popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 49b4201690b897e6_axhub.dat
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\axhub.dat
Size 552.0KB
Processes 2556 (f5aacf8c46f43d01d08fa79d2d72cfa9.exe) 2772 (rundll32.exe)
Type data
MD5 be64976b86472e4a743d06faf0637a6c
SHA1 890416c3c5e291b5ac5a27fdd4fc3d9be9b2ae51
SHA256 49b4201690b897e645b8a0d8c05039ebdcdd07677f6c82970ad25d601c7bb657
CRC32 ACCACC4A
ssdeep 12288:N9SLN+NH0khUZY+vcvw1PG8QYewwB9gL1xBt2:N2Q2ZYu+oel9gLHBt2
Yara None matched
VirusTotal Search for analysis
Name 2f4690b3c2587c0b_api-ms-win-core-namedpipe-l1-1-0.dll
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\api-ms-win-core-namedpipe-l1-1-0.dll
Size 17.7KB
Processes 2556 (f5aacf8c46f43d01d08fa79d2d72cfa9.exe)
Type PE32 executable (DLL) (console) Intel 80386, for MS Windows
MD5 87b1814412cdac3d08fad8dd3a79ebad
SHA1 ca1946721d023be9825a5afac4364248a56111e1
SHA256 2f4690b3c2587c0bfb81ab701d50e497406994613151faf007423c59ca5e2281
CRC32 C70F5BC3
ssdeep 192:9W2ubhWV/vEoOle99YOCAs/nGfe4pBjSfnVTrcw1mWYyieHaVWQ4mWPRqnaj+uBU:9WlhWwMIA0GftpBjAVkw2g6URlfD2n
Yara
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • IsDLL - (no description)
VirusTotal Search for analysis
Name 550d4fc902f25f2a_api-ms-win-core-string-l1-1-0.dll
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\api-ms-win-core-string-l1-1-0.dll
Size 17.7KB
Processes 2556 (f5aacf8c46f43d01d08fa79d2d72cfa9.exe)
Type PE32 executable (DLL) (console) Intel 80386, for MS Windows
MD5 4c745dc13735b4822ff160cb18b61e22
SHA1 cdc23598548a2f1cbf9ac2ba1003b6d6af0471d0
SHA256 550d4fc902f25f2a0c09f475b5cecee43fb3a0a042126479560b0001db5c4891
CRC32 0BF31E06
ssdeep 384:Lx8ryMvxWlhWxaCIcPA0GftpBje0Hg604PFplpTmKYSlSSu:t8ryMvAiiRgWPF5UrSu
Yara
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • IsDLL - (no description)
VirusTotal Search for analysis
Name 8206b4b3897ca45b_axhub.dll
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\axhub.dll
Size 73.0KB
Processes 2556 (f5aacf8c46f43d01d08fa79d2d72cfa9.exe) 2772 (rundll32.exe)
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 1c7be730bdc4833afb7117d48c3fd513
SHA1 dc7e38cfe2ae4a117922306aead5a7544af646b8
SHA256 8206b4b3897ca45b9e083273f616902966e57091516844906e6ae2aefe63cef1
CRC32 6DDF7E9E
ssdeep 1536:8E2T9eB25V6ohiQ5I7wgHCoNEsWv8Scdy0Je5JF:8S4ouQHXNFTy0JyJF
Yara
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • IsDLL - (no description)
  • OS_Processor_Check_Zero - OS Processor Check
  • Win32_Trojan_Gen_2_0904B0_Zero - Win32 Trojan Gen
VirusTotal Search for analysis