popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

5nsrv2.dll

CoinMiner UPX Malicious Packer PE64 PE File DLL OS Processor Check
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 April 21, 2025, 9:55 a.m. April 21, 2025, 1:32 p.m.
Size 2.1MB
Type PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5 87f0e1a7fd21b8b2620be3919c67fc9c
SHA256 30b27817caaeed88683c6d4bc3d21404038e8ac8e7ee2dc3db06d66de02e030a
CRC32 60B287B5
ssdeep 49152:4qaFan6cVbjUoKGD2nQdZh1PvzPLnCLJPIvJPI:VaFG9OoKS4JPgJP
PDB Path C:\Users\Cheetos\Pictures\NEW\SUARESZICK\x64\Release\Bypass Ob45.pdb
Yara
  • PE_Header_Zero - PE File Signature
  • IsPE64 - (no description)
  • IsDLL - (no description)
  • CoinMiner_IN - CoinMiner
  • Malicious_Packer_Zero - Malicious Packer
  • OS_Processor_Check_Zero - OS Processor Check
  • UPX_Zero - UPX packed file

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

pdb_path C:\Users\Cheetos\Pictures\NEW\SUARESZICK\x64\Release\Bypass Ob45.pdb
section {u'size_of_data': u'0x000a5400', u'virtual_address': u'0x0015d000', u'entropy': 7.606804561110428, u'name': u'.data', u'virtual_size': u'0x000a8228'} entropy 7.60680456111 description A section with a high entropy has been found
entropy 0.313344394406 description Overall entropy of this PE file is high
Bkav W32.Common.14AE9445
Lionic Trojan.Win32.GameHack.4!c
Cynet Malicious (score: 100)
CAT-QuickHeal Trojan.Ghanarava.174435809067fc9c
Skyhigh BehavesLike.Win64.Injector.vc
ALYac Trojan.GenericKDZ.109151
Cylance Unsafe
VIPRE Trojan.GenericKDZ.109151
CrowdStrike win/malicious_confidence_70% (W)
BitDefender Trojan.GenericKDZ.109151
K7GW Unwanted-Program ( 005ae9e91 )
K7AntiVirus Unwanted-Program ( 005ae9e91 )
Arcabit Trojan.Generic.D1AA5F
Symantec Trojan.Gen.MBT
Elastic malicious (high confidence)
ESET-NOD32 a variant of Win64/Agent_AGen.CRH
Avast Win64:MalwareX-gen [Misc]
ClamAV Win.Malware.Lazy-10033364-0
Alibaba Trojan:Win64/MalwareX.8b5a9028
MicroWorld-eScan Trojan.GenericKDZ.109151
Rising PUF.GameHack!8.223 (TFE:5:pD0pfqlkBMQ)
Emsisoft Trojan.GenericKDZ.109151 (B)
F-Secure Trojan.TR/Agent_AGen.tbzke
Zillya Trojan.GameHackAGen.Win64.312
McAfeeD ti!30B27817CAAE
Trapmine malicious.moderate.ml.score
CTX dll.trojan.agen
Sophos Mal/Generic-S
Webroot W32.Malware.gen
Google Detected
Avira TR/Agent_AGen.tbzke
Antiy-AVL GrayWare[AdWare]/Win32.Puwaders
Gridinsoft Hack.Win64.GameHack.oa!s1
Microsoft Trojan:Win32/Etset!rfn
GData Trojan.GenericKDZ.109151
Varist W64/ABTrojan.LQKC-3724
AhnLab-V3 Malware/Win.Generic.C5660713
McAfee Artemis!87F0E1A7FD21
Malwarebytes HackTool.GameHack
Ikarus Trojan.Win32.Generic
Panda Trj/GdSda.A
TrendMicro-HouseCall TROJ_GEN.R002H09DB25
Tencent Malware.Win32.Gencirc.10c08caa
huorong Trojan/Zusy.i
MaxSecure Trojan.Malware.317607368.susgen
Fortinet W64/Agent_AGen.CRH!tr
AVG Win64:MalwareX-gen [Misc]
Paloalto generic.ml
alibabacloud Trojan:Win/Agent_AGen.CVG