popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

72tqn.exe

UPX Malicious Library PE32 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 April 7, 2025, 10:05 a.m. April 7, 2025, 10:11 a.m.
Size 35.8KB
Type PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
MD5 41f630848f119363b0d686b48d376650
SHA256 ea37950d79a6a7cde271a8d59a222aa4f0f34d3fb08501d9fa9eaee89fe192d0
CRC32 7F673050
ssdeep 768:4nnw4xRMjJ8FBDOLQmzPjhAVHx10Z0D3yuInmBd0cKp+S:Snw8RSijDtSA5xeZ0DbBCcKpb
Yara
  • PE_Header_Zero - PE File Signature
  • Malicious_Library_Zero - Malicious_Library
  • IsPE32 - (no description)
  • UPX_Zero - UPX packed file

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Time & API Arguments Status Return Repeated

GlobalMemoryStatusEx

 1 1 0
section .ndata
Cynet Malicious (score: 100)
CAT-QuickHeal Trojan.Ghanarava.1743182568376650
Skyhigh BehavesLike.Win32.Dropper.nh
Cylance Unsafe
CrowdStrike win/grayware_confidence_70% (W)
Kaspersky UDS:DangerousObject.Multi.Generic
SentinelOne Static AI - Suspicious PE
Xcitium Malware@#3bhuu6lxi7nf3
McAfee Artemis!41F630848F11
DeepInstinct MALICIOUS
MaxSecure Trojan.Malware.1728101.susgen