popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 3f2ce17fe342c19e_dacgwknemfsnay.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\DacgwKnEmfsNay.exe
Size 826.0KB
Processes 9068 (taskmgrs.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 d9667de328dbeef055555f0303914558
SHA1 8234abd9ce4a8dc1f88d0213e31871f7f3bce2bb
SHA256 3f2ce17fe342c19e6ac9890f379841df3c448099e6565b9906538b463fc02932
CRC32 EDE8DC02
ssdeep 24576:d9cNGIpIW2IQwF01t2rhQenecONB2WLhrwWoy9WPU4WD:zcNGdtRzOrhQeecONBNhrwW59qED
Yara
  • Win32_Trojan_PWS_Net_1_Zero - Win32 Trojan PWS .NET Azorult
  • PE_Header_Zero - PE File Signature Zero
  • Malicious_Packer_Zero - Malicious Packer
  • IsPE32 - (no description)
  • IsNET_EXE - (no description)
  • IsWindowsGUI - (no description)
  • IsPacked - Entropy Check
VirusTotal Search for analysis
Name 07c473339a3c6b13_tmpCAC6.tmp
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\tmpCAC6.tmp
Size 1.6KB
Processes 9068 (taskmgrs.exe)
Type XML 1.0 document, ASCII text, with CRLF line terminators
MD5 ba18b902004d5332ddfbffeaf7c5f305
SHA1 1a010ccb3f53909601beab61c451e3d2774202ec
SHA256 07c473339a3c6b13cdffcc47daa218e9c704fe8d97d7bab97be75d2e47a87b27
CRC32 707F4DFD
ssdeep 24:2dH4+SEqCH/7IlNMFQ/rlMhEMjnGpwjpIgUYODOLD9RJh7h8gKB6tn:cbhf7IlNQQ/rydbz9I3YODOLNdq3G
Yara None matched
VirusTotal Search for analysis