popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

d4eb98701bc0c33b5f9c3e202bf55c1b2e2cb1c1e4b7c81ad6305d7938d0f959.exe.exe

Process Kill Generic Malware Malicious Library FindFirstVolume UPX CryptGenKey PE File Device_File_Check OS Processor Check PE32
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 Sept. 30, 2024, 9:33 a.m. Sept. 30, 2024, 9:51 a.m.
Size 986.0KB
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 7b793a4247b701bd24c86920b237acd0
SHA256 d4eb98701bc0c33b5f9c3e202bf55c1b2e2cb1c1e4b7c81ad6305d7938d0f959
CRC32 AB215277
ssdeep 24576:WCdxte/80jYLT3U1jfsWaqP0/NHxkzK2QV:fw80cTsjkWaqIHxaMV
Yara
  • Process_Snapshot_Kill_Zero - Process Kill Zero
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • FindFirstVolume_Zero - FindFirstVolume Zero
  • CryptGenKey_Zero - CryptGenKey Zero
  • Device_Check_Zero - Device Check Zero
  • IsPE32 - (no description)
  • Generic_Malware_Zero - Generic Malware
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section {u'size_of_data': u'0x0002e000', u'virtual_address': u'0x000c7000', u'entropy': 7.725257406940882, u'name': u'.rsrc', u'virtual_size': u'0x0002dec4'} entropy 7.72525740694 description A section with a high entropy has been found
Bkav W32.AIDetectMalware
Lionic Trojan.Win32.Gen.j!c
tehtris Generic.Malware
Cynet Malicious (score: 99)
Skyhigh BehavesLike.Win32.Injector.dh
ALYac Trojan.Ransom.KillRabbit
Cylance Unsafe
VIPRE Trojan.Ransom.KillRabit.E
Sangfor Ransom.Win32.Filecoder.Vpy0
CrowdStrike win/malicious_confidence_100% (W)
BitDefender Trojan.Ransom.KillRabit.E
K7GW Trojan ( 00539cbb1 )
K7AntiVirus Trojan ( 00539cbb1 )
Arcabit Trojan.Ransom.KillRabit.E
VirIT Trojan.Win32.KillRabbit.A
Symantec Backdoor.Tinybaron
Elastic malicious (high confidence)
ESET-NOD32 a variant of Win32/Filecoder.H
APEX Malicious
Avast Script:SNH-gen [Trj]
ClamAV Win.Ransomware.Cryptowire-6994916-0
Kaspersky Trojan-Ransom.Win32.Gen.kia
Alibaba Ransom:Win32/Filecoder.d819e49d
NANO-Antivirus Trojan.Win32.Encoder.fhzraw
MicroWorld-eScan Trojan.Ransom.KillRabit.E
Emsisoft Trojan.Ransom.KillRabit.E (B)
F-Secure Heuristic.HEUR/AGEN.1353244
DrWeb Trojan.Encoder.25778
TrendMicro Ransom_KILLRABBIT.THHAOAH
McAfeeD ti!D4EB98701BC0
CTX exe.trojan.generic
Sophos Mal/AutoIt-AK
FireEye Generic.mg.7b793a4247b701bd
Webroot W32.Trojan.GenKD
Google Detected
Avira HEUR/AGEN.1353244
Kingsoft malware.kb.a.987
Xcitium Malware@#1psihrgd0vv0j
Microsoft Ransom:Win32/Cryptowire
ZoneAlarm Trojan-Ransom.Win32.Gen.kia
GData Trojan.Ransom.KillRabit.E
Varist W32/AutoIt.VI.gen!Eldorado
AhnLab-V3 Malware/Win32.Generic.C2656723
DeepInstinct MALICIOUS
VBA32 Trojan.Autoit.Wirus
Malwarebytes Malware.AI.4135882841
Ikarus Trojan-Ransom.Autoit
Panda Trj/Genetic.gen
TrendMicro-HouseCall Ransom_KILLRABBIT.THHAOAH
Tencent Win32.Worm.Filecoder.Uimw