popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Chrome.exe

Gen1 Generic Malware Malicious Library ASPack UPX Malicious Packer Anti_VM PE64 PE File OS Processor Check ZIP Format DLL
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 Sept. 7, 2024, 4:59 p.m. Sept. 7, 2024, 5:01 p.m.
Size 15.0MB
Type PE32+ executable (GUI) x86-64, for MS Windows
MD5 f90a0ca2766ad3e02c15fe5622546d01
SHA256 ac6b3de2692e7ddc7fbb6c3fea5ce6faa724ee34819c0c9c149d01fa0c37ead3
CRC32 AC0DCA48
ssdeep 393216:jn4ZpgPYVnNSMF1+TtIiFvY9Z8D8CclsdEA5UBnmwGXKb:b4ZpgPQH1QtI6a8DZcSdUmfKb
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • ASPack_Zero - ASPack packed file
  • IsPE64 - (no description)
  • Generic_Malware_Zero - Generic Malware
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section _RDATA
file C:\Users\test22\AppData\Local\Temp\_MEI25482\api-ms-win-core-localization-l1-2-0.dll
file C:\Users\test22\AppData\Local\Temp\_MEI25482\api-ms-win-core-processenvironment-l1-1-0.dll
file C:\Users\test22\AppData\Local\Temp\_MEI25482\api-ms-win-core-heap-l1-1-0.dll
file C:\Users\test22\AppData\Local\Temp\_MEI25482\api-ms-win-core-timezone-l1-1-0.dll
file C:\Users\test22\AppData\Local\Temp\_MEI25482\api-ms-win-core-errorhandling-l1-1-0.dll
file C:\Users\test22\AppData\Local\Temp\_MEI25482\api-ms-win-core-datetime-l1-1-0.dll
file C:\Users\test22\AppData\Local\Temp\_MEI25482\api-ms-win-core-debug-l1-1-0.dll
file C:\Users\test22\AppData\Local\Temp\_MEI25482\api-ms-win-crt-convert-l1-1-0.dll
file C:\Users\test22\AppData\Local\Temp\_MEI25482\api-ms-win-core-rtlsupport-l1-1-0.dll
file C:\Users\test22\AppData\Local\Temp\_MEI25482\api-ms-win-core-namedpipe-l1-1-0.dll
file C:\Users\test22\AppData\Local\Temp\_MEI25482\api-ms-win-core-libraryloader-l1-1-0.dll
file C:\Users\test22\AppData\Local\Temp\_MEI25482\libcrypto-3.dll
file C:\Users\test22\AppData\Local\Temp\_MEI25482\api-ms-win-crt-string-l1-1-0.dll
file C:\Users\test22\AppData\Local\Temp\_MEI25482\api-ms-win-crt-conio-l1-1-0.dll
file C:\Users\test22\AppData\Local\Temp\_MEI25482\api-ms-win-core-file-l1-2-0.dll
file C:\Users\test22\AppData\Local\Temp\_MEI25482\ucrtbase.dll
file C:\Users\test22\AppData\Local\Temp\_MEI25482\api-ms-win-crt-heap-l1-1-0.dll
file C:\Users\test22\AppData\Local\Temp\_MEI25482\api-ms-win-core-console-l1-1-0.dll
file C:\Users\test22\AppData\Local\Temp\_MEI25482\api-ms-win-crt-utility-l1-1-0.dll
file C:\Users\test22\AppData\Local\Temp\_MEI25482\api-ms-win-core-file-l2-1-0.dll
file C:\Users\test22\AppData\Local\Temp\_MEI25482\api-ms-win-core-string-l1-1-0.dll
file C:\Users\test22\AppData\Local\Temp\_MEI25482\api-ms-win-core-interlocked-l1-1-0.dll
file C:\Users\test22\AppData\Local\Temp\_MEI25482\api-ms-win-crt-locale-l1-1-0.dll
file C:\Users\test22\AppData\Local\Temp\_MEI25482\api-ms-win-crt-math-l1-1-0.dll
file C:\Users\test22\AppData\Local\Temp\_MEI25482\python312.dll
file C:\Users\test22\AppData\Local\Temp\_MEI25482\libssl-3.dll
file C:\Users\test22\AppData\Local\Temp\_MEI25482\api-ms-win-core-processthreads-l1-1-0.dll
file C:\Users\test22\AppData\Local\Temp\_MEI25482\api-ms-win-crt-runtime-l1-1-0.dll
file C:\Users\test22\AppData\Local\Temp\_MEI25482\VCRUNTIME140.dll
file C:\Users\test22\AppData\Local\Temp\_MEI25482\api-ms-win-core-processthreads-l1-1-1.dll
file C:\Users\test22\AppData\Local\Temp\_MEI25482\api-ms-win-core-file-l1-1-0.dll
file C:\Users\test22\AppData\Local\Temp\_MEI25482\api-ms-win-core-synch-l1-2-0.dll
file C:\Users\test22\AppData\Local\Temp\_MEI25482\VCRUNTIME140_1.dll
file C:\Users\test22\AppData\Local\Temp\_MEI25482\libffi-8.dll
file C:\Users\test22\AppData\Local\Temp\_MEI25482\api-ms-win-crt-time-l1-1-0.dll
file C:\Users\test22\AppData\Local\Temp\_MEI25482\python3.dll
file C:\Users\test22\AppData\Local\Temp\_MEI25482\api-ms-win-core-util-l1-1-0.dll
file C:\Users\test22\AppData\Local\Temp\_MEI25482\api-ms-win-crt-filesystem-l1-1-0.dll
file C:\Users\test22\AppData\Local\Temp\_MEI25482\api-ms-win-crt-environment-l1-1-0.dll
file C:\Users\test22\AppData\Local\Temp\_MEI25482\api-ms-win-core-memory-l1-1-0.dll
file C:\Users\test22\AppData\Local\Temp\_MEI25482\api-ms-win-crt-stdio-l1-1-0.dll
file C:\Users\test22\AppData\Local\Temp\_MEI25482\api-ms-win-crt-process-l1-1-0.dll
file C:\Users\test22\AppData\Local\Temp\_MEI25482\api-ms-win-core-profile-l1-1-0.dll
file C:\Users\test22\AppData\Local\Temp\_MEI25482\api-ms-win-core-handle-l1-1-0.dll
file C:\Users\test22\AppData\Local\Temp\_MEI25482\api-ms-win-core-sysinfo-l1-1-0.dll
file C:\Users\test22\AppData\Local\Temp\_MEI25482\api-ms-win-core-synch-l1-1-0.dll
section {u'size_of_data': u'0x0000f600', u'virtual_address': u'0x00047000', u'entropy': 7.554976062358976, u'name': u'.rsrc', u'virtual_size': u'0x0000f41c'} entropy 7.55497606236 description A section with a high entropy has been found
parent_process chrome.exe martian_process "C:\Users\test22\AppData\Local\Temp\Chrome.exe"
Bkav W64.AIDetectMalware
Lionic Trojan.Win32.Agent.tsD1
Elastic malicious (high confidence)
Cynet Malicious (score: 99)
Cylance Unsafe
Alibaba DDoS:Win32/Pyinstaller.d9c6452b
Symantec Trojan.Gen.MBT
ESET-NOD32 Python/DDoS.I
APEX Malicious
Paloalto generic.ml
F-Secure Trojan.TR/Redcap.tytkx
McAfeeD ti!AC6B3DE2692E
Sophos Mal/Generic-S
SentinelOne Static AI - Suspicious PE
Webroot W32.Trojan.Gen
Google Detected
Avira TR/Redcap.tytkx
Microsoft Trojan:Win32/Wacatac.B!ml
Varist W64/ABTrojan.YQHX-5531
DeepInstinct MALICIOUS
Ikarus Win32.Outbreak
huorong Trojan/Python.DDoS.e
Fortinet Python/DDoS.I!tr
alibabacloud DDoS:Python/Wacapew.C9nj