popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name bde6aed64e088830_sihost32.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\inc\sihost32.exe
Size 7.5KB
Processes 2232 (godeth.exe) 2524 (svchost.exe)
Type PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
MD5 69306be3104dd39865756aca729771b5
SHA1 83bbab7f6b935bae67d0396d25b61535cd5662be
SHA256 bde6aed64e088830fe262d8cdb73b5aac3ebd807dd5bf09c39dbf1dcdeb93d2b
CRC32 E9BA7F22
ssdeep 192:iQUOUCqNRn8UyP3VD3nAK1HvRG/hBeWu:i/fCyR8UkFbAcUeW
Yara
  • PE_Header_Zero - PE File Signature Zero
  • Win_Backdoor_AsyncRAT_Zero - Win Backdoor AsyncRAT
  • IsPE64 - (no description)
  • IsWindowsGUI - (no description)
  • ImportTableIsBad - ImportTable Check
VirusTotal Search for analysis
Name 6aa8107578a0d284_svchost.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\svchost.exe
Size 1.6MB
Processes 2232 (godeth.exe)
Type PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
MD5 e3b8893e65bdb0f42574c0f7e05ec8ce
SHA1 b2a15a828592ca3e989a1b0c99df60c077cac0d2
SHA256 6aa8107578a0d284976d18fb114c1a0ffd247163d9a931b75b1baf42f0616dd5
CRC32 2A0C7AC7
ssdeep 24576:BqUeiPVa2/7fgcT3pnDB840fxxD8wfRfMt+u9cBEw70dRDHIjogQ1vPFnd/bPT8H:B7VvDXN8/ffD/RYoEw7aIjogQVf0XX
Yara
  • PE_Header_Zero - PE File Signature Zero
  • Win_Backdoor_AsyncRAT_Zero - Win Backdoor AsyncRAT
  • IsPE64 - (no description)
  • IsWindowsGUI - (no description)
  • IsPacked - Entropy Check
  • ImportTableIsBad - ImportTable Check
VirusTotal Search for analysis