popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 6d35c89767de1713_axhub.dat
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\axhub.dat
Size 552.0KB
Processes 2540 (4c6b7cd617a0dcf2d783efd0d73e87ee.exe) 2744 (rundll32.exe)
Type data
MD5 5be024e5c147986ca4871420993464df
SHA1 3c575754ac3d37202c9582a63b6a2c2487ec322e
SHA256 6d35c89767de1713ca71819a9abecc69164b6f4598a1e16944cc902088e95dc2
CRC32 9C108C66
ssdeep 12288:N9SLN+NH0khUZY+vcvw1bG8QYewwB9gL1xBh2:N2Q2ZYuaoel9gLHBh2
Yara None matched
VirusTotal Search for analysis
Name 2f4690b3c2587c0b_api-ms-win-core-namedpipe-l1-1-0.dll
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\api-ms-win-core-namedpipe-l1-1-0.dll
Size 17.7KB
Processes 2540 (4c6b7cd617a0dcf2d783efd0d73e87ee.exe)
Type PE32 executable (DLL) (console) Intel 80386, for MS Windows
MD5 87b1814412cdac3d08fad8dd3a79ebad
SHA1 ca1946721d023be9825a5afac4364248a56111e1
SHA256 2f4690b3c2587c0bfb81ab701d50e497406994613151faf007423c59ca5e2281
CRC32 C70F5BC3
ssdeep 192:9W2ubhWV/vEoOle99YOCAs/nGfe4pBjSfnVTrcw1mWYyieHaVWQ4mWPRqnaj+uBU:9WlhWwMIA0GftpBjAVkw2g6URlfD2n
Yara
  • IsDLL - (no description)
  • IsPE32 - (no description)
  • PE_Header_Zero - PE File Signature
VirusTotal Search for analysis
Name 550d4fc902f25f2a_api-ms-win-core-string-l1-1-0.dll
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\api-ms-win-core-string-l1-1-0.dll
Size 17.7KB
Processes 2540 (4c6b7cd617a0dcf2d783efd0d73e87ee.exe)
Type PE32 executable (DLL) (console) Intel 80386, for MS Windows
MD5 4c745dc13735b4822ff160cb18b61e22
SHA1 cdc23598548a2f1cbf9ac2ba1003b6d6af0471d0
SHA256 550d4fc902f25f2a0c09f475b5cecee43fb3a0a042126479560b0001db5c4891
CRC32 0BF31E06
ssdeep 384:Lx8ryMvxWlhWxaCIcPA0GftpBje0Hg604PFplpTmKYSlSSu:t8ryMvAiiRgWPF5UrSu
Yara
  • IsDLL - (no description)
  • IsPE32 - (no description)
  • PE_Header_Zero - PE File Signature
VirusTotal Search for analysis
Name 8206b4b3897ca45b_axhub.dll
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\axhub.dll
Size 73.0KB
Processes 2540 (4c6b7cd617a0dcf2d783efd0d73e87ee.exe) 2744 (rundll32.exe)
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 1c7be730bdc4833afb7117d48c3fd513
SHA1 dc7e38cfe2ae4a117922306aead5a7544af646b8
SHA256 8206b4b3897ca45b9e083273f616902966e57091516844906e6ae2aefe63cef1
CRC32 6DDF7E9E
ssdeep 1536:8E2T9eB25V6ohiQ5I7wgHCoNEsWv8Scdy0Je5JF:8S4ouQHXNFTy0JyJF
Yara
  • IsDLL - (no description)
  • IsPE32 - (no description)
  • OS_Processor_Check_Zero - OS Processor Check
  • Win32_Trojan_Gen_2_0904B0_Zero - Win32 Trojan Gen
  • PE_Header_Zero - PE File Signature
VirusTotal Search for analysis