popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

rref.dll

BlackMatter Ransomware PE32 PE File DLL
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6403_us April 21, 2025, 1:14 p.m. April 21, 2025, 1:28 p.m.
Size 101.5KB
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 f5b8403563561a9c385590801f577396
SHA256 b582f63e5d9d5b24515f509983309a13217f925fcaa9252e4193973a05346b8c
CRC32 7533CB34
ssdeep 1536:EzICS4A30TY1kUS/U2ztdS1I6DdL9Ta1axd2MlsHod2GT60s7c:LJ0TYyUS/U2RgGWL9+cxE8bT60s7
Yara
  • PE_Header_Zero - PE File Signature
  • BlackMatter_Ransomware_IN - BlackMatter Ransomware
  • IsDLL - (no description)
  • IsPE32 - (no description)

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section {u'size_of_data': u'0x00011000', u'virtual_address': u'0x00001000', u'entropy': 6.851559765132009, u'name': u'.text', u'virtual_size': u'0x00010fa8'} entropy 6.85155976513 description A section with a high entropy has been found
section {u'size_of_data': u'0x00005c00', u'virtual_address': u'0x00013000', u'entropy': 7.936558645703277, u'name': u'.data', u'virtual_size': u'0x000062d0'} entropy 7.9365586457 description A section with a high entropy has been found
section {u'size_of_data': u'0x00001400', u'virtual_address': u'0x0001a000', u'entropy': 7.905207449964943, u'name': u'.pdata', u'virtual_size': u'0x00001374'} entropy 7.90520744996 description A section with a high entropy has been found
entropy 0.955223880597 description Overall entropy of this PE file is high
Bkav W32.AIDetectMalware
Lionic Trojan.Win32.Generic.mtwx
Cynet Malicious (score: 100)
CAT-QuickHeal Ransom.Lockbit.S30100487
ALYac Gen:Variant.Ransom.BlackMatter.40
Cylance Unsafe
VIPRE Gen:Variant.Ransom.BlackMatter.40
Sangfor Ransom.Win32.Save.LockBit30
CrowdStrike win/malicious_confidence_100% (W)
BitDefender Gen:Variant.Ransom.BlackMatter.40
K7GW Trojan ( 005975a31 )
K7AntiVirus Trojan ( 005975a31 )
Arcabit Trojan.Ransom.BlackMatter.40
VirIT Trojan.Win32.Vundo.FE
Symantec Ransom.Blackmatter!g2
Elastic Windows.Ransomware.Lockbit
ESET-NOD32 a variant of Win32/Filecoder.BlackMatter.M
APEX Malicious
Avast Win32:MalwareX-gen [Ransom]
ClamAV Win.Ransomware.Lazy-10003135-0
Kaspersky HEUR:Trojan-Ransom.Win32.Lockbit.pef
Alibaba Ransom:Win32/Lockbit.07209ab2
NANO-Antivirus Virus.Win32.Gen.ccmw
MicroWorld-eScan Gen:Variant.Ransom.BlackMatter.40
Rising Ransom.LockBit!1.DFDC (CLASSIC)
Emsisoft Gen:Variant.Ransom.BlackMatter.40 (B)
F-Secure Trojan.TR/Crypt.EPACK.Gen2
DrWeb Trojan.Encoder.36774
Zillya Trojan.Filecoder.Win32.27016
TrendMicro Ransom.Win32.LOCKBIT.SMYXDLK
McAfeeD ti!B582F63E5D9D
Trapmine malicious.high.ml.score
CTX dll.ransomware.lockbit
Sophos Troj/Lockbit-W
SentinelOne Static AI - Suspicious PE
Jiangmin Trojan.Generic.hopdl
Webroot W32.Ransom.Lockbit
Google Detected
Avira TR/Crypt.EPACK.Gen2
Antiy-AVL Trojan/Win32.LockBit
Kingsoft malware.kb.a.999
Gridinsoft Ransom.Win32.LockBit.sa
Microsoft Ransom:Win32/Lockbit.HA!MTB
ViRobot Trojan.Win.Z.Blackmatter.103936
ZoneAlarm Troj/Lockbit-W
GData Gen:Variant.Ransom.BlackMatter.40
Varist W32/ABRansom.QJML-9094
AhnLab-V3 Ransomware/Win.LockBit.R521854
McAfee GenericRXUJ-SV!F5B840356356
DeepInstinct MALICIOUS