popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis
Gen1 Generic Malware UPX Malicious Packer PE64 PE File DLL
  1. Resubmit sample
Category Machine Started Completed
ARCHIVE s1_win7_x6403_us Oct. 14, 2024, 10:56 a.m. Oct. 14, 2024, 10:57 a.m.

Archive mfis/hotplug.dll @ v.1.7.2_x64__install__.zip

Summary

Size 91.5KB
Type PE32+ executable (DLL) (console) x86-64, for MS Windows
MD5 a326bd6f5af6cba6a83acd1b5feb6c79
SHA1 05445d6382ceef8edfe3ef3853e78b66ff46256d
SHA256 6b11de1e680ef9ffa979f75ed12319a1eb90b01bd68665db7f7e3042f04fb88a
SHA512
235c0378119d425109ff879f70a54690da6698d0150173d3464862917bc2aadb3401ef2371e3412d9dafe22dfb20643f09f423de6683a1953a923fdecf1bfe43
CRC32 420CC508
ssdeep 1536:sTO5+DAIU10nZZ30bUSipZIyRzwPKr6dTFWkvSfj:75EM0ZZ30bVEAFhSfj
PDB Path HOTPLUG.pdb
Yara
  • PE_Header_Zero - PE File Signature
  • Malicious_Packer_Zero - Malicious Packer
  • IsDLL - (no description)
  • IsPE64 - (no description)
  • Win32_Trojan_Gen_1_0904B0_Zero - Win32 Trojan Emotet
  • Generic_Malware_Zero - Generic Malware
  • UPX_Zero - UPX packed file

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
164.124.101.2 Active Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

pdb_path HOTPLUG.pdb
section .didat
resource name MUI