popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

babababa.exe

Generic Malware Malicious Library UPX Malicious Packer PE64 PE File OS Processor Check
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6403_us Nov. 18, 2024, 9:39 a.m. Nov. 18, 2024, 9:41 a.m.
Size 33.3MB
Type PE32+ executable (console) x86-64, for MS Windows
MD5 8fb77810c61e160a657298815346996e
SHA256 a0840c581f8f1d606fdc43bc98bd386755433bf1fb36647ecf2165eea433ff66
CRC32 46820E28
ssdeep 393216:d76L6otUitqtH7wHtXq2pt2jbOCacCFIK0fpP9HF4VW8yfGnVQx4urYsANulL7Nv:d0LoCOn+2Gs4urYDNulLBiub
PDB Path C:\Users\runneradmin\AppData\Local\Temp\pkg.d7c6a10fb0263a69b4596321\node\out\Release\node.pdb
Yara
  • Malicious_Library_Zero - Malicious_Library
  • Malicious_Packer_Zero - Malicious Packer
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature
  • Generic_Malware_Zero - Generic Malware
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
164.124.101.2 Active Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

pdb_path C:\Users\runneradmin\AppData\Local\Temp\pkg.d7c6a10fb0263a69b4596321\node\out\Release\node.pdb
section _RDATA
Skyhigh Artemis
Symantec Trojan.Gen.MBT
ESET-NOD32 a variant of Generik.FECVJLI
Avast FileRepMalware [Misc]
Kaspersky UDS:DangerousObject.Multi.Generic
McAfeeD ti!A0840C581F8F
Sophos Mal/Generic-S
Kingsoft Win32.Troj.Unknown.a
Microsoft Trojan:Win32/Wacatac.B!ml
AhnLab-V3 Malware/Win.Generic.C5694703
AVG FileRepMalware [Misc]