popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

66df5745ca628_SETUP.exe

Generic Malware Malicious Library Admin Tool (Sysinternals etc ...) UPX Malicious Packer PE File dll OS Processor Check PE32 DllRegisterServer
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 Sept. 11, 2024, 10:36 a.m. Sept. 11, 2024, 10:47 a.m.
Size 7.8MB
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 41acc938951854469f46ca6856927c22
SHA256 e13ee1f8dd928b0ee9cd7a6047e31cd903f8964fe7d3f72921c0c5933c2a5389
CRC32 EA455932
ssdeep 98304:4xbvkonG8W4WDHUmWvU4JpEQQxmZcBo2pWN:4xQBf09bE3alN
Yara
  • Malicious_Library_Zero - Malicious_Library
  • Admin_Tool_IN_Zero - Admin Tool Sysinternals
  • PE_Header_Zero - PE File Signature
  • Malicious_Packer_Zero - Malicious Packer
  • DllRegisterServer_Zero - execute regsvr32.exe
  • IsPE32 - (no description)
  • Generic_Malware_Zero - Generic Malware
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section .symtab
name RT_VERSION language LANG_CHINESE filetype data sublanguage SUBLANG_CHINESE_TRADITIONAL offset 0x0081a100 size 0x0000032c
section {u'size_of_data': u'0x00006600', u'virtual_address': u'0x00814000', u'entropy': 7.817702664717259, u'name': u'.rsrc', u'virtual_size': u'0x000065a9'} entropy 7.81770266472 description A section with a high entropy has been found
Bkav W32.AIDetectMalware
Lionic Trojan.Win32.Lumma.4!c
Elastic malicious (high confidence)
Sangfor Trojan.Win32.Agent.Vqap
BitDefender Trojan.GenericKD.74087411
Arcabit Trojan.Generic.D46A7BF3
ESET-NOD32 a variant of WinGo/TrojanDropper.Agent.EQ
Avast Win32:Malware-gen
Kaspersky Trojan-PSW.Win32.Lumma.bqa
MicroWorld-eScan Trojan.GenericKD.74087411
Rising Dropper.Agent!1.10205 (CLASSIC)
Emsisoft Trojan.GenericKD.74087411 (B)
F-Secure Trojan.TR/AVI.Agent.eluax
DrWeb Trojan.PWS.Lumma.424
TrendMicro TrojanSpy.Win32.LUMMASTEALER.YXEIJZ
McAfeeD ti!E13EE1F8DD92
Trapmine malicious.moderate.ml.score
FireEye Trojan.GenericKD.74087411
Sophos Mal/Generic-S
SentinelOne Static AI - Suspicious PE
Jiangmin Trojan.PSW.Lumma.bz
Google Detected
Avira TR/AVI.Agent.eluax
MAX malware (ai score=84)
Antiy-AVL Trojan[PSW]/Win32.Lumma
Kingsoft Win32.Trojan-PSW.Convagent.gen
Gridinsoft Spy.Win32.Gen.tr
Microsoft Trojan:Win32/Wacatac.B!ml
ZoneAlarm Trojan-PSW.Win32.Lumma.bqa
GData Trojan.GenericKD.74087411
AhnLab-V3 Infostealer/Win.LummaC2.C5667337
McAfee Artemis!41ACC9389518
DeepInstinct MALICIOUS
VBA32 BScope.TrojanPSW.Lumma
Malwarebytes Spyware.Lumma
Ikarus Trojan-Spy.WinGo.Agent
Panda Trj/Chgt.AD
TrendMicro-HouseCall TrojanSpy.Win32.LUMMASTEALER.YXEIJZ
Fortinet W32/Agent.EQ!tr
AVG Win32:Malware-gen
Paloalto generic.ml
alibabacloud Trojan[stealer]:Multi/Agent_AGen.J