popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name a9609da701735784_Ahnlab.hwp
Submit file
Filepath C:\Users\test22\AppData\Roaming\Ahnlab\Ahnlab.hwp
Size 26.4KB
Processes 6240 (None)
Type Little-endian UTF-16 Unicode text, with CRLF, CR line terminators
MD5 4a5bd3c478786fad06a3e94f9c6db08c
SHA1 ae4788b70bccdf243fad6c6cf25074e241a9bd68
SHA256 a9609da70173578488470611efc7343cec576c5af36afd1d0befc78071ea631b
CRC32 592F94B9
ssdeep 96:fkA1CjRUSRcxhgR/dZ1HCltYSgmNoIpvRiMLdvOrd3iHSmUKxp6FBc/LLkARt/UY:fM7VshXrXaIGIPsDeUCAQlJ
Yara
  • NPKI_Zero - File included NPKI
  • Antivirus - Contains references to security software
VirusTotal Search for analysis
Name f825dd89181e7435_d93f411851d7c929.customDestinations-ms~RF1249cff.TMP
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d93f411851d7c929.customDestinations-ms~RF1249cff.TMP
Size 7.8KB
Processes 6240 (None) 6956 (None)
Type data
MD5 61d3b003e73f968491bb9de05318fcbd
SHA1 abb40732bf72a072c5b176449fdb8f1c56383e03
SHA256 f825dd89181e743525684aff8d99cc6d78046e461147c33b6f7a182b98c58ea9
CRC32 76116DE9
ssdeep 96:wtuCiGCPDXBqvsqvJCwoNtuCiGCPDXBqvsEHyqvJCworc7HwxGlUVul:wt7XoNt7bHnorXxY
Yara
  • Antivirus - Contains references to security software
VirusTotal Search for analysis