popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

mon75_cr.dll

Trickbot
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 March 16, 2021, 12:12 p.m. March 16, 2021, 12:12 p.m.
Size 351.0KB
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 5091a400a52fa02348af0d2077d2be51
SHA256 051859a76d64d4bdeec4bb43cad7d6301f83a62b5b716393af5f3d7b80440b41
CRC32 A89A3FBA
ssdeep 6144:2LAMibxy5iv9BD/zFxznh3DmzrBuno6bpnUFd5gUHq:qAfbxbvDjNTmzrBunofFds
Yara
  • PE_Header_Zero - PE File Signature Zero
  • OS_Processor_Check_Zero - OS Processor Check Signature Zero
  • Win_Trojan_Trickbot_Zero - Used Trickbot
  • win_files_operation - Affect private profile
  • IsPE32 - (no description)
  • IsDLL - (no description)
  • IsWindowsGUI - (no description)
  • IsPacked - Entropy Check
  • HasDebugData - DebugData Check
  • HasRichSignature - Rich Signature Check

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section {u'size_of_data': u'0x0004c800', u'virtual_address': u'0x00001000', u'entropy': 7.753558921688834, u'name': u'.text', u'virtual_size': u'0x0004c6b7'} entropy 7.75355892169 description A section with a high entropy has been found
entropy 0.874285714286 description Overall entropy of this PE file is high
Elastic malicious (high confidence)
MicroWorld-eScan Gen:Variant.Razy.847374
FireEye Generic.mg.5091a400a52fa023
CAT-QuickHeal Trojan.Trickbotcrypt
ALYac Gen:Variant.Razy.847374
Malwarebytes Trojan.MalPack
VIPRE Trojan.Win32.Generic!BT
Sangfor Trojan.Win32.TrickBotCrypt.PZ
CrowdStrike win/malicious_confidence_100% (W)
Alibaba Trojan:Win32/TrickBotCrypt.e4d1eb32
K7GW Riskware ( 0040eff71 )
K7AntiVirus Riskware ( 0040eff71 )
Cyren W32/Trojan.NSSC-1023
Symantec ML.Attribute.HighConfidence
APEX Malicious
Paloalto generic.ml
Kaspersky HEUR:Trojan.Win32.Trickpak.gen
BitDefender Gen:Variant.Razy.847374
NANO-Antivirus Trojan.Win32.Trickpak.inlsgv
Avast Win32:BankerX-gen [Trj]
Tencent Win32.Trojan.Trickpak.Sudt
Ad-Aware Gen:Variant.Razy.847374
Sophos Mal/Generic-S
TrendMicro TROJ_FRS.VSNTBO21
McAfee-GW-Edition Trojan-FTJO!5091A400A52F
Emsisoft Trojan.TrickBot (A)
SentinelOne Static AI - Malicious PE
ESET-NOD32 a variant of Win32/Kryptik.HJQZ
Avira TR/Kryptik.jualt
MAX malware (ai score=85)
Microsoft Trojan:Win32/TrickBotCrypt.PZ!MTB
Arcabit Trojan.Razy.DCEE0E
ViRobot Trojan.Win32.Z.Razy.359424.K
GData Gen:Variant.Razy.847374
Cynet Malicious (score: 90)
AhnLab-V3 Malware/Gen.Reputation.C4345946
McAfee Trojan-FTJO!5091A400A52F
Cylance Unsafe
TrendMicro-HouseCall TROJ_FRS.VSNTBO21
Rising Trojan.Trickpak!8.122C7 (TFE:6:1239c4crYYR)
Ikarus Trojan.Win32.Krypt
MaxSecure Trojan.Malware.109946090.susgen
Fortinet W32/Kryptik.HJLB!tr
BitDefenderTheta Gen:NN.ZedlaF.34608.vq4@aiNcEEg
AVG Win32:BankerX-gen [Trj]
Panda Trj/GdSda.A
Qihoo-360 Win32/Trojan.Generic.Hx4CgxsA