popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

9JFiKVm.exe

Generic Malware Malicious Library ASPack UPX PE64 PE File OS Processor Check
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 March 16, 2025, 9:13 a.m. March 16, 2025, 9:26 a.m.
Size 479.5KB
Type PE32+ executable (console) x86-64, for MS Windows
MD5 25f00b7c2ff3ae44d849863c1e47b096
SHA256 0a7602edc5309eb0683609f1e54bc11052e046b2b3f61f64397526fa935d7c6d
CRC32 D8D99096
ssdeep 12288:7AJ0SiRi56OkEAmD5ZPfrzp+5ifMNVbVciqzSsEO:U0S496z8o6bciPst
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsPE64 - (no description)
  • ASPack_Zero - ASPack packed file
  • Generic_Malware_Zero - Generic Malware
  • OS_Processor_Check_Zero - OS Processor Check
  • UPX_Zero - UPX packed file

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Time & API Arguments Status Return Repeated

__exception__

 stacktrace: 
9jfikvm+0x16e0 @ 0x13f9e16e0
9jfikvm+0x1f30 @ 0x13f9e1f30
BaseThreadInitThunk+0xd CreateThread-0x53 kernel32+0x1652d @ 0x76c2652d
RtlUserThreadStart+0x21 strchr-0x3df ntdll+0x2c521 @ 0x76d5c521

exception.instruction_r: 0f b7 4c 42 02 66 41 3b 4c 40 02 75 e5 48 83 c0
exception.symbol: 9jfikvm+0x16e0
exception.instruction: movzx ecx, word ptr [rdx + rax*2 + 2]
exception.module: 9JFiKVm.exe
exception.exception_code: 0xc0000005
exception.offset: 5856
exception.address: 0x13f9e16e0
registers.r14: 0
registers.r15: 0
registers.rcx: 109
registers.rsi: 0
registers.r10: 3592800
registers.rbx: 0
registers.rsp: 1572560
registers.r11: 5362399524
registers.r8: 5362399536
registers.r9: 7
registers.rdx: 0
registers.r12: 0
registers.rbp: 0
registers.rdi: 0
registers.rax: -1
registers.r13: 0
1 0 0
section {u'size_of_data': u'0x00045400', u'virtual_address': u'0x00034000', u'entropy': 7.999396165391888, u'name': u'.bss', u'virtual_size': u'0x00045400'} entropy 7.99939616539 description A section with a high entropy has been found
entropy 0.591248665955 description Overall entropy of this PE file is high
Bkav W64.AIDetectMalware
Lionic Trojan.Win32.DInvoke.4!c
CAT-QuickHeal Trojan.Ghanarava.174200171247b096
Skyhigh BehavesLike.Win64.Generic.gc
Cylance Unsafe
VIPRE Trojan.GenericKD.76029315
CrowdStrike win/malicious_confidence_100% (W)
BitDefender Trojan.GenericKD.76029315
Arcabit Trojan.Generic.D4881D83
Paloalto generic.ml
Symantec Trojan.Gen.MBT
Elastic malicious (high confidence)
APEX Malicious
Avast Win64:DropperX-gen [Drp]
Kaspersky Trojan.MSIL.DInvoke.cas
MicroWorld-eScan Trojan.GenericKD.76029315
Rising Trojan.Kryptik!8.8 (TFE:1:uwjBmdR2kNT)
Emsisoft Trojan.GenericKD.76029315 (B)
McAfeeD ti!0A7602EDC530
CTX exe.trojan.generic
Sophos Mal/Generic-S
FireEye Generic.mg.25f00b7c2ff3ae44
Webroot Win.Trojan.Gen
Google Detected
Antiy-AVL Trojan[PSW]/Win32.Convagent
Microsoft Trojan:Win32/Wacatac.B!ml
GData Trojan.GenericKD.76029315
Varist W64/ABTrojan.WLPC-1332
AhnLab-V3 Malware/Win.Sonbokli.R695729
McAfee Artemis!25F00B7C2FF3
Malwarebytes Malware.AI.1328432599
Ikarus Trojan.Win32.AntiAnalysis
TrendMicro-HouseCall Trojan.Win32.VSX.PE04C9V
MaxSecure Trojan.Malware.300983.susgen
Fortinet W64/GenKryptik.HHGJ!tr
AVG Win64:DropperX-gen [Drp]
Panda Trj/Chgt.AD