popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

loader.exe

Malicious Library UPX Malicious Packer ftp PE64 PE File OS Processor Check
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 March 26, 2025, 1:23 p.m. March 26, 2025, 1:29 p.m.
Size 2.7MB
Type PE32+ executable (GUI) x86-64, for MS Windows
MD5 d9a80ca3c99b9c9afb10e3e3e4137d17
SHA256 eae8420d35a95d07857653101b4f0f1edcf04b0f1eb3610353f9dddf2aa84832
CRC32 6ED49FDB
ssdeep 49152:5kvaOhBkFx7+qwh6JsVIMqTrOlZT8+HEV/0cGaplYde1sBLj:mkF0hesRSplue1sBLj
PDB Path D:\Materia\x64\Release\Wexize Revamp.pdb
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • Malicious_Packer_Zero - Malicious Packer
  • ftp_command - ftp command
  • IsPE64 - (no description)
  • OS_Processor_Check_Zero - OS Processor Check
  • UPX_Zero - UPX packed file

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

pdb_path D:\Materia\x64\Release\Wexize Revamp.pdb
section {u'size_of_data': u'0x000b6200', u'virtual_address': u'0x001f4000', u'entropy': 7.23020933487584, u'name': u'.data', u'virtual_size': u'0x000b9158'} entropy 7.23020933488 description A section with a high entropy has been found
entropy 0.261861969806 description Overall entropy of this PE file is high
Bkav W64.AIDetectMalware
Cynet Malicious (score: 100)
Skyhigh BehavesLike.Win64.Downloader.vh
ALYac Gen:Variant.Lazy.518164
Cylance Unsafe
VIPRE Gen:Variant.Lazy.518164
CrowdStrike win/malicious_confidence_100% (W)
BitDefender Gen:Variant.Lazy.518164
K7GW Trojan ( 005c449c1 )
K7AntiVirus Trojan ( 005c449c1 )
Arcabit Trojan.Lazy.D7E814
Symantec ML.Attribute.HighConfidence
Elastic malicious (high confidence)
ESET-NOD32 a variant of Win64/GenKryptik.HHNC
APEX Malicious
Avast Win64:CrypterX-gen [Trj]
ClamAV Win.Malware.Sabsik-10038319-0
Alibaba Trojan:Win64/GenKryptik.954653d3
MicroWorld-eScan Gen:Variant.Lazy.518164
Emsisoft Gen:Variant.Lazy.518164 (B)
F-Secure Heuristic.HEUR/AGEN.1366896
McAfeeD ti!EAE8420D35A9
Trapmine suspicious.low.ml.score
CTX exe.trojan.agen
SentinelOne Static AI - Suspicious PE
FireEye Gen:Variant.Lazy.518164
Google Detected
Avira HEUR/AGEN.1366896
Microsoft Trojan:Win32/Wacatac.B!ml
GData Gen:Variant.Lazy.518164
Varist W64/Agent.KHQ.gen!Eldorado
AhnLab-V3 Malware/Win.Lazy.C5744614
McAfee Artemis!D9A80CA3C99B
DeepInstinct MALICIOUS
Malwarebytes Malware.AI.3705373738
Ikarus Trojan.Win64.Krypt
TrendMicro-HouseCall TROJ_GEN.R002H09CO25
Tencent Win32.Trojan.Agen.Bwnw
Fortinet W64/GenKryptik.HHNC!tr
AVG Win64:CrypterX-gen [Trj]
alibabacloud Trojan:Win/GenKryptik_AGen.YX