Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	Sept. 30, 2024, 9:30 a.m.	Sept. 30, 2024, 9:45 a.m.

Size	626.0KB
Type	PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
MD5	`980dae2b507c385923fc6210e518db2b`
SHA256	`3728070d2d1e88a6776f3460abe79d3d09db9dae3ab154515b0d1850223dc784`
CRC32	`F22743E6`
ssdeep	`12288:CFvLW1PIEEKUohL6O/VB/Pqo9Qh7AIcCkXvm5Utytvjddq2ORf+b+Lkbxv:CrKzLR/VBnWcnEUUNdIRGb`
Yara	PE_Header_Zero - PE File Signature IsPE64 - (no description) UPX_Zero - UPX packed file

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

The binary likely contains encrypted or compressed data indicative of a packer (2 events)

section

{u'size_of_data': u'0x00086c00', u'virtual_address': u'0x00011000', u'entropy': 7.992514440925431, u'name': u'.rdata', u'virtual_size': u'0x00086b88'}

entropy

7.99251444093

description

A section with a high entropy has been found

entropy

0.8624

description

Overall entropy of this PE file is high

File has been identified by 13 AntiVirus engines on VirusTotal as malicious (13 events)

ALYac	Trojan.GenericKD.73025413
VIPRE	Trojan.GenericKD.73025413
BitDefender	Trojan.GenericKD.73025413
Arcabit	Trojan.Generic.D45A4785
MicroWorld-eScan	Trojan.GenericKD.73025413
Emsisoft	Trojan.GenericKD.73025413 (B)
CTX	exe.trojan.generic
FireEye	Trojan.GenericKD.73025413
GData	Trojan.GenericKD.73025413
DeepInstinct	MALICIOUS
TrendMicro-HouseCall	TROJ_GEN.R002H09FB24
MaxSecure	Trojan.Malware.277339155.susgen
alibabacloud	Suspicious

AniMine.exe

Process Tree Toggle all

Network Toggle all

Suricata Toggle all

Suricata Alerts

Suricata TLS

Signatures Toggle All