Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
09.22 06:09
audiodg.exe
09.22 06:09
psfod.exe
09.22 06:09
73EtsZxIoDetWTu.exe
09.22 06:09
otqp9.exe
09.22 06:09
xx.exe
09.22 06:09
fck.exe
09.22 06:09
LummaC222222.exe
09.22 06:09
seethebestwayforunders...
09.22 06:09
Name.exe
09.22 06:09
needmoney.exe

Latest News
09.23 07:09
Harris Vows to Grow AI...
09.23 07:09
September 23, 2024
09.23 06:09
Apollo to Offer Multib...
09.23 05:09
The Russian APT Tool M...
09.23 05:09
Hackaday Links: Septem...
09.23 05:09
Fed’s Rate Cut Comes W...
09.23 05:09
Schluss mit Bildmanipu...
09.23 05:09
KI-Hardware: Jony Ive ...
09.23 05:09
KI-Experte Neil Lawren...
09.23 04:09
퓨쳐시스템, 국가형 암호장비 시장 다지고...

Summary | ZeroBOX

iexplore.exe

Category	Machine	Started	Completed
FILE	s1_win7_x6402	March 30, 2021, 4:06 p.m.	March 30, 2021, 4:07 p.m.

Size	798.6KB
Type	PE32+ executable (GUI) x86-64, for MS Windows
MD5	`c50eeb216ab9f7e9b375270426c4dfd6`
SHA256	`826d59b40d332b10c06c4acb34e41c60e5213e3a5049d14a250868d2075cfc65`
CRC32	`77304DF6`
ssdeep	`24576:V4lGLbMMHMMMvMMZMMMKzb6XmMMMiMMMz8JMMHMMM6MMZMMMeXNMMzMMMUMMVMMb:7MMHMMMvMMZMMMlmMMMiMMMYJMMHMMMg`
PDB Path	iexplore.pdb
Yara	Win32_Trojan_Gen_2_0904B0_Zero - Win32 Trojan Gen PE_Header_Zero - PE File Signature Zero Win32_Trojan_Gen_1_0904B0_Zero - Win32 Trojan Emotet win_mutex - Create or check mutex IsPE64 - (no description) IsWindowsGUI - (no description) HasOverlay - Overlay Check HasDebugData - DebugData Check HasRichSignature - Rich Signature Check

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

This executable has a PDB path (1 event)

pdb_path

iexplore.pdb

The executable contains unknown PE section names indicative of a packer (could be a false positive) (1 event)

section

.didat

The file contains an unknown PE resource name possibly indicative of a packer (4 events)

resource name	EDPENLIGHTENEDAPPINFOID
resource name	EDPPERMISSIVEAPPINFOID
resource name	MUI
resource name	WEVT_TEMPLATE