popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

44264.5606934027.dat.exe

  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 March 10, 2021, 2:27 p.m. March 10, 2021, 2:28 p.m.
Size 770.9KB
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 94239a0c707ebb277edc24068284889c
SHA256 1f21f07b251a931a18abafd31077d7090284afd429aee36dd70230008b9ce9c9
CRC32 250B83DC
ssdeep 12288:plTxdlYUTXacR/927cw6nlsL8IQayFixyGgBfMdK6Uwh1/6aMCxtd:vFgkau97wUsTsFiMGEfUK4Lx
Yara
  • IsPE32 - (no description)
  • IsDLL - (no description)
  • IsWindowsGUI - (no description)
  • HasOverlay - Overlay Check
  • HasDigitalSignature - DigitalSignature Check
  • borland_delphi_dll - Borland Delphi DLL
  • screenshot - Take screenshot
  • keylogger - Run a keylogger
  • win_registry - Affect system registries
  • win_files_operation - Affect private profile
  • PE_Header_Zero - PE File Signature Zero

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section CODE
section DATA
section BSS
resource name None
section {u'size_of_data': u'0x00051000', u'virtual_address': u'0x00072000', u'entropy': 6.925720882907969, u'name': u'.rsrc', u'virtual_size': u'0x00051000'} entropy 6.92572088291 description A section with a high entropy has been found
entropy 0.424083769634 description Overall entropy of this PE file is high