popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

67081de6be937_ParticlerOps.exe

Gen1 Generic Malware Malicious Library ASPack UPX Malicious Packer PE File OS Processor Check PE32 DLL
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6403_us Oct. 12, 2024, 6:41 p.m. Oct. 12, 2024, 6:43 p.m.
Size 4.4MB
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 dc724c3aafa18b464c83bd5910407805
SHA256 0a35146706c4712aea807ce394aab0270d5c115ceb3d0e79695f49f763648a55
CRC32 F9D6A6F8
ssdeep 98304:+pTScE3OEH4WTi5cy2KMIg0XfhZprrGWNjPxoKiZ1PMPR8iviRGDowoxziGC:+peBJYWTmcyBMIxXdZpeKiZ1PZRkojxi
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • UPX_Zero - UPX packed file

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Time & API Arguments Status Return Repeated

IsDebuggerPresent

 0 0
Time & API Arguments Status Return Repeated

GlobalMemoryStatusEx

 1 1 0
packer Armadillo v1.71
Time & API Arguments Status Return Repeated

GetDiskFreeSpaceExW

 total_number_of_free_bytes: 0
free_bytes_available: 9928331264
root_path: C:\Users\test22
total_number_of_bytes: 0
1 1 0
file C:\Users\test22\msvcp90.dll
file C:\Users\test22\sqlite.dll
file C:\Users\test22\AcroBroker.exe
file C:\Users\test22\msvcr90.dll
file C:\Users\test22\AcroBroker.exe
Bkav W32.AIDetectMalware
Cynet Malicious (score: 99)
Skyhigh BehavesLike.Win32.Dropper.rc
CrowdStrike win/grayware_confidence_60% (D)
K7GW Trojan ( 005b4e9b1 )
K7AntiVirus Trojan ( 005b4e9b1 )
Elastic malicious (moderate confidence)
ESET-NOD32 a variant of Generik.LXUYSYW
Kaspersky UDS:DangerousObject.Multi.Generic
NANO-Antivirus Virus.Win32.Gen.ccmw
F-Secure Trojan.TR/AD.Nekark.nnehx
McAfeeD ti!0A35146706C4
Sophos Mal/Generic-S
Avira TR/AD.Nekark.nnehx
Kingsoft Win32.Troj.Unknown.a
Microsoft Trojan:Win32/Wacatac.B!ml
ZoneAlarm UDS:DangerousObject.Multi.Generic
McAfee Artemis!DC724C3AAFA1
Fortinet W32/PossibleThreat