popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

61deea59-694d-48eb-8a54-8dd0d6681a29

UPX Anti_VM PE32 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 May 4, 2025, 12:42 p.m. May 4, 2025, 1:04 p.m.
Size 22.9MB
Type PE32 executable (console) Intel 80386, for MS Windows, UPX compressed
MD5 5e27bea92dab3452d825ea4abb14bd43
SHA256 92d1ec28099bbebaaf27dc5c8c12dc2bee8d0a73855359960b4ea536cb93f5c3
CRC32 3D7FEAD2
ssdeep 393216:/wvy7bYHoHgJzUXIc7TvYb9zVpKcObXqJo26ZcNUM8yo88:/oH9zqBTYxzVp1JoIk188
Yara
  • PE_Header_Zero - PE File Signature
  • anti_vm_detect - Possibly employs anti-virtualization techniques
  • IsPE32 - (no description)
  • UPX_Zero - UPX packed file

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
164.124.101.2 Active Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section {u'size_of_data': u'0x016c9200', u'virtual_address': u'0x032ef000', u'entropy': 7.9469209600948885, u'name': u'UPX1', u'virtual_size': u'0x016ca000'} entropy 7.94692096009 description A section with a high entropy has been found
entropy 0.994056748466 description Overall entropy of this PE file is high
section UPX0 description Section name indicates UPX
section UPX1 description Section name indicates UPX
Bkav W32.AIDetectMalware
Lionic Trojan.Win32.Plugx.4!c
CAT-QuickHeal Trojan.Sonbokli
Skyhigh Artemis
ALYac Gen:Variant.Fragtor.838955
Cylance Unsafe
VIPRE Gen:Variant.Fragtor.838955
BitDefender Gen:Variant.Fragtor.838955
Arcabit Trojan.Fragtor.DCCD2B
Symantec ML.Attribute.HighConfidence
Avast Win32:Malware-gen
Kaspersky Trojan.Win32.Agent.xbykvs
MicroWorld-eScan Gen:Variant.Fragtor.838955
Emsisoft Gen:Variant.Fragtor.838955 (B)
McAfeeD ti!92D1EC28099B
CTX exe.trojan.artemis
Sophos Generic Reputation PUA (PUA)
Google Detected
Antiy-AVL RiskWare/Win32.Agent
Microsoft Program:Win32/Wacapew.C!ml
GData Gen:Variant.Fragtor.838955
Varist W32/ABTrojan.UCGX-3690
McAfee Artemis!5E27BEA92DAB
DeepInstinct MALICIOUS
Panda Trj/Chgt.AD
TrendMicro-HouseCall TROJ_GEN.R002H09DU25
MaxSecure Trojan.Malware.345775681.susgen
Fortinet W32/PossibleThreat
AVG Win32:Malware-gen