popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name d96e867f9c5beabd_regedit.dll
Submit file
Filepath C:\Windows\regedit.dll
Size 3.2MB
Processes 1108 (리스펙.exe)
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 11c42100a2448e095f3d4f109398d710
SHA1 b28207de909ce59b8783b46a018d6707f1a20d80
SHA256 d96e867f9c5beabdb3ae6792893755ab4610222fb262cc792040fd7f856d6a2e
CRC32 CACD2BF9
ssdeep 49152:UW29f8Xo7EJ61KUwo7j0SLbyXR4irupLQRPRevnEczSTD:UpFEJ+xwLRPwLMPR2E2e
Yara
  • PE_Header_Zero - PE File Signature
  • Admin_Tool_IN_Zero - Admin Tool Sysinternals
  • OS_Processor_Check_Zero - OS Processor Check
  • IsPE32 - (no description)
  • IsDLL - (no description)
  • UPX_Zero - UPX packed file
  • Malicious_Packer_Zero - Malicious Packer
VirusTotal Search for analysis
Name b65f40618f584303_system.exe
Submit file
Filepath C:\Windows\System.exe
Size 1.9MB
Processes 1108 (리스펙.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 ec801a7d4b72a288ec6c207bb9ff0131
SHA1 32eec2ae1f9e201516fa7fcdc16c4928f7997561
SHA256 b65f40618f584303ca0bcf9b5f88c233cc4237699c0c4bf40ba8facbe8195a46
CRC32 A1215DFD
ssdeep 49152:NNEVtO1U1y1DDDDDD7Llngq7NNMqU0p2Vhk9a:NNEVJyZlng4p2V
Yara
  • PE_Header_Zero - PE File Signature
  • Win32_Trojan_PWS_Net_1_Zero - Win32 Trojan PWS .NET Azorult
  • Generic_Malware_Zero - Generic Malware
  • IsPE32 - (no description)
  • Is_DotNET_EXE - (no description)
  • UPX_Zero - UPX packed file
  • Malicious_Packer_Zero - Malicious Packer
  • Win_Backdoor_AsyncRAT_Zero - Win Backdoor AsyncRAT
VirusTotal Search for analysis
Name 4bfac7ae071718bd_settings.xml
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\settings.xml
Size 3.8KB
Processes 1108 (리스펙.exe)
Type XML 1.0 document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators
MD5 6bcbd03742a0d22b0de8d9ccd3b30ca5
SHA1 969a09152d48458dcb51df831343b223bc42a0f5
SHA256 4bfac7ae071718bd9bfdac2e23ccc71435ea7793547bb510e6bc041575b5f6e7
CRC32 7AEA74FC
ssdeep 96:zMaOpCKapW/9FcKapW/9CKapW/9FdKapW/9LxQxJjz3u8zu2FzSS/ovc8MaOpZ:OXIcJjq8zhSNvcL
Yara None matched
VirusTotal Search for analysis