popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

captcha.exe

Browser Login Data Stealer Generic Malware Malicious Library Antivirus UPX Malicious Packer Anti_VM ftp PE File PE64 OS Processor Check
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6403_us April 3, 2025, 9:37 a.m. April 3, 2025, 9:39 a.m.
Size 5.3MB
Type PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
MD5 3528bab3defbb275613071b56b382dc6
SHA256 45ca5d028b1bb143d818a5c15b9c09156cf0cbb67412600a415212a8a7c9553c
CRC32 2CAC7218
ssdeep 49152:Gv3UM385RkigzxeWCiTWO5wf1qyLte0IBrfuq7AhKTvGO+BHFS9jhdO536+ffvzC:GvULrHlq3cQxgG7gHlCPAKF46I589
Yara
  • PE_Header_Zero - PE File Signature
  • Malicious_Library_Zero - Malicious_Library
  • IsPE64 - (no description)
  • infoStealer_browser_b_Zero - browser info stealer
  • ftp_command - ftp command
  • Antivirus - Contains references to security software
  • anti_vm_detect - Possibly employs anti-virtualization techniques
  • Malicious_Packer_Zero - Malicious Packer
  • Generic_Malware_Zero - Generic Malware
  • OS_Processor_Check_Zero - OS Processor Check
  • UPX_Zero - UPX packed file

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Lionic Trojan.Win32.Disco.i!c
Cynet Malicious (score: 99)
CAT-QuickHeal Trojan.Ghanarava.1743620500382dc6
Skyhigh BehavesLike.Win64.Dropper.th
Cylance Unsafe
CrowdStrike win/malicious_confidence_100% (W)
BitDefender Trojan.GenericKD.76161381
Arcabit Trojan.Generic.D48A2165
Symantec ML.Attribute.HighConfidence
Elastic malicious (high confidence)
ESET-NOD32 a variant of Win64/PSW.Agent.KO
APEX Malicious
Avast MalwareX-gen [Trj]
Kaspersky Trojan-PSW.Win64.Disco.kjl
MicroWorld-eScan Trojan.GenericKD.76161381
Rising Stealer.Prysmax!1.1296F (CLASSIC)
Emsisoft Trojan.GenericKD.76161381 (B)
F-Secure Trojan.TR/AD.GenSteal.qjmko
TrendMicro Trojan.Win64.AMADEY.YXFDBZ
CTX exe.trojan.generic
Sophos Mal/Generic-S
SentinelOne Static AI - Suspicious PE
FireEye Generic.mg.3528bab3defbb275
Google Detected
Avira TR/AD.GenSteal.qjmko
Microsoft Trojan:Win32/Sabsik.FL.A!ml
GData Win64.Trojan.Agent.X5X82A
Varist W64/ABTrojan.JPRU-8140
AhnLab-V3 Trojan/Win.Generic.R608275
McAfee Artemis!3528BAB3DEFB
DeepInstinct MALICIOUS
Malwarebytes Malware.AI.4243742887
Ikarus Trojan-PSW.Agent
Panda Trj/Chgt.AD
TrendMicro-HouseCall Trojan.Win64.AMADEY.YXFDBZ
huorong TrojanSpy/Stealer.jl
Fortinet W64/Agent.KO!tr.pws
AVG MalwareX-gen [Trj]
Paloalto generic.ml
alibabacloud RiskWare:Win/Wacatac.H9nj