popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

toyour.exe

Generic Malware Malicious Library UPX PE File OS Processor Check PE32
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6403_us Feb. 19, 2025, 10:35 a.m. Feb. 19, 2025, 10:39 a.m.
Size 189.5KB
Type PE32 executable (console) Intel 80386, for MS Windows
MD5 8d04bc23c265be8dc918b1ba7d299cc8
SHA256 e9c8e31f8b93a78f224ba8a4bdb85e00d76b369033b9eb65b17637b915c9904e
CRC32 7CDD54B6
ssdeep 3072:1IaEDX8rdtXGMAIOsiLd2WKobHwxsn5Mp1YBhL3RWll9grT6fFFjn:2a7BlWL0WFDdBpnQFFjn
PDB Path Z:\CVE-2024-49138-POC-master\CVE-2024-49138-POC-master\Release\CVE-2024-49138-POC.pdb
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • Generic_Malware_Zero - Generic Malware
  • OS_Processor_Check_Zero - OS Processor Check
  • UPX_Zero - UPX packed file

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
164.124.101.2 Active Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Time & API Arguments Status Return Repeated

WriteConsoleA

 buffer: Directory created successfully: C:\temp
console_handle: 0x00000007
1 1 0

WriteConsoleA

 buffer: Directory created successfully: C:\temp
console_handle: 0x00000007
1 1 0

WriteConsoleA

 buffer: file opened successfully
console_handle: 0x00000007
1 1 0

WriteConsoleA

 buffer: AddLogContainer successful
console_handle: 0x00000007
1 1 0

WriteConsoleA

 buffer: hResource = 0x00081080
console_handle: 0x00000007
1 1 0

WriteConsoleA

 buffer: hResource = 0x000810A0
console_handle: 0x00000007
1 1 0

WriteConsoleA

 buffer: pResourceData = 0x000810A0
console_handle: 0x00000007
1 1 0

WriteConsoleA

 buffer: Resource size: 65536 bytes
console_handle: 0x00000007
1 1 0

WriteConsoleA

 buffer: Resource written to output.bin successfully.
console_handle: 0x00000007
1 1 0

WriteConsoleA

 buffer: Kernel Base Address: 0x02617000
console_handle: 0x00000007
1 1 0

WriteConsoleA

 buffer: Kernel Name: ntoskrnl.exe
console_handle: 0x00000007
1 1 0

WriteConsoleA

 buffer: NtReadVirtualMemory = 0x778BFE80
console_handle: 0x00000007
1 1 0

WriteConsoleA

 buffer: NtWriteVirtualMemory = 0x778BFE04
console_handle: 0x00000007
1 1 0

WriteConsoleA

 buffer: pcclfscontainer = 0x02100000
console_handle: 0x00000007
1 1 0

WriteConsoleA

 buffer: address_to_write = 0x054263F2
console_handle: 0x00000007
1 1 0

WriteConsoleA

 buffer: Process priority set to REALTIME_PRIORITY_CLASS.
console_handle: 0x00000007
1 1 0

WriteConsoleA

 buffer: Thread priority set to the highest level: TIME_CRITICAL.
console_handle: 0x00000007
1 1 0

WriteConsoleA

 buffer: triggering vuln...
console_handle: 0x00000007
1 1 0
pdb_path Z:\CVE-2024-49138-POC-master\CVE-2024-49138-POC-master\Release\CVE-2024-49138-POC.pdb