popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

onePackage.exe

Generic Malware Malicious Library UPX Malicious Packer Anti_VM PE File dll OS Processor Check PE32 DllRegisterServer
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6403_us Sept. 19, 2024, 10:22 a.m. Sept. 19, 2024, 10:25 a.m.
Size 8.3MB
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 6c2db0ef90b27f880a1566de7711e6c6
SHA256 c2588125970db20ac97818d2170eecec857f578d7bf3f24ef8f6a3f303798ac6
CRC32 008A4065
ssdeep 98304:f7aVHGolaJtFaKWi64a6kI/t5jeWjAmiEmp71:mtl0Fh7Lk
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • Malicious_Packer_Zero - Malicious Packer
  • DllRegisterServer_Zero - execute regsvr32.exe
  • anti_vm_detect - Possibly employs anti-virtualization techniques
  • IsPE32 - (no description)
  • Generic_Malware_Zero - Generic Malware
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
164.124.101.2 Active Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section .symtab