Report - ZeroBOX

ScreenShot

Info
Location map


Created	2024.08.10 13:08	Machine	s1_win7_x6401
Filename	a.exe
Type	PE32 executable (GUI) Intel 80386, for MS Windows
AI Score	8	Behavior Score	2.0
ZERO API	file : mailcious
VT API (file)	10 detected (AIDetectMalware, Attribute, HighConfidence, Artemis, MALICIOUS, TScope, Delf)
md5	2e171efa60b0cae4b318b199be88a351
sha256	ce5891692b7d5ae283572219ab913cf2c0ea38fc92f890ca43642d58dfdf05f4
ssdeep	24576:j2dY5pahuIUhPVE/uQPgI/QWJGYofBgS4p1tMHYgC1J5j2Rme6ll6nwKJJFTntnf:q6Yu+H5of+Sw1pgC17ll6wKJzTtn6
imphash	14794cdd55bb636a9e37ffbf81374e3c
impfuzzy	192:QOjE9FUoncdqEGUuJdVYTexaWTOwIDubNv/Q6cuPyzO:QOjEvFcExvTOmbNv/iO

Network IP location

Signature (5cnts)

Level	Description
watch	Detects the presence of Wine emulator
watch	File has been identified by 10 AntiVirus engines on VirusTotal as malicious
notice	Allocates read-write-execute memory (usually to unpack itself)
info	The executable contains unknown PE section names indicative of a packer (could be a false positive)
info	The executable uses a known packer

Rules (9cnts)

Level	Name	Description	Collection
warning	Generic_Malware_Zero	Generic Malware	binaries (upload)
watch	Admin_Tool_IN_Zero	Admin Tool Sysinternals	binaries (upload)
watch	Malicious_Library_Zero	Malicious_Library	binaries (upload)
watch	Malicious_Packer_Zero	Malicious Packer	binaries (upload)
watch	UPX_Zero	UPX packed file	binaries (upload)
info	IsPE32	(no description)	binaries (upload)
info	mzp_file_format	MZP(Delphi) file format	binaries (upload)
info	OS_Processor_Check_Zero	OS Processor Check	binaries (upload)
info	PE_Header_Zero	PE File Signature	binaries (upload)

Network (0cnts) ?

Request	CC	ASN Co	IP4	Rule ?	ZERO ?

Suricata ids

PE API

IAT(Import Address Table) Library

kernel32.dll
0x5fa898 GetACP
0x5fa89c CloseHandle
0x5fa8a0 LocalFree
0x5fa8a4 SizeofResource
0x5fa8a8 GetCurrentProcessId
0x5fa8ac QueryPerformanceFrequency
0x5fa8b0 IsDebuggerPresent
0x5fa8b4 VirtualFree
0x5fa8b8 GetFullPathNameW
0x5fa8bc GetProcessHeap
0x5fa8c0 ExitProcess
0x5fa8c4 HeapAlloc
0x5fa8c8 GetCPInfoExW
0x5fa8cc RtlUnwind
0x5fa8d0 GetCPInfo
0x5fa8d4 EnumSystemLocalesW
0x5fa8d8 GetStdHandle
0x5fa8dc GetModuleHandleW
0x5fa8e0 FreeLibrary
0x5fa8e4 TryEnterCriticalSection
0x5fa8e8 HeapDestroy
0x5fa8ec ReadFile
0x5fa8f0 GetLastError
0x5fa8f4 GetModuleFileNameW
0x5fa8f8 SetLastError
0x5fa8fc GlobalAlloc
0x5fa900 GlobalUnlock
0x5fa904 FindResourceW
0x5fa908 CreateThread
0x5fa90c CompareStringW
0x5fa910 LoadLibraryA
0x5fa914 ResetEvent
0x5fa918 MulDiv
0x5fa91c FreeResource
0x5fa920 GetVersion
0x5fa924 RaiseException
0x5fa928 GlobalAddAtomW
0x5fa92c FormatMessageW
0x5fa930 SwitchToThread
0x5fa934 GetExitCodeThread
0x5fa938 GetCurrentThread
0x5fa93c LoadLibraryExW
0x5fa940 LockResource
0x5fa944 GetCurrentThreadId
0x5fa948 UnhandledExceptionFilter
0x5fa94c VirtualQuery
0x5fa950 GlobalFindAtomW
0x5fa954 VirtualQueryEx
0x5fa958 GlobalFree
0x5fa95c Sleep
0x5fa960 EnterCriticalSection
0x5fa964 SetFilePointer
0x5fa968 LoadResource
0x5fa96c SuspendThread
0x5fa970 GetTickCount
0x5fa974 GetStartupInfoW
0x5fa978 GlobalDeleteAtom
0x5fa97c GetFileAttributesW
0x5fa980 InitializeCriticalSection
0x5fa984 GetThreadPriority
0x5fa988 SetThreadPriority
0x5fa98c GlobalLock
0x5fa990 GetCurrentProcess
0x5fa994 VirtualAlloc
0x5fa998 GetCommandLineW
0x5fa99c GetSystemInfo
0x5fa9a0 LeaveCriticalSection
0x5fa9a4 GetProcAddress
0x5fa9a8 ResumeThread
0x5fa9ac GetVersionExW
0x5fa9b0 VerifyVersionInfoW
0x5fa9b4 HeapCreate
0x5fa9b8 LCMapStringW
0x5fa9bc VerSetConditionMask
0x5fa9c0 GetDiskFreeSpaceW
0x5fa9c4 FindFirstFileW
0x5fa9c8 GetUserDefaultUILanguage
0x5fa9cc lstrlenW
0x5fa9d0 QueryPerformanceCounter
0x5fa9d4 SetEndOfFile
0x5fa9d8 HeapFree
0x5fa9dc WideCharToMultiByte
0x5fa9e0 FindClose
0x5fa9e4 MultiByteToWideChar
0x5fa9e8 LoadLibraryW
0x5fa9ec SetEvent
0x5fa9f0 CreateFileW
0x5fa9f4 GetLocaleInfoW
0x5fa9f8 EnumResourceNamesW
0x5fa9fc GetLocalTime
0x5faa00 WaitForSingleObject
0x5faa04 WriteFile
0x5faa08 ExitThread
0x5faa0c DeleteCriticalSection
0x5faa10 TlsGetValue
0x5faa14 GetDateFormatW
0x5faa18 SetErrorMode
0x5faa1c IsValidLocale
0x5faa20 TlsSetValue
0x5faa24 GetSystemDefaultUILanguage
0x5faa28 EnumCalendarInfoW
0x5faa2c LocalAlloc
0x5faa30 CreateEventW
0x5faa34 WaitForMultipleObjectsEx
0x5faa38 SetThreadLocale
0x5faa3c GetThreadLocale
winspool.drv
0x5faa44 DocumentPropertiesW
0x5faa48 ClosePrinter
0x5faa4c OpenPrinterW
0x5faa50 GetDefaultPrinterW
0x5faa54 EnumPrintersW
comctl32.dll
0x5faa5c ImageList_GetImageInfo
0x5faa60 FlatSB_SetScrollInfo
0x5faa64 ImageList_DragMove
0x5faa68 ImageList_Destroy
0x5faa6c _TrackMouseEvent
0x5faa70 ImageList_DragShowNolock
0x5faa74 ImageList_Add
0x5faa78 FlatSB_SetScrollProp
0x5faa7c ImageList_GetDragImage
0x5faa80 ImageList_Create
0x5faa84 ImageList_EndDrag
0x5faa88 ImageList_DrawEx
0x5faa8c ImageList_SetImageCount
0x5faa90 FlatSB_GetScrollPos
0x5faa94 FlatSB_SetScrollPos
0x5faa98 InitializeFlatSB
0x5faa9c ImageList_Copy
0x5faaa0 FlatSB_GetScrollInfo
0x5faaa4 ImageList_Write
0x5faaa8 ImageList_DrawIndirect
0x5faaac ImageList_SetBkColor
0x5faab0 ImageList_GetBkColor
0x5faab4 ImageList_BeginDrag
0x5faab8 ImageList_GetIcon
0x5faabc ImageList_Replace
0x5faac0 ImageList_GetImageCount
0x5faac4 ImageList_DragEnter
0x5faac8 ImageList_GetIconSize
0x5faacc ImageList_SetIconSize
0x5faad0 ImageList_Read
0x5faad4 ImageList_DragLeave
0x5faad8 ImageList_LoadImageW
0x5faadc ImageList_Draw
0x5faae0 ImageList_Remove
0x5faae4 ImageList_ReplaceIcon
0x5faae8 ImageList_SetOverlayImage
shell32.dll
0x5faaf0 Shell_NotifyIconW
0x5faaf4 SHAppBarMessage
ole32.dll
0x5faafc IsEqualGUID
0x5fab00 OleInitialize
0x5fab04 OleUninitialize
0x5fab08 CoInitialize
0x5fab0c CoCreateInstance
0x5fab10 CoUninitialize
0x5fab14 CoTaskMemFree
0x5fab18 CoTaskMemAlloc
version.dll
0x5fab20 GetFileVersionInfoSizeW
0x5fab24 VerQueryValueW
0x5fab28 GetFileVersionInfoW
user32.dll
0x5fab30 CopyImage
0x5fab34 CreateWindowExW
0x5fab38 GetMenuItemInfoW
0x5fab3c SetMenuItemInfoW
0x5fab40 DefFrameProcW
0x5fab44 GetDCEx
0x5fab48 PeekMessageW
0x5fab4c MonitorFromWindow
0x5fab50 GetDlgCtrlID
0x5fab54 GetUpdateRect
0x5fab58 SetTimer
0x5fab5c WindowFromPoint
0x5fab60 BeginPaint
0x5fab64 RegisterClipboardFormatW
0x5fab68 FrameRect
0x5fab6c MapVirtualKeyW
0x5fab70 IsWindowUnicode
0x5fab74 RegisterWindowMessageW
0x5fab78 FillRect
0x5fab7c GetMenuStringW
0x5fab80 DispatchMessageW
0x5fab84 CreateAcceleratorTableW
0x5fab88 SendMessageA
0x5fab8c DefMDIChildProcW
0x5fab90 EnumWindows
0x5fab94 GetClassInfoW
0x5fab98 ShowOwnedPopups
0x5fab9c GetSystemMenu
0x5faba0 GetScrollRange
0x5faba4 GetScrollPos
0x5faba8 SetScrollPos
0x5fabac GetActiveWindow
0x5fabb0 SetActiveWindow
0x5fabb4 DrawEdge
0x5fabb8 GetKeyboardLayoutList
0x5fabbc LoadBitmapW
0x5fabc0 DrawFocusRect
0x5fabc4 EnumChildWindows
0x5fabc8 GetScrollBarInfo
0x5fabcc ReleaseCapture
0x5fabd0 UnhookWindowsHookEx
0x5fabd4 LoadCursorW
0x5fabd8 GetCapture
0x5fabdc SetCapture
0x5fabe0 CreatePopupMenu
0x5fabe4 ScrollWindow
0x5fabe8 ShowCaret
0x5fabec GetMenuItemID
0x5fabf0 GetLastActivePopup
0x5fabf4 CharLowerBuffW
0x5fabf8 GetSystemMetrics
0x5fabfc SetWindowLongW
0x5fac00 PostMessageW
0x5fac04 DrawMenuBar
0x5fac08 SetParent
0x5fac0c IsZoomed
0x5fac10 CharUpperBuffW
0x5fac14 GetClientRect
0x5fac18 IsChild
0x5fac1c ClientToScreen
0x5fac20 GetClipboardData
0x5fac24 SetClipboardData
0x5fac28 SetWindowPlacement
0x5fac2c IsIconic
0x5fac30 CallNextHookEx
0x5fac34 GetMonitorInfoW
0x5fac38 ShowWindow
0x5fac3c CheckMenuItem
0x5fac40 CharUpperW
0x5fac44 DefWindowProcW
0x5fac48 GetForegroundWindow
0x5fac4c SetForegroundWindow
0x5fac50 GetWindowTextW
0x5fac54 EnableWindow
0x5fac58 DestroyWindow
0x5fac5c IsDialogMessageW
0x5fac60 EndMenu
0x5fac64 RegisterClassW
0x5fac68 CharNextW
0x5fac6c GetWindowThreadProcessId
0x5fac70 RedrawWindow
0x5fac74 GetDC
0x5fac78 GetFocus
0x5fac7c SetFocus
0x5fac80 EndPaint
0x5fac84 ReleaseDC
0x5fac88 MsgWaitForMultipleObjectsEx
0x5fac8c LoadKeyboardLayoutW
0x5fac90 GetClassLongW
0x5fac94 ActivateKeyboardLayout
0x5fac98 GetParent
0x5fac9c DrawTextW
0x5faca0 SetScrollRange
0x5faca4 MonitorFromRect
0x5faca8 InsertMenuItemW
0x5facac PeekMessageA
0x5facb0 GetPropW
0x5facb4 SetClassLongW
0x5facb8 MessageBoxW
0x5facbc MessageBeep
0x5facc0 SetPropW
0x5facc4 RemovePropW
0x5facc8 UpdateWindow
0x5faccc GetSubMenu
0x5facd0 MsgWaitForMultipleObjects
0x5facd4 DestroyMenu
0x5facd8 DestroyIcon
0x5facdc SetWindowsHookExW
0x5face0 EmptyClipboard
0x5face4 IsWindowVisible
0x5face8 DispatchMessageA
0x5facec UnregisterClassW
0x5facf0 GetTopWindow
0x5facf4 SendMessageW
0x5facf8 AdjustWindowRectEx
0x5facfc DrawIcon
0x5fad00 IsWindow
0x5fad04 EnumThreadWindows
0x5fad08 InvalidateRect
0x5fad0c GetKeyboardState
0x5fad10 DrawFrameControl
0x5fad14 ScreenToClient
0x5fad18 SetCursor
0x5fad1c CreateIcon
0x5fad20 CreateMenu
0x5fad24 LoadStringW
0x5fad28 CharLowerW
0x5fad2c SetWindowPos
0x5fad30 SetWindowRgn
0x5fad34 GetMenuItemCount
0x5fad38 RemoveMenu
0x5fad3c GetSysColorBrush
0x5fad40 GetKeyboardLayoutNameW
0x5fad44 GetWindowDC
0x5fad48 TranslateMessage
0x5fad4c OpenClipboard
0x5fad50 DrawTextExW
0x5fad54 MapWindowPoints
0x5fad58 EnumDisplayMonitors
0x5fad5c CallWindowProcW
0x5fad60 CloseClipboard
0x5fad64 DestroyCursor
0x5fad68 GetScrollInfo
0x5fad6c SetWindowTextW
0x5fad70 GetMessageExtraInfo
0x5fad74 EnableScrollBar
0x5fad78 GetSysColor
0x5fad7c TrackPopupMenu
0x5fad80 CopyIcon
0x5fad84 DrawIconEx
0x5fad88 PostQuitMessage
0x5fad8c GetClassNameW
0x5fad90 ShowScrollBar
0x5fad94 EnableMenuItem
0x5fad98 GetIconInfo
0x5fad9c GetMessagePos
0x5fada0 SetScrollInfo
0x5fada4 GetKeyNameTextW
0x5fada8 GetDesktopWindow
0x5fadac GetCursorPos
0x5fadb0 SetCursorPos
0x5fadb4 HideCaret
0x5fadb8 GetMenu
0x5fadbc GetMenuState
0x5fadc0 SetMenu
0x5fadc4 SetRect
0x5fadc8 GetKeyState
0x5fadcc FindWindowExW
0x5fadd0 MonitorFromPoint
0x5fadd4 ValidateRect
0x5fadd8 SystemParametersInfoW
0x5faddc LoadIconW
0x5fade0 GetCursor
0x5fade4 GetWindow
0x5fade8 GetWindowLongW
0x5fadec GetWindowRect
0x5fadf0 InsertMenuW
0x5fadf4 KillTimer
0x5fadf8 WaitMessage
0x5fadfc IsWindowEnabled
0x5fae00 IsDialogMessageA
0x5fae04 TranslateMDISysAccel
0x5fae08 GetWindowPlacement
0x5fae0c CreateIconIndirect
0x5fae10 FindWindowW
0x5fae14 DeleteMenu
0x5fae18 GetKeyboardLayout
oleaut32.dll
0x5fae20 SafeArrayPutElement
0x5fae24 GetErrorInfo
0x5fae28 VariantInit
0x5fae2c VariantClear
0x5fae30 SysFreeString
0x5fae34 SafeArrayAccessData
0x5fae38 SysReAllocStringLen
0x5fae3c SafeArrayCreate
0x5fae40 SafeArrayGetElement
0x5fae44 SysAllocStringLen
0x5fae48 SafeArrayUnaccessData
0x5fae4c SafeArrayPtrOfIndex
0x5fae50 VariantCopy
0x5fae54 SafeArrayGetUBound
0x5fae58 SafeArrayGetLBound
0x5fae5c VariantChangeType
WTSAPI32.DLL
0x5fae64 WTSUnRegisterSessionNotification
0x5fae68 WTSRegisterSessionNotification
advapi32.dll
0x5fae70 RegSetValueExW
0x5fae74 RegConnectRegistryW
0x5fae78 RegEnumKeyExW
0x5fae7c RegLoadKeyW
0x5fae80 RegDeleteKeyW
0x5fae84 RegOpenKeyExW
0x5fae88 RegQueryInfoKeyW
0x5fae8c RegUnLoadKeyW
0x5fae90 RegSaveKeyW
0x5fae94 RegDeleteValueW
0x5fae98 RegReplaceKeyW
0x5fae9c RegFlushKey
0x5faea0 RegQueryValueExW
0x5faea4 RegEnumValueW
0x5faea8 RegCloseKey
0x5faeac RegCreateKeyExW
0x5faeb0 RegRestoreKeyW
gdi32.dll
0x5faeb8 Pie
0x5faebc SetBkMode
0x5faec0 CreateCompatibleBitmap
0x5faec4 GetEnhMetaFileHeader
0x5faec8 RectVisible
0x5faecc AngleArc
0x5faed0 SetAbortProc
0x5faed4 SetTextColor
0x5faed8 StretchBlt
0x5faedc RoundRect
0x5faee0 RestoreDC
0x5faee4 SetRectRgn
0x5faee8 GetTextMetricsW
0x5faeec GetWindowOrgEx
0x5faef0 CreatePalette
0x5faef4 PolyBezierTo
0x5faef8 CreateICW
0x5faefc CreateDCW
0x5faf00 GetStockObject
0x5faf04 CreateSolidBrush
0x5faf08 Polygon
0x5faf0c MoveToEx
0x5faf10 PlayEnhMetaFile
0x5faf14 Ellipse
0x5faf18 StartPage
0x5faf1c GetBitmapBits
0x5faf20 StartDocW
0x5faf24 AbortDoc
0x5faf28 GetSystemPaletteEntries
0x5faf2c GetEnhMetaFileBits
0x5faf30 GetEnhMetaFilePaletteEntries
0x5faf34 CreatePenIndirect
0x5faf38 CreateFontIndirectW
0x5faf3c PolyBezier
0x5faf40 EndDoc
0x5faf44 GetObjectW
0x5faf48 GetWinMetaFileBits
0x5faf4c SetROP2
0x5faf50 GetEnhMetaFileDescriptionW
0x5faf54 ArcTo
0x5faf58 Arc
0x5faf5c SelectPalette
0x5faf60 ExcludeClipRect
0x5faf64 MaskBlt
0x5faf68 SetWindowOrgEx
0x5faf6c EndPage
0x5faf70 DeleteEnhMetaFile
0x5faf74 Chord
0x5faf78 SetDIBits
0x5faf7c SetViewportOrgEx
0x5faf80 CreateRectRgn
0x5faf84 RealizePalette
0x5faf88 SetDIBColorTable
0x5faf8c GetDIBColorTable
0x5faf90 CreateBrushIndirect
0x5faf94 PatBlt
0x5faf98 SetEnhMetaFileBits
0x5faf9c Rectangle
0x5fafa0 SaveDC
0x5fafa4 DeleteDC
0x5fafa8 FrameRgn
0x5fafac BitBlt
0x5fafb0 GetDeviceCaps
0x5fafb4 GetTextExtentPoint32W
0x5fafb8 GetClipBox
0x5fafbc IntersectClipRect
0x5fafc0 Polyline
0x5fafc4 CreateBitmap
0x5fafc8 SetWinMetaFileBits
0x5fafcc CombineRgn
0x5fafd0 GetStretchBltMode
0x5fafd4 CreateDIBitmap
0x5fafd8 SetStretchBltMode
0x5fafdc GetDIBits
0x5fafe0 CreateDIBSection
0x5fafe4 LineTo
0x5fafe8 GetRgnBox
0x5fafec EnumFontsW
0x5faff0 CreateHalftonePalette
0x5faff4 SelectObject
0x5faff8 DeleteObject
0x5faffc ExtFloodFill
0x5fb000 UnrealizeObject
0x5fb004 CopyEnhMetaFileW
0x5fb008 SetBkColor
0x5fb00c CreateCompatibleDC
0x5fb010 GetBrushOrgEx
0x5fb014 GetCurrentPositionEx
0x5fb018 GetTextExtentPointW
0x5fb01c ExtTextOutW
0x5fb020 SetBrushOrgEx
0x5fb024 GetPixel
0x5fb028 GdiFlush
0x5fb02c SetPixel
0x5fb030 EnumFontFamiliesExW
0x5fb034 StretchDIBits
0x5fb038 GetPaletteEntries

EAT(Export Address Table) Library

0x41166c __dbk_fcall_wrapper
0x5f6644 dbkFCallWrapperAddr

Report - a.exe

Signature (5cnts)

Rules (9cnts)

Network (0cnts) ?

Suricata ids

PE API

Similarity measure (PE file only) - Checking for service failure