popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

nxmr.exe

Generic Malware PE64 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 Nov. 7, 2024, 1:48 p.m. Nov. 7, 2024, 1:52 p.m.
Size 5.6MB
Type PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
MD5 13b26b2c7048a92d6a843c1302618fad
SHA256 1753ad35ece25ab9a19048c70062e9170f495e313d7355ebbba59c38f5d90256
CRC32 00D11DEE
ssdeep 98304:ZMknXV8IFUX81qQ6lLYhJ/N0TB4HBDxWcLKamiwPZhsSZLZ1wpxGN:ZBnXV86UiqrlLY/8AW6YZPZf6HGN
Yara
  • PE_Header_Zero - PE File Signature
  • IsPE64 - (no description)
  • Generic_Malware_Zero - Generic Malware

Name Response Post-Analysis Lookup
twizthash.net 185.215.113.66
IP Address Status Action
164.124.101.2 Active Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section {u'size_of_data': u'0x0056e000', u'virtual_address': u'0x0001b000', u'entropy': 7.710293832586987, u'name': u'.data', u'virtual_size': u'0x0056dec0'} entropy 7.71029383259 description A section with a high entropy has been found
entropy 0.977152899824 description Overall entropy of this PE file is high
Bkav W64.AIDetectMalware
Lionic Trojan.Win32.XMRig.4!c
Cynet Malicious (score: 100)
CAT-QuickHeal Trojan.Xmrig
Skyhigh BehavesLike.Win64.Coinminer.tc
Cylance Unsafe
VIPRE Gen:Heur.Whisperer.1.0000004000
Sangfor Trojan.Win32.Save.a
CrowdStrike win/malicious_confidence_100% (D)
BitDefender Gen:Heur.Whisperer.1.0000004000
K7GW Riskware ( 00584baa1 )
K7AntiVirus Riskware ( 00584baa1 )
Arcabit Trojan.Whisperer.1.0000004000
Symantec Trojan.Gen.MBT
Elastic malicious (high confidence)
ESET-NOD32 a variant of Win64/Kryptik.DZL
APEX Malicious
Avast Win64:Evo-gen [Trj]
ClamAV Win.Packed.Whisperer-10034639-0
Kaspersky Trojan.Win64.Miner.lsat
Alibaba Trojan:Win64/XMRig.abd24c43
MicroWorld-eScan Gen:Heur.Whisperer.1.0000004000
Rising Trojan.DisguisedXMRigMiner!8.12EF7 (TFE:5:YhzrPCllRHI)
Emsisoft Gen:Heur.Whisperer.1.0000004000 (B)
F-Secure Heuristic.HEUR/AGEN.1368288
DrWeb Trojan.Siggen29.44681
Zillya Trojan.Miner.Win64.5514
TrendMicro TROJ_GEN.R002C0DIS24
McAfeeD ti!1753AD35ECE2
CTX exe.trojan.xmrig
Sophos Mal/Generic-S
Ikarus Trojan.Win64.XMRig
FireEye Gen:Heur.Whisperer.1.0000004000
Webroot W32.Trojan.Gen
Google Detected
Avira HEUR/AGEN.1368288
Antiy-AVL Trojan/Win64.Xmrig
Kingsoft Win64.Trojan.Miner.lsat
Gridinsoft Trojan.Win64.Kryptik.sa
Microsoft Trojan:Win64/XMRig.CCAN!MTB
ZoneAlarm Trojan.Win64.Miner.lsat
GData Gen:Heur.Whisperer.1.0000004000
Varist W64/Injector.BMR.gen!Eldorado
AhnLab-V3 Trojan/Win.Evo-gen.R570044
Acronis suspicious
McAfee Artemis!13B26B2C7048
DeepInstinct MALICIOUS
VBA32 MalwareVision.ai
Malwarebytes Crypt.Trojan.MSIL.DDS
Panda Trj/Chgt.AD