popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 58149a24884e425f_bogftd.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\bogftd.exe
Size 720.0KB
Processes 2548 (clip.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 8e0858c676bfce53f2a0473fb3c353be
SHA1 4387d6cfc47aa32c56ad2181db8d422cd5a80ed5
SHA256 58149a24884e425f40c7f2dfd541e5380573e4dccf270564b4ae71df235bbc87
CRC32 BE0D79B6
ssdeep 12288:i9IbS3UFckbtZn/pW8NgROoKiKj1vqeXuL9f0sEGUD/hTkCl58+f2:NSkFckbtlpWHwokjEeexYlD/hYClrf
Yara
  • Malicious_Packer_Zero - Malicious Packer
  • Generic_Malware_Zero - Generic Malware
  • Is_DotNET_EXE - (no description)
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • Win_Backdoor_AsyncRAT_Zero - Win Backdoor AsyncRAT
  • Win32_Trojan_PWS_Net_1_Zero - Win32 Trojan PWS .NET Azorult
VirusTotal Search for analysis
Name bda38b99f5218c52_tmpF99B.tmp
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\tmpF99B.tmp
Size 1.6KB
Processes 2548 (clip.exe)
Type XML 1.0 document, ASCII text, with CRLF line terminators
MD5 ea381e815ded8c8c5b0018f8bede34dd
SHA1 989f7e6b21e8ef143bd938018d07b9ebb0759cf0
SHA256 bda38b99f5218c529a96320d7413139d79a72892caf4d599f2402dbd63dc2290
CRC32 1D40C355
ssdeep 24:2dH4+SEqCH/7IlNMFQ/rlMhEMjnGpwjpIgUYODOLD9RJh7h8gKBGtn:cbhf7IlNQQ/rydbz9I3YODOLNdq3a
Yara None matched
VirusTotal Search for analysis