popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

builder.exe

BlackMatter Ransomware Malicious Packer UPX PE32 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 Oct. 15, 2024, 2:17 p.m. Oct. 15, 2024, 2:26 p.m.
Size 469.5KB
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 c2bc344f6dde0573ea9acdfb6698bf4c
SHA256 a736269f5f3a9f2e11dd776e352e1801bc28bb699e47876784b8ef761e0062db
CRC32 F21B5C75
ssdeep 12288:CzVXpdg/1MB94JD7RfaVT1hG98P67PNV3giFH6J1VjR3L6dpbQrQyEpInmwuRUfB:CzxjgdRpBq1hG98P67PNV3giFH6J1Vjn
Yara
  • PE_Header_Zero - PE File Signature
  • BlackMatter_Ransomware_IN - BlackMatter Ransomware
  • Malicious_Packer_Zero - Malicious Packer
  • IsPE32 - (no description)
  • UPX_Zero - UPX packed file

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section {u'size_of_data': u'0x0006da00', u'virtual_address': u'0x00009000', u'entropy': 6.903023909258431, u'name': u'.rsrc', u'virtual_size': u'0x0006d8f0'} entropy 6.90302390926 description A section with a high entropy has been found
entropy 0.935965848453 description Overall entropy of this PE file is high