popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 51dc22e3dab4719b_lxthwck6mzldzjurt4ozqbzj.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\LxtHWCK6mZLdZjUrT4ozqBzj.exe
Size 4.3KB
Processes 656 (962cCBHedvM81ik3HcpfCFKU.exe)
Type HTML document, ASCII text
MD5 42ea927a2d06f92673c14014e41e329c
SHA1 c4aa715206ba6afb531aa2e185bca9dc7884bee8
SHA256 51dc22e3dab4719b91338645538395475d36d6dc5a822edf0471b7b5f5a46537
CRC32 301F7B77
ssdeep 96:1j9jwIjYjyDK/DZD8jH+k1CZBvJADh/pRsGsgszbGD:1j9jhjYjWK/lyH+kMBRADh/pmGsgsfGD
Yara None matched
VirusTotal Search for analysis
Name f9349585a2393d43_dgj4pz0ft86repjf1z0tgihz.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\dGj4Pz0ft86rEPJF1z0TgIhz.exe
Size 494.0KB
Processes 656 (962cCBHedvM81ik3HcpfCFKU.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 28345a7bb63babaf99e760965ce493b7
SHA1 7e752390f6ebca4e1e8889302549be4dd0845f62
SHA256 f9349585a2393d4378e283e73fc48d04941666ec0ccae4dd2fb68c2cad7ac9a1
CRC32 1DB82DEF
ssdeep 12288:qpHLo/ADRUoBhT3d7ybbicrZumiAgp+zjgm6sFuMLGx:SroGRU+Fu+clhl/JVuMSx
Yara
  • win_registry - Affect system registries
  • win_files_operation - Affect private profile
  • PE_Header_Zero - PE File Signature Zero
  • OS_Processor_Check_Zero - OS Processor Check Signature Zero
  • IsPE32 - (no description)
  • IsWindowsGUI - (no description)
  • IsPacked - Entropy Check
VirusTotal Search for analysis
Name 0099e62ea3beb0f1_962ccbhedvm81ik3hcpfcfku.exe
Submit file
Filepath C:\Users\test22\Documents\962cCBHedvM81ik3HcpfCFKU.exe
Size 7.5KB
Processes 1468 (updatechannel3.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 6be41709f8bfbf06307cc56d04249801
SHA1 911d8ade72bef752233237351fbdb7a9f96e2cf0
SHA256 0099e62ea3beb0f1631eb088bd697fd829963713ef4cb0e3a0a72b8c950c2383
CRC32 F4B3FBBE
ssdeep 192:3rFqRMky3fM9V7FKI47Wd+h4+0XoQ9DWhL3mj9:3rFqRMh3KlFP47Wd+hr059UL3m
Yara
  • Win_Backdoor_AsyncRAT_Zero - Win Backdoor AsyncRAT
  • PE_Header_Zero - PE File Signature Zero
  • IsPE32 - (no description)
  • IsNET_EXE - (no description)
  • IsWindowsGUI - (no description)
  • HasDebugData - DebugData Check
VirusTotal Search for analysis
Name f57488b21328f5cf_ulvnl43l8gs3pickz1nyzdtb.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\uLVnl43L8gS3piCKz1NYzdtB.exe
Size 4.3KB
Processes 656 (962cCBHedvM81ik3HcpfCFKU.exe)
Type HTML document, ASCII text
MD5 ebeef11018cb27a3409d5f4efc59d928
SHA1 aa810c6bddf6618cbd7f5e67bde3c7d8ed76b11b
SHA256 f57488b21328f5cfab98c3ae0038d0807c44f8aac1d7be9bb32e4cb36fff9c2c
CRC32 97953BE2
ssdeep 96:1j9jwIjYjyDK/DZD8jH+k1CZBvJADh/pRs0sgszbGD:1j9jhjYjWK/lyH+kMBRADh/pm0sgsfGD
Yara None matched
VirusTotal Search for analysis