Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
04.30 02:04
BEWERBUNG.pdf.htm
04.30 01:04
BEWERBUNG.pdf.htm
04.30 01:04
Adobe%20PDF.hta
04.30 01:04
VXCX.exe
04.30 01:04
test.ps1
04.30 01:04
rah.exe
04.30 01:04
Microsoft.hta
04.30 01:04
XZCADEEW22.exe
04.30 01:04
CZXZDTGS.exe
04.30 01:04
ui.exe

Latest News
05.01 12:05
Firefox 138 향상된 프로필 관리...
05.01 12:05
Ransomware in March 2025
05.01 12:05
Nvidia CEO on Tariffs,...
05.01 12:05
Malware Analysis - Vir...
05.01 12:05
SC Award Winners 2025 ...
05.01 12:05
SC Award Winners 2025 ...
05.01 12:05
SC Award Winners 2025 ...
05.01 12:05
SC Award Winners 2025 ...
05.01 12:05
Google’s Pichai Calls ...
05.01 12:05
Nvidia CEO Urges Trump...

Summary | ZeroBOX

pussy.html

Gen1 Generic Malware Malicious Library UPX Malicious Packer PE File PE32

Category	Machine	Started	Completed
FILE	s1_win7_x6401	April 30, 2025, 1:05 p.m.	April 30, 2025, 1:07 p.m.

Size	554.0KB
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`1c8e5ffccf0b17edd12c67e4bda1a876`
SHA256	`8ae4be75ecf05d541ff0bebafa27963253e4f554f819754869bd26933c2f8941`
CRC32	`8467ED14`
ssdeep	`6144:/GUskdKGfkGauwVzGUskdKGfkGauwVSGUskdKGfkGauwVvGUskdKGfkGauwVEGUK:/SoJlQSoJl7SoJlySoJlhSoJl`
PDB Path	EaseOfAccessDialog.pdb
Yara	PE_Header_Zero - PE File Signature Win32_Trojan_Gen_1_0904B0_Zero - Win32 Trojan Emotet Malicious_Packer_Zero - Malicious Packer Malicious_Library_Zero - Malicious_Library IsPE32 - (no description) Generic_Malware_Zero - Generic Malware UPX_Zero - UPX packed file

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

This executable has a PDB path (1 event)

pdb_path

EaseOfAccessDialog.pdb

The executable contains unknown PE section names indicative of a packer (could be a false positive) (1 event)

section

.didat

The file contains an unknown PE resource name possibly indicative of a packer (1 event)

resource name

MUI

File has been identified by 18 AntiVirus engines on VirusTotal as malicious (18 events)

Bkav	W32.AIDetectMalware
Skyhigh	BehavesLike.Win32.Dropper.hh
Sangfor	Trojan.Win32.Agent.V8k0
CrowdStrike	win/malicious_confidence_60% (W)
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
Avast	Win32:Lumma-E [Drp]
Rising	Trojan.Agent/JS!8.11351 (CLOUD)
McAfeeD	ti!8AE4BE75ECF0
Sophos	Troj/DwnLd-ARJ
Google	Detected
Microsoft	Trojan:Win32/LummaStealer!rfn
ZoneAlarm	Troj/DwnLd-ARJ
McAfee	Artemis!1C8E5FFCCF0B
DeepInstinct	MALICIOUS
Ikarus	Dropper.Lumma
AVG	Win32:Lumma-E [Drp]
Paloalto	generic.ml