Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
05.05 11:05
University of Alberta....
05.05 07:05
no-login.b3167651.svg
05.05 06:05
a-gif.4d7662a.png
05.05 12:05
Synaptics.exe
05.05 12:05
Synaptics.exe
05.05 12:05
Synaptics.exe
05.05 12:05
Synaptics.exe
05.05 12:05
Synaptics.exe
05.04 10:05
mediacje.png
05.04 10:05
Portal orzeczeń - Sąd ...

Latest News
05.06 04:05
Small businesses falli...
05.06 04:05
CyberSG TIG Collaborat...
05.06 04:05
Messaging App Tied to ...
05.06 03:05
Round Displays Make Ne...
05.06 03:05
OpenAI’s Nonprofit Wil...
05.06 03:05
IT Sicherheitsnews tae...
05.06 03:05
Windows 11 24H2 lässt ...
05.06 03:05
Warum ein Janet-Jackso...
05.06 03:05
Vibe-Coding: Wie KI da...
05.06 03:05
Neue Nutzer bekommen k...

Summary | ZeroBOX

sound.exe

Malicious Packer UPX Malicious Library PE64 PE File

Category	Machine	Started	Completed
FILE	s1_win7_x6403_us	Dec. 4, 2024, 4:12 p.m.	Dec. 4, 2024, 4:14 p.m.

Size	4.8MB
Type	PE32+ executable (GUI) x86-64, for MS Windows
MD5	`770bc9a9a9ff4284b8cb6e333478d25c`
SHA256	`6a915f0e2eaa35eb47d70a933a4d8822d65e64ebea485d9dcb5657f1f4bd1cf8`
CRC32	`7FF6BA3D`
ssdeep	`49152:phizG03sNtvZdvbOjJPmpH5q9HOvLv5Fe1n5E4Gp9zSYpjvhZj:phiNya1+DfLvzQE3NSYRvhZ`
Yara	Malicious_Library_Zero - Malicious_Library Malicious_Packer_Zero - Malicious Packer IsPE64 - (no description) PE_Header_Zero - PE File Signature UPX_Zero - UPX packed file

sound.exe "C:\Users\test22\AppData\Local\Temp\sound.exe"
2052

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

The executable contains unknown PE section names indicative of a packer (could be a false positive) (1 event)

section

.symtab

File has been identified by 15 AntiVirus engines on VirusTotal as malicious (15 events)

Bkav	W64.AIDetectMalware
Skyhigh	BehavesLike.Win64.Trojan.rh
Cylance	Unsafe
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (moderate confidence)
Kaspersky	Trojan-PSW.Win64.Disco.iig
Alibaba	TrojanPSW:Win64/Disco.2c3d7adc
McAfeeD	ti!6A915F0E2EAA
SentinelOne	Static AI - Suspicious PE
Kingsoft	Win64.Trojan-PSW.Disco.iig
DeepInstinct	MALICIOUS
Malwarebytes	Malware.AI.1688152450
Tencent	Win64.Trojan-QQPass.QQRob.Bkjl
Fortinet	W32/PossibleThreat
Paloalto	generic.ml