popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name b2c16f6b4dac8550_sihost32.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Telemetry\sihost32.exe
Size 8.0KB
Processes 2724 (services32.exe)
Type PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
MD5 9fbdc08c2a497ae5d90e026f1f74e513
SHA1 15cf2d691c640058349a1112acab2c259b74ca35
SHA256 b2c16f6b4dac85500b2da251ee61102b705989d4f4b815927b9926b264cf82b4
CRC32 25708070
ssdeep 96:QMnMBKzdhnBWkGOwbjXO792+jeXTDONDIAboF8Y3N8TIoDLupWPWwOgzNt:bnBdSj492+jejDQsAbo8Y3NG0pWWu
Yara
  • IsPE64 - (no description)
  • Generic_Malware_Zero - Generic Malware
  • PE_Header_Zero - PE File Signature
  • Win_Backdoor_AsyncRAT_Zero - Win Backdoor AsyncRAT
VirusTotal Search for analysis
Name e11418c54706ac70_sihost32.log
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Telemetry\sihost32.log
Size 1.9MB
Processes 2724 (services32.exe)
Type data
MD5 0243888f067147967eab1b1e8cef9e2b
SHA1 c44c1c58393da48d82b9c8f7a8749350905394ea
SHA256 e11418c54706ac70b6acdb7dd8cbd07b1d7033545f46066b780956370f699a1a
CRC32 E0F97DDF
ssdeep 49152:9xJhx5nhajyIneNjV4qrrP0DadcWR4sISS5fYLf5sP4C/uakg:3JhDn8jy/74quWcrJSYY5i4CmZg
Yara None matched
VirusTotal Search for analysis