popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

cabalmain.exe

EnigmaProtector Downloader PE32 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 April 22, 2025, 12:06 p.m. April 22, 2025, 12:08 p.m.
Size 9.9MB
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 3ab22c4c2d852cc201f5844db0e0a301
SHA256 3a817711f0fef51c82626574941299cd712de1c30229d383f88f5d05c1ae9728
CRC32 91658C83
ssdeep 196608:UPYoEFcOWZAiLxyph7zxA7bmOhJvikMkZ6DmeTdhsf6tjW6k7WW5JUup1:fFVph76n5846J8f6t6vW6JhX
Yara
  • PE_Header_Zero - PE File Signature
  • Network_Downloader - File Downloader
  • IsPE32 - (no description)
  • EnigmaProtector_IN - EnigmaProtector

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section
name RT_VERSION language LANG_KOREAN filetype data sublanguage SUBLANG_KOREAN offset 0x00da3b4c size 0x000003e0
section {u'size_of_data': u'0x0031f800', u'virtual_address': u'0x00001000', u'entropy': 7.999940586375879, u'name': u'', u'virtual_size': u'0x007af000'} entropy 7.99994058638 description A section with a high entropy has been found
section {u'size_of_data': u'0x00051800', u'virtual_address': u'0x007b0000', u'entropy': 7.999513578618848, u'name': u'', u'virtual_size': u'0x00102000'} entropy 7.99951357862 description A section with a high entropy has been found
section {u'size_of_data': u'0x00005c00', u'virtual_address': u'0x008b2000', u'entropy': 7.972605284461158, u'name': u'', u'virtual_size': u'0x004e7000'} entropy 7.97260528446 description A section with a high entropy has been found
section {u'size_of_data': u'0x00273200', u'virtual_address': u'0x00da5000', u'entropy': 7.99867156478591, u'name': u'', u'virtual_size': u'0x00f24000'} entropy 7.99867156479 description A section with a high entropy has been found
section {u'size_of_data': u'0x003f0200', u'virtual_address': u'0x01cc9000', u'entropy': 7.985889649408744, u'name': u'.data', u'virtual_size': u'0x003f1000'} entropy 7.98588964941 description A section with a high entropy has been found
entropy 0.997922643189 description Overall entropy of this PE file is high
Bkav W32.AIDetectMalware
Lionic Trojan.Win32.Agent.Y!c
tehtris Generic.Malware
CAT-QuickHeal Trojan.Ghanarava.1743663780e0a301
Skyhigh BehavesLike.Win32.Generic.tc
ALYac Trojan.GenericKD.76163761
Cylance Unsafe
Sangfor Downloader.Win32.Agent.Vazo
CrowdStrike win/malicious_confidence_100% (W)
BitDefender Trojan.GenericKD.76163761
Arcabit Trojan.Generic.D48A2AB1
Symantec ML.Attribute.HighConfidence
Elastic malicious (high confidence)
Avast Win32:MalwareX-gen [Trj]
Kaspersky HEUR:Trojan-Downloader.Win32.Agent.gen
Alibaba TrojanDownloader:Win32/Infector.3d3f779d
MicroWorld-eScan Trojan.GenericKD.76163761
Rising Downloader.Agent!8.B23 (TFE:5:4sChNKNPcWL)
Emsisoft Trojan.GenericKD.76163761 (B)
F-Secure Malware.W32/Infector.Gen9
VIPRE Trojan.GenericKD.76163761
Trapmine malicious.high.ml.score
CTX exe.trojan.infector
Sophos Generic Reputation PUA (PUA)
SentinelOne Static AI - Suspicious PE
FireEye Generic.mg.3ab22c4c2d852cc2
Google Detected
Avira W32/Infector.Gen9
Antiy-AVL RiskWare[Packed]/Win32.Enigma.a
Microsoft Trojan:Win32/Wacatac.B!ml
GData Trojan.GenericKD.76163761
Varist W32/Parasitic-Fileinfector-base
AhnLab-V3 Trojan/Win.Generic.C5746045
McAfee Artemis!3AB22C4C2D85
DeepInstinct MALICIOUS
Malwarebytes Malware.Heuristic.2120
Ikarus Win32.Infector
Panda Trj/Chgt.AD
Zoner Probably Heur.ExeHeaderL
Tencent Malware.Win32.Gencirc.1460284c
Fortinet W32/PossibleThreat
AVG Win32:MalwareX-gen [Trj]