popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 879811fbedbef41d_xvphzzzbcdrtxb.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\XvpHZzzbcdrtXB.exe
Size 959.5KB
Processes 2648 (kat.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 6df35d13af1d81c07add53e3b8efb89e
SHA1 61dba2f56928d38e231e136a00ea9930f414c9ab
SHA256 879811fbedbef41d9e338bebab74f5240924ef003d4631ef73ad6080b99b75c9
CRC32 0363365B
ssdeep 24576:Lz/hisa6b1OdVFJhX/FjGRBkRkm7QkNRieGIqh:LzUTO1O/sm8kNMe5qh
Yara
  • PE_Header_Zero - PE File Signature Zero
  • Win32_Trojan_PWS_Net_1_Zero - Win32 Trojan PWS .NET Azorult
  • Malicious_Packer_Zero - Malicious Packer
  • IsPE32 - (no description)
  • IsNET_EXE - (no description)
  • IsWindowsGUI - (no description)
  • IsPacked - Entropy Check
VirusTotal Search for analysis
Name b4a767c5f89ee629_tmp33C6.tmp
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\tmp33C6.tmp
Size 1.6KB
Processes 2648 (kat.exe)
Type XML 1.0 document, ASCII text, with CRLF line terminators
MD5 f8c0bf17f5159b33a62921ca6e86d347
SHA1 b3102749f201cc2a48ac0985b4e1008d6e5e1fd1
SHA256 b4a767c5f89ee6299fa7383903954d0ff8671e01e0442a03c949071ea1d3eb3c
CRC32 DEDACB1E
ssdeep 24:2dH4+SEqCH/7IlNMFQ/rlMhEMjnGpwjpIgUYODOLD9RJh7h8gKBXtn:cbhf7IlNQQ/rydbz9I3YODOLNdq3f
Yara None matched
VirusTotal Search for analysis