popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

in_plain_sight

Generic Malware Malicious Library UPX Malicious Packer PE64 PE File OS Processor Check
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 Oct. 30, 2024, 8:02 a.m. Oct. 30, 2024, 8:02 a.m.
Size 4.6MB
Type PE32+ executable (console) x86-64, for MS Windows
MD5 ddab0e61485ac6c86835861db972fc08
SHA256 aaf6846a4346e462cffac18377a79633a0b64498ae5bcbda90b4079354adfa88
CRC32 F3AD63A2
ssdeep 49152:gnGtlqkIU6iCVwASOqEDPO/uU9lz7/1Eh6y73Mhg3xdppHo6ww2FVksloB7SXuzR:G+rEd+UkM/ppqdWsllXPoxM/l
PDB Path in_plain_sight.pdb
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • Malicious_Packer_Zero - Malicious Packer
  • IsPE64 - (no description)
  • Generic_Malware_Zero - Generic Malware
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

pdb_path in_plain_sight.pdb
section {u'size_of_data': u'0x0034fa00', u'virtual_address': u'0x00001000', u'entropy': 6.840371670440272, u'name': u'.text', u'virtual_size': u'0x0034f84a'} entropy 6.84037167044 description A section with a high entropy has been found
entropy 0.726094870971 description Overall entropy of this PE file is high