Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	Feb. 28, 2025, 5:27 a.m.	Feb. 28, 2025, 5:28 a.m.

Size	8.7MB
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`1c54ce59835b91bdbcfcaa17710a85e8`
SHA256	`869acdb8281279b9c58cf1c0bc8fc4a3b13d26c81bfa7e8970ea1991f77d32b3`
CRC32	`5995C8CB`
ssdeep	`196608:Cve9xNSptYM+81xtrdUYqOPYyZMPdh1CuA/U4PXxROn8GBkeNn5WxPKx504/HGG/:j9xNSptJruA/U4S9p5PxyG`
PDB Path	C:\Users\Ohad\Downloads\Servers\Gunz\Super Repack\Extracted\Client Files\Gunz.pdb
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsPE32 - (no description) Generic_Malware_Zero - Generic Malware OS_Processor_Check_Zero - OS Processor Check UPX_Zero - UPX packed file

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
164.124.101.2	Active	Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

This executable has a PDB path (1 event)

pdb_path

C:\Users\Ohad\Downloads\Servers\Gunz\Super Repack\Extracted\Client Files\Gunz.pdb

Foreign language identified in PE resource (9 events)

name

RT_ICON

language

LANG_KOREAN

filetype

GLS_BINARY_LSB_FIRST

sublanguage

SUBLANG_KOREAN

offset

0x02623d20

size

0x00000468

name

RT_ICON

language

LANG_KOREAN

filetype

GLS_BINARY_LSB_FIRST

sublanguage

SUBLANG_KOREAN

offset

0x02623d20

size

0x00000468

name

RT_ICON

language

LANG_KOREAN

filetype

GLS_BINARY_LSB_FIRST

sublanguage

SUBLANG_KOREAN

offset

0x02623d20

size

0x00000468

name

RT_ICON

language

LANG_KOREAN

filetype

GLS_BINARY_LSB_FIRST

sublanguage

SUBLANG_KOREAN

offset

0x02623d20

size

0x00000468

name

RT_ICON

language

LANG_KOREAN

filetype

GLS_BINARY_LSB_FIRST

sublanguage

SUBLANG_KOREAN

offset

0x02623d20

size

0x00000468

name

RT_ICON

language

LANG_KOREAN

filetype

GLS_BINARY_LSB_FIRST

sublanguage

SUBLANG_KOREAN

offset

0x02623d20

size

0x00000468

name

RT_GROUP_ICON

language

LANG_KOREAN

filetype

data

sublanguage

SUBLANG_KOREAN

offset

0x02624188

size

0x0000005a

name

RT_VERSION

language

LANG_KOREAN

filetype

data

sublanguage

SUBLANG_KOREAN

offset

0x025fd4f8

size

0x000002e0

name

RT_VERSION

language

LANG_KOREAN

filetype

data

sublanguage

SUBLANG_KOREAN

offset

0x025fd4f8

size

0x000002e0

869acdb8281279b9c58cf1c0bc8fc4a3b13d26c81bfa7e8970ea1991f77d32b3

Process Tree Toggle all

Network Toggle all

Suricata Toggle all

Suricata Alerts

Suricata TLS

Signatures Toggle All