APEX Malicious
Paloalto generic.ml
BitDefender Trojan.GenericKD.73486708
MicroWorld-eScan Trojan.GenericKD.73486708
F-Secure Heuristic.HEUR/AGEN.1314752
TrendMicro TROJ_GEN.R002C0DGJ24
McAfeeD ti!A2DA67B2C6BD
Trapmine malicious.high.ml.score
FireEye Generic.mg.f013565b3f9e18d9
Emsisoft Trojan.GenericKD.73486708 (B)
Ikarus Trojan.Win32.Obfuscated
Jiangmin Trojan.Agent.epis
Avira HEUR/AGEN.1314752
MAX malware (ai score=83)
Antiy-AVL Trojan/Win32.SGeneric
Kingsoft malware.kb.b.883
Arcabit Trojan.Generic.D4615174
Microsoft Trojan:Win32/Casdet!rfn
AhnLab-V3 Trojan/Win.Casdet.C5650063
BitDefenderTheta Gen:NN.ZexaF.36812.JmGfaqlawnfi
Malwarebytes Malware.AI.4249198465
TrendMicro-HouseCall TROJ_GEN.R002C0DGJ24
Fortinet W32/PossibleThreat
CrowdStrike win/malicious_confidence_90% (D)