Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
09.19 02:09
66ea645129e6a_jacobs.exe
09.19 11:09
clip64.dll
09.19 11:09
cred64.dll
09.19 10:09
vsfdajg16.exe
09.19 10:09
QuickBooks_Setup.msi
09.19 10:09
QuickBooks_Desktop_Set...
09.19 10:09
game.exe
09.19 10:09
vlsadg.exe
09.19 10:09
lnfsda.exe
09.19 10:09
66eaadab755d2_installs...

Latest News
09.20 03:09
CISA Adds One Known Ex...
09.20 03:09
Talk of election secur...
09.20 03:09
Lathe Outfitted with E...
09.20 03:09
Musk’s X Tells Top Bra...
09.20 03:09
Wherever There's Ranso...
09.20 03:09
CISA Adds One Known Ex...
09.20 03:09
Bridge Detection Gaps ...
09.20 03:09
02 - Performing Basic ...
09.20 03:09
Exploiting Exchange Po...
09.20 03:09
KI in Hollywood: Wie L...

Summary | ZeroBOX

rkcms.exe

UPX PE64 PE File

Category	Machine	Started	Completed
FILE	s1_win7_x6401	Sept. 11, 2024, 10:08 a.m.	Sept. 11, 2024, 10:12 a.m.

Size	18.5KB
Type	PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
MD5	`06077fd4b5e75f2d730ca61e2bf0f4e7`
SHA256	`546bd73bca7e70f8597b7841f90214b86c0a04163a6ac0b5023b0ebebe81c043`
CRC32	`F5D59224`
ssdeep	`384:G6hkVTL6dQ1lKE8elazyonf87vQu0et5jrgrx:PmVmFfwwtnU7vAet5jk`
Yara	PE_Header_Zero - PE File Signature IsPE64 - (no description) UPX_Zero - UPX packed file

rkcms.exe "C:\Users\test22\AppData\Local\Temp\rkcms.exe"
2548

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

File has been identified by 7 AntiVirus engines on VirusTotal as malicious (7 events)

Bkav	W64.AIDetectMalware
Elastic	malicious (high confidence)
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
McAfeeD	ti!546BD73BCA7E
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_90% (D)