popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

scr.dll

  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6402 March 21, 2021, 10 a.m. March 21, 2021, 10:02 a.m.
Size 222.0KB
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 7ccb61720deb6da9ca53d001693c912c
SHA256 c431519aa276708c35e57cda7faf9fc76fb2b542714091055d27060b17e93bd4
CRC32 8A5B5FF0
ssdeep 6144:SJ+WK/pvT7arfwKFzDTsv5oaTh45CjBscX9T/LN:JJpb7Y7vf5i5X9TTN
Yara
  • PE_Header_Zero - PE File Signature Zero
  • network_tcp_socket - Communications over RAW socket
  • network_dns - Communications use DNS
  • screenshot - Take screenshot
  • keylogger - Run a keylogger
  • win_mutex - Create or check mutex
  • win_registry - Affect system registries
  • win_token - Affect system token
  • win_files_operation - Affect private profile
  • Str_Win32_Winsock2_Library - Match Winsock 2 API library declaration
  • IsPE32 - (no description)
  • IsDLL - (no description)
  • IsWindowsGUI - (no description)
  • borland_delphi_dll - Borland Delphi DLL

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

section CODE
section DATA
section BSS
Elastic malicious (high confidence)
DrWeb Trojan.PWS.Stealer.29417
MicroWorld-eScan Gen:Variant.Zusy.308000
CAT-QuickHeal Trojanspy.Bobik
McAfee GenericRXAA-AA!7CCB61720DEB
Malwarebytes Spyware.PasswordStealer
Zillya Trojan.Delf.Win32.130455
Sangfor Trojan.Win32.EmotetCrypt.PEF
CrowdStrike win/malicious_confidence_100% (W)
Alibaba TrojanSpy:Win32/EmotetCrypt.2a09bea9
K7GW Spyware ( 005722971 )
K7AntiVirus Spyware ( 005722971 )
Arcabit Trojan.Zusy.D4B320
Cyren W32/Trojan.SRKP-1780
ESET-NOD32 Win32/Spy.Delf.QYF
APEX Malicious
Paloalto generic.ml
ClamAV Win.Malware.Zusy-9770522-0
Kaspersky HEUR:Trojan-Spy.Win32.Bobik.gen
BitDefender Gen:Variant.Zusy.308000
NANO-Antivirus Trojan.Win32.Plodor.iaklyz
ViRobot Trojan.Win32.Z.Zusy.227328.HE
Avast Win32:TrojanX-gen [Trj]
Tencent Malware.Win32.Gencirc.10ce384c
Ad-Aware Gen:Variant.Zusy.308000
Sophos Mal/Generic-R + Troj/Steal-BEO
F-Secure Heuristic.HEUR/AGEN.1136939
VIPRE Trojan.Win32.Generic!BT
TrendMicro TrojanSpy.Win32.AMADEY.SMYAAA-A
McAfee-GW-Edition BehavesLike.Win32.Worm.dh
FireEye Generic.mg.7ccb61720deb6da9
Emsisoft Trojan-Spy.Delf (A)
Ikarus Trojan-Spy.Agent
Jiangmin Trojan.Plodor.h
Avira HEUR/AGEN.1136939
Microsoft Trojan:Win32/EmotetCrypt.PEF!MTB
AegisLab Trojan.Win32.Bobik.l!c
ZoneAlarm HEUR:Trojan-Spy.Win32.Bobik.gen
GData Gen:Variant.Zusy.308000
Cynet Malicious (score: 100)
AhnLab-V3 Malware/Win32.Generic.C4077593
VBA32 TScope.Trojan.Delf
ALYac Gen:Variant.Zusy.308000
MAX malware (ai score=87)
Cylance Unsafe
TrendMicro-HouseCall TrojanSpy.Win32.AMADEY.SMYAAA-A
Rising Stealer.Agent!1.D216 (CLOUD)
Fortinet W32/Delf.QYF!tr.spy
MaxSecure Trojan.Malware.1728101.susgen
AVG Win32:TrojanX-gen [Trj]