Report - dxw86.exe

Generic Malware PE File PE32

ScreenShot

Info
Location map


Created	2025.04.21 13:50	Machine	s1_win7_x6401
Filename	dxw86.exe
Type	PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
AI Score	5	Behavior Score	0.8
ZERO API	file : malware
VT API (file)
md5	f4a68f805fb3e6a31523ce43b7a5d1c3
sha256	767d2672f229a9949591db5f245e947525df4d734b2db4cb9a1de749d545903a
ssdeep	1536:cVvwFmXVU9u8nEGEkt+sppGZvqLtsnlx8si7hcWyYnmrhnzFhrwEgG+z5xW0:cBwgFU951fMUtQxjUSWyCmr5z8EgG+zJ
imphash
impfuzzy	3::

Network IP location

Signature (2cnts)

Level	Description
watch	Communicates with host for which no DNS query was performed
info	One or more processes crashed

Rules (3cnts)

Level	Name	Description	Collection
warning	Generic_Malware_Zero	Generic Malware	binaries (upload)
info	IsPE32	(no description)	binaries (upload)
info	PE_Header_Zero	PE File Signature	binaries (upload)

Network (1cnts) ?

Request	CC	ASN Co	IP4	Rule ?	ZERO ?
41.216.188.98 whois		FOP Samosenok Alexandr Sergeevich	41.216.188.98		clean

Suricata ids

Similarity measure (PE file only) - Checking for service failure