popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 0e6ba4803caf67c7_tcpapi.dll
Submit file
Filepath C:\Windows\SysWOW64\tcpapi.dll
Size 168.0KB
Processes 2080 (loader.exe)
Type PE32 executable (DLL) (console) Intel 80386, for MS Windows
MD5 695648548e4c342951ca6c13c56d43f2
SHA1 59c42af68d6b9d1f030a08e1ed87a82d9d3ea1bb
SHA256 0e6ba4803caf67c79184e1c437832613adec088bd3315837fed3550ebfea3226
CRC32 D6EC9482
ssdeep 3072:6Emsfh4oe5NcjpWrfVuepRo6m0TEt5KRBoOzUxjHJitQ63PagveBBn86L:NdhtONcjpWrfVuepRzTEt5KYOzUxfgPA
Yara
  • IsPE32 - (no description)
  • OS_Processor_Check_Zero - OS Processor Check
  • IsDLL - (no description)
  • UPX_Zero - UPX packed file
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
VirusTotal Search for analysis
Name 2d6bdfb341be3a62_HOSTS
Submit file
Filepath C:\Windows\System32\drivers\etc\HOSTS
Size 824.0B
Type ASCII text, with CRLF line terminators
MD5 3688374325b992def12793500307566d
SHA1 4bed0823746a2a8577ab08ac8711b79770e48274
SHA256 2d6bdfb341be3a6234b24742377f93aa7c7cfb0d9fd64efa9282c87852e57085
CRC32 259FD3A9
ssdeep 24:QWDZh+ragzMZfuMMs1L/JU5fFCkK8T1rTt8:vDZhyoZWM9rU5fFcp
Yara None matched
VirusTotal Search for analysis