Report - ZeroBOX

ScreenShot

Info
Location map


Created	2024.06.17 13:26	Machine	s1_win7_x6403
Filename	chrome.exe
Type	PE32 executable (GUI) Intel 80386, for MS Windows
AI Score	10	Behavior Score	2.0
ZERO API	file : clean
VT API (file)	47 detected (AIDetectMalware, Malicious, score, GenericKD, Unsafe, Save, Genus, Attribute, HighConfidence, high confidence, FlyStudio, Generic@AI, RDML, KfV8+9DR4+pnsZHWkuUwog, ZexaF, Qq0@aut8gokb, Real Protect, high, Generic Reputation PUA, Vemply, Detected, RA@1qraug, 10ODIJ9, Eldorado, GenericRXAA, Injuke, ai score=81, susgen, FlyApplication, confidence, 100%)
md5	d35043ced01af08d55ec8cb5d3f368c7
sha256	d78359314732275ef2f721397cc512579dcef1c5216b419db69b07992033f131
ssdeep	12288:cWRmKTW7SQudufC2FDLIjwZyv4w7uYJ++:chK67xuQdpewZC4wVE+
imphash	55f99592158ded8143f96defacd2fe37
impfuzzy	192:K7PJM08CehjUqT0E4z/tsRcRcpcaKSZtQJh:4MNHTpEUSh

Network IP location

Signature (4cnts)

Level	Description
danger	File has been identified by 47 AntiVirus engines on VirusTotal as malicious
notice	Foreign language identified in PE resource
info	The executable uses a known packer
info	The file contains an unknown PE resource name possibly indicative of a packer

Rules (7cnts)

Level	Name	Description	Collection
warning	Generic_Malware_Zero	Generic Malware	binaries (upload)
watch	Malicious_Library_Zero	Malicious_Library	binaries (upload)
watch	UPX_Zero	UPX packed file	binaries (upload)
info	DllRegisterServer_Zero	execute regsvr32.exe	binaries (upload)
info	IsPE32	(no description)	binaries (upload)
info	OS_Processor_Check_Zero	OS Processor Check	binaries (upload)
info	PE_Header_Zero	PE File Signature	binaries (upload)

Network (0cnts) ?

Request	CC	ASN Co	IP4	Rule ?	ZERO ?

Suricata ids

PE API

IAT(Import Address Table) Library

KERNEL32.dll
0x47d170 SetEndOfFile
0x47d174 UnlockFile
0x47d178 LockFile
0x47d17c FlushFileBuffers
0x47d180 SetFilePointer
0x47d184 GetCurrentProcess
0x47d188 DuplicateHandle
0x47d18c lstrcpynA
0x47d190 SetLastError
0x47d194 FileTimeToLocalFileTime
0x47d198 FileTimeToSystemTime
0x47d19c LocalFree
0x47d1a0 InterlockedDecrement
0x47d1a4 CreateSemaphoreA
0x47d1a8 ResumeThread
0x47d1ac ReleaseSemaphore
0x47d1b0 EnterCriticalSection
0x47d1b4 LeaveCriticalSection
0x47d1b8 GetProfileStringA
0x47d1bc SetStdHandle
0x47d1c0 IsBadCodePtr
0x47d1c4 IsBadReadPtr
0x47d1c8 CompareStringW
0x47d1cc CompareStringA
0x47d1d0 SetUnhandledExceptionFilter
0x47d1d4 GetStringTypeW
0x47d1d8 GetStringTypeA
0x47d1dc IsBadWritePtr
0x47d1e0 VirtualAlloc
0x47d1e4 LCMapStringW
0x47d1e8 LCMapStringA
0x47d1ec SetEnvironmentVariableA
0x47d1f0 VirtualFree
0x47d1f4 HeapCreate
0x47d1f8 HeapDestroy
0x47d1fc GetEnvironmentVariableA
0x47d200 GetFileType
0x47d204 GetStdHandle
0x47d208 SetHandleCount
0x47d20c GetEnvironmentStringsW
0x47d210 GetEnvironmentStrings
0x47d214 FreeEnvironmentStringsW
0x47d218 FreeEnvironmentStringsA
0x47d21c UnhandledExceptionFilter
0x47d220 GetACP
0x47d224 HeapSize
0x47d228 TerminateProcess
0x47d22c GetLocalTime
0x47d230 GetSystemTime
0x47d234 GetTimeZoneInformation
0x47d238 WriteFile
0x47d23c WaitForMultipleObjects
0x47d240 CreateFileA
0x47d244 SetEvent
0x47d248 FindResourceA
0x47d24c LoadResource
0x47d250 LockResource
0x47d254 ReadFile
0x47d258 GetModuleFileNameA
0x47d25c WideCharToMultiByte
0x47d260 MultiByteToWideChar
0x47d264 GetCurrentThreadId
0x47d268 ExitProcess
0x47d26c GlobalSize
0x47d270 GlobalFree
0x47d274 DeleteCriticalSection
0x47d278 InitializeCriticalSection
0x47d27c lstrcatA
0x47d280 lstrlenA
0x47d284 WinExec
0x47d288 lstrcpyA
0x47d28c FindNextFileA
0x47d290 GlobalReAlloc
0x47d294 HeapFree
0x47d298 HeapReAlloc
0x47d29c GetProcessHeap
0x47d2a0 HeapAlloc
0x47d2a4 GetFullPathNameA
0x47d2a8 FreeLibrary
0x47d2ac LoadLibraryA
0x47d2b0 GetLastError
0x47d2b4 GetVersionExA
0x47d2b8 WritePrivateProfileStringA
0x47d2bc CreateThread
0x47d2c0 CreateEventA
0x47d2c4 Sleep
0x47d2c8 GlobalAlloc
0x47d2cc GlobalLock
0x47d2d0 GlobalUnlock
0x47d2d4 FindFirstFileA
0x47d2d8 FindClose
0x47d2dc SetFileAttributesA
0x47d2e0 GetFileAttributesA
0x47d2e4 RaiseException
0x47d2e8 RtlUnwind
0x47d2ec GetStartupInfoA
0x47d2f0 GetOEMCP
0x47d2f4 GetCPInfo
0x47d2f8 GetProcessVersion
0x47d2fc SetErrorMode
0x47d300 GlobalFlags
0x47d304 GetCurrentThread
0x47d308 GetFileTime
0x47d30c GetFileSize
0x47d310 TlsGetValue
0x47d314 LocalReAlloc
0x47d318 TlsSetValue
0x47d31c TlsFree
0x47d320 GlobalHandle
0x47d324 SetCurrentDirectoryA
0x47d328 GetVolumeInformationA
0x47d32c GetModuleHandleA
0x47d330 GetProcAddress
0x47d334 TlsAlloc
0x47d338 LocalAlloc
0x47d33c lstrcmpA
0x47d340 GetVersion
0x47d344 GlobalGetAtomNameA
0x47d348 GlobalAddAtomA
0x47d34c GlobalFindAtomA
0x47d350 GlobalDeleteAtom
0x47d354 lstrcmpiA
0x47d358 MulDiv
0x47d35c GetCommandLineA
0x47d360 GetTickCount
0x47d364 WaitForSingleObject
0x47d368 CloseHandle
0x47d36c InterlockedIncrement
USER32.dll
0x47d390 OpenClipboard
0x47d394 SetClipboardData
0x47d398 EmptyClipboard
0x47d39c IsClipboardFormatAvailable
0x47d3a0 GetSystemMetrics
0x47d3a4 GetCursorPos
0x47d3a8 MessageBoxA
0x47d3ac SetWindowPos
0x47d3b0 SendMessageA
0x47d3b4 DestroyCursor
0x47d3b8 SetParent
0x47d3bc GetClipboardData
0x47d3c0 PostMessageA
0x47d3c4 GetTopWindow
0x47d3c8 GetParent
0x47d3cc CloseClipboard
0x47d3d0 wsprintfA
0x47d3d4 GetFocus
0x47d3d8 GetClientRect
0x47d3dc InvalidateRect
0x47d3e0 ValidateRect
0x47d3e4 UpdateWindow
0x47d3e8 EqualRect
0x47d3ec GetWindowRect
0x47d3f0 SetForegroundWindow
0x47d3f4 IsWindow
0x47d3f8 RegisterClassA
0x47d3fc DestroyMenu
0x47d400 IsChild
0x47d404 ReleaseDC
0x47d408 IsRectEmpty
0x47d40c FillRect
0x47d410 GetDC
0x47d414 SetCursor
0x47d418 LoadCursorA
0x47d41c SetCursorPos
0x47d420 SetActiveWindow
0x47d424 GetSysColor
0x47d428 SetWindowLongA
0x47d42c GetWindowLongA
0x47d430 RedrawWindow
0x47d434 EnableWindow
0x47d438 IsWindowVisible
0x47d43c OffsetRect
0x47d440 PtInRect
0x47d444 DestroyIcon
0x47d448 IntersectRect
0x47d44c InflateRect
0x47d450 SetRect
0x47d454 SetScrollPos
0x47d458 SetScrollRange
0x47d45c GetScrollRange
0x47d460 SetCapture
0x47d464 LoadIconA
0x47d468 TranslateMessage
0x47d46c DrawFrameControl
0x47d470 DrawEdge
0x47d474 DrawFocusRect
0x47d478 WindowFromPoint
0x47d47c GetMessageA
0x47d480 DispatchMessageA
0x47d484 SetRectEmpty
0x47d488 RegisterClipboardFormatA
0x47d48c CreateIconFromResourceEx
0x47d490 CreateIconFromResource
0x47d494 DrawIconEx
0x47d498 CreatePopupMenu
0x47d49c AppendMenuA
0x47d4a0 ModifyMenuA
0x47d4a4 CreateMenu
0x47d4a8 CreateAcceleratorTableA
0x47d4ac GetDlgCtrlID
0x47d4b0 GetSubMenu
0x47d4b4 EnableMenuItem
0x47d4b8 ClientToScreen
0x47d4bc EnumDisplaySettingsA
0x47d4c0 LoadImageA
0x47d4c4 SystemParametersInfoA
0x47d4c8 ShowWindow
0x47d4cc IsWindowEnabled
0x47d4d0 TranslateAcceleratorA
0x47d4d4 GetKeyState
0x47d4d8 CopyAcceleratorTableA
0x47d4dc PostQuitMessage
0x47d4e0 IsZoomed
0x47d4e4 GetClassInfoA
0x47d4e8 DefWindowProcA
0x47d4ec GetSystemMenu
0x47d4f0 DeleteMenu
0x47d4f4 GetMenu
0x47d4f8 SetMenu
0x47d4fc PeekMessageA
0x47d500 GetWindowTextA
0x47d504 GetWindowTextLengthA
0x47d508 CharUpperA
0x47d50c GetWindowDC
0x47d510 BeginPaint
0x47d514 EndPaint
0x47d518 TabbedTextOutA
0x47d51c DrawTextA
0x47d520 GrayStringA
0x47d524 GetDlgItem
0x47d528 DestroyWindow
0x47d52c CreateDialogIndirectParamA
0x47d530 EndDialog
0x47d534 GetNextDlgTabItem
0x47d538 GetWindowPlacement
0x47d53c RegisterWindowMessageA
0x47d540 GetForegroundWindow
0x47d544 GetLastActivePopup
0x47d548 GetMessageTime
0x47d54c RemovePropA
0x47d550 CallWindowProcA
0x47d554 GetPropA
0x47d558 UnhookWindowsHookEx
0x47d55c SetPropA
0x47d560 GetClassLongA
0x47d564 CallNextHookEx
0x47d568 SetWindowsHookExA
0x47d56c CreateWindowExA
0x47d570 GetMenuItemID
0x47d574 GetMenuItemCount
0x47d578 UnregisterClassA
0x47d57c GetScrollPos
0x47d580 AdjustWindowRectEx
0x47d584 MapWindowPoints
0x47d588 SendDlgItemMessageA
0x47d58c ScrollWindowEx
0x47d590 IsDialogMessageA
0x47d594 SetWindowTextA
0x47d598 MoveWindow
0x47d59c CheckMenuItem
0x47d5a0 SetMenuItemBitmaps
0x47d5a4 GetMenuState
0x47d5a8 GetMenuCheckMarkDimensions
0x47d5ac GetClassNameA
0x47d5b0 GetDesktopWindow
0x47d5b4 LoadStringA
0x47d5b8 GetSysColorBrush
0x47d5bc IsIconic
0x47d5c0 SetFocus
0x47d5c4 GetActiveWindow
0x47d5c8 GetWindow
0x47d5cc DestroyAcceleratorTable
0x47d5d0 SetWindowRgn
0x47d5d4 GetMessagePos
0x47d5d8 ScreenToClient
0x47d5dc ChildWindowFromPointEx
0x47d5e0 CopyRect
0x47d5e4 LoadBitmapA
0x47d5e8 WinHelpA
0x47d5ec KillTimer
0x47d5f0 SetTimer
0x47d5f4 ReleaseCapture
0x47d5f8 GetCapture
GDI32.dll
0x47d024 GetClipRgn
0x47d028 CreatePolygonRgn
0x47d02c SelectClipRgn
0x47d030 DeleteObject
0x47d034 CreateDIBitmap
0x47d038 GetSystemPaletteEntries
0x47d03c CreatePalette
0x47d040 StretchBlt
0x47d044 SelectPalette
0x47d048 RealizePalette
0x47d04c GetDIBits
0x47d050 GetWindowExtEx
0x47d054 GetViewportOrgEx
0x47d058 GetWindowOrgEx
0x47d05c BeginPath
0x47d060 EndPath
0x47d064 PathToRegion
0x47d068 CreateEllipticRgn
0x47d06c CreateRoundRectRgn
0x47d070 GetTextColor
0x47d074 GetBkMode
0x47d078 GetBkColor
0x47d07c GetROP2
0x47d080 GetStretchBltMode
0x47d084 GetPolyFillMode
0x47d088 CreateCompatibleBitmap
0x47d08c CreateDCA
0x47d090 CreateBitmap
0x47d094 SelectObject
0x47d098 GetObjectA
0x47d09c CreatePen
0x47d0a0 PatBlt
0x47d0a4 SetStretchBltMode
0x47d0a8 CreateRectRgn
0x47d0ac FillRgn
0x47d0b0 CreateSolidBrush
0x47d0b4 GetStockObject
0x47d0b8 CreateFontIndirectA
0x47d0bc EndPage
0x47d0c0 EndDoc
0x47d0c4 DeleteDC
0x47d0c8 StartDocA
0x47d0cc StartPage
0x47d0d0 BitBlt
0x47d0d4 CreateCompatibleDC
0x47d0d8 Ellipse
0x47d0dc Rectangle
0x47d0e0 LPtoDP
0x47d0e4 DPtoLP
0x47d0e8 GetCurrentObject
0x47d0ec RoundRect
0x47d0f0 GetTextExtentPoint32A
0x47d0f4 GetDeviceCaps
0x47d0f8 SaveDC
0x47d0fc RestoreDC
0x47d100 SetBkMode
0x47d104 SetPolyFillMode
0x47d108 SetROP2
0x47d10c SetTextColor
0x47d110 SetMapMode
0x47d114 SetViewportOrgEx
0x47d118 OffsetViewportOrgEx
0x47d11c SetViewportExtEx
0x47d120 ScaleViewportExtEx
0x47d124 SetWindowOrgEx
0x47d128 SetWindowExtEx
0x47d12c ScaleWindowExtEx
0x47d130 GetClipBox
0x47d134 ExcludeClipRect
0x47d138 MoveToEx
0x47d13c LineTo
0x47d140 CreateRectRgnIndirect
0x47d144 SetBkColor
0x47d148 CombineRgn
0x47d14c GetTextMetricsA
0x47d150 Escape
0x47d154 ExtTextOutA
0x47d158 TextOutA
0x47d15c RectVisible
0x47d160 PtVisible
0x47d164 GetViewportExtEx
0x47d168 ExtSelectClipRgn
WINMM.dll
0x47d600 midiStreamRestart
0x47d604 midiStreamClose
0x47d608 midiOutReset
0x47d60c midiStreamStop
0x47d610 midiStreamOut
0x47d614 midiOutPrepareHeader
0x47d618 midiStreamProperty
0x47d61c midiStreamOpen
0x47d620 midiOutUnprepareHeader
0x47d624 waveOutOpen
0x47d628 waveOutGetNumDevs
0x47d62c waveOutClose
0x47d630 waveOutReset
0x47d634 waveOutPause
0x47d638 waveOutWrite
0x47d63c waveOutPrepareHeader
0x47d640 waveOutUnprepareHeader
WINSPOOL.DRV
0x47d648 ClosePrinter
0x47d64c DocumentPropertiesA
0x47d650 OpenPrinterA
ADVAPI32.dll
0x47d000 RegCloseKey
0x47d004 RegOpenKeyExA
0x47d008 RegSetValueExA
0x47d00c RegQueryValueA
0x47d010 RegCreateKeyExA
SHELL32.dll
0x47d384 ShellExecuteA
0x47d388 Shell_NotifyIconA
ole32.dll
0x47d694 OleInitialize
0x47d698 OleUninitialize
0x47d69c CLSIDFromString
OLEAUT32.dll
0x47d374 UnRegisterTypeLib
0x47d378 RegisterTypeLib
0x47d37c LoadTypeLib
COMCTL32.dll
0x47d018 ImageList_Destroy
0x47d01c None
WS2_32.dll
0x47d658 ioctlsocket
0x47d65c recv
0x47d660 getpeername
0x47d664 accept
0x47d668 recvfrom
0x47d66c WSAAsyncSelect
0x47d670 closesocket
0x47d674 inet_ntoa
0x47d678 WSACleanup
comdlg32.dll
0x47d680 ChooseColorA
0x47d684 GetSaveFileNameA
0x47d688 GetOpenFileNameA
0x47d68c GetFileTitleA

EAT(Export Address Table) is none

Report - chrome.exe

Signature (4cnts)

Rules (7cnts)

Network (0cnts) ?

Suricata ids

PE API

Similarity measure (PE file only) - Checking for service failure