popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis
Gen1 Malicious Library PE64 PE File dll DLL DllRegisterServer
  1. Resubmit sample
Category Machine Started Completed
ARCHIVE s1_win7_x6402 Oct. 14, 2024, 10:57 a.m. Oct. 14, 2024, 10:59 a.m.

Archive SSidadm/itircl.dll @ v.1.7.2_x64__install__.zip

Summary

Size 201.0KB
Type PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5 3a1e736a1e09851d17f1e9f366081315
SHA1 efc8f834b0789ed1c451780c798f5374b921ac46
SHA256 57f542e3fe45c415240481bb20b772e47964aa0fd8f2647ce058de682d2a918e
SHA512
e76593e6619566b0a7293e08ca930814e3070003e37b65299f8fd4f69b4012de9e6f01413111a4094d1f2faaa09c39d18b614b5e9157c5ac7b71810627b746b4
CRC32 EEF6653D
ssdeep 3072:q9IWroIH23jbbH1AR9Xx5hcm9HSnPovxRm9AL/aWMpMD/M8+4sAJq8TfDvz/Ub3k:qKWroIH2zEh/aAvxRssN
PDB Path itircl.pdb
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
  • IsPE64 - (no description)
  • DllRegisterServer_Zero - execute regsvr32.exe
  • Win32_Trojan_Gen_1_0904B0_Zero - Win32 Trojan Emotet

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
164.124.101.2 Active Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

pdb_path itircl.pdb