popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

uuvipfix.exe

CoinMiner Generic Malware AutoIt UPX PE File PE32
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6403_us Aug. 19, 2024, 2:19 p.m. Aug. 19, 2024, 3:07 p.m.
Size 2.2MB
Type PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed
MD5 46be1d2a2de1c43b0169874d14503098
SHA256 5948a861bd1015ba1e96e8d9bcb111bfafb1b82b5bd05299e7afa05c38501b75
CRC32 E4BC96BD
ssdeep 49152:MfKtqFpiuLCm3ZjwLGkE5c/M4GNjFjU+YqCvZXd00b9uMaST2HNoIm:MfKtqFzLC8MqkEcoNjFgjXhRuyOoD
Yara
  • AutoIt - autoit
  • PE_Header_Zero - PE File Signature
  • CoinMiner_IN - CoinMiner
  • IsPE32 - (no description)
  • Generic_Malware_Zero - Generic Malware
  • UPX_Zero - UPX packed file

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Time & API Arguments Status Return Repeated

IsDebuggerPresent

 0 0

IsDebuggerPresent

 0 0
Time & API Arguments Status Return Repeated

GlobalMemoryStatusEx

 1 1 0
packer UPX 2.90 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
section {u'size_of_data': u'0x0004aa00', u'virtual_address': u'0x0007d000', u'entropy': 7.940965856094214, u'name': u'UPX1', u'virtual_size': u'0x0004b000'} entropy 7.94096585609 description A section with a high entropy has been found
entropy 0.911450381679 description Overall entropy of this PE file is high
section UPX0 description Section name indicates UPX
section UPX1 description Section name indicates UPX
Bkav W32.AIDetectMalware
Lionic Trojan.Win32.Agent.lwaI
Elastic malicious (moderate confidence)
Cynet Malicious (score: 100)
Skyhigh BehavesLike.Win32.Injector.vc
ALYac Trojan.GenericKD.66127807
Cylance Unsafe
VIPRE Trojan.GenericKD.66127807
Sangfor Riskware.Win32.FlyStudio.V8ey
K7AntiVirus Trojan ( 005850dc1 )
BitDefender Trojan.GenericKD.66127807
K7GW Trojan ( 005850dc1 )
Cybereason malicious.a2de1c
Arcabit Trojan.Generic.D3F107BF
VirIT Trojan.Win32.Generic.XTX
ESET-NOD32 multiple detections
APEX Malicious
McAfee Artemis!46BE1D2A2DE1
Avast Win32:Evo-gen [Trj]
ClamAV Win.Malware.Generic-6651791-0
Kaspersky Trojan.Win32.Agentb.mfhy
Alibaba RiskWare:Win32/FlyStudio.09a428cd
NANO-Antivirus Riskware.Win32.FlyStudio.kosnov
MicroWorld-eScan Trojan.GenericKD.66127807
Rising Hacktool.FlyStudio!8.1222 (CLOUD)
Emsisoft Trojan.GenericKD.66127807 (B)
F-Secure Trojan.TR/BHO.Gen
DrWeb Trojan.Siggen5.59949
Zillya Trojan.AutoIT.Win32.176424
TrendMicro TROJ_GEN.R002C0RET24
McAfeeD ti!5948A861BD10
Trapmine malicious.high.ml.score
FireEye Generic.mg.46be1d2a2de1c43b
Sophos Mal/VMProtBad-A
Ikarus Trojan.BHO
Webroot W32.Malware.gen
Google Detected
Avira TR/BHO.Gen
MAX malware (ai score=82)
Antiy-AVL Trojan[Packed]/Win32.Autoit
Gridinsoft Trojan.Win32.CoinMiner.dd!s2
Xcitium TrojWare.Win32.Hider.REXR@5364l6
Microsoft Tool:Win32/Multiverze
ViRobot Trojan.Win32.A.Agent.690283[UPX]
ZoneAlarm Trojan.Win32.Agentb.mfhy
GData Win32.Trojan.PSE.R2WKDE
Varist W32/Trojan.IJBN-1595
BitDefenderTheta Gen:NN.ZexaF.36812.2DW@aeIqv1lb
DeepInstinct MALICIOUS
VBA32 IMWorm.Sohanad