popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 2294b4b34c025aa2_sihost64.log
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Libs\sihost64.log
Size 2.0MB
Processes 2020 (svchost.exe)
Type data
MD5 793f1ad5ea1a40f9cccd8c9b9db81a5f
SHA1 0a607c1367397b8eef4b37f93f5770e90ae42271
SHA256 2294b4b34c025aa294685f8b37732bc97466a6d15054f4b3b2b4fcc74af36d64
CRC32 2AD42C7A
ssdeep 49152:hbEIQFmHLYjTDTNHJIg04v4blV2x4/ILBrW:Bd7LkD5HJ10S4bl/OW
Yara None matched
VirusTotal Search for analysis
Name 137adb47aba43599_sihost64.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Libs\sihost64.exe
Size 7.5KB
Processes 2020 (svchost.exe)
Type PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
MD5 2ec1aed777246cce96c6b332e1944b25
SHA1 85f712a1dcd83238b46c76676e8cdd1238601ee2
SHA256 137adb47aba435999b6c31b404c00b5dc153a2e5d700ec0152c72b3189121332
CRC32 2FD9E8C3
ssdeep 96:/PPib63oOgPJUpQs7H7gNEy848zaf7i3QJOiRFv3/oTIoD51WwOgzNt:/mhUKQbgNEyd8zaf7qQZ/vq71Wu
Yara
  • PE_Header_Zero - PE File Signature
  • IsPE64 - (no description)
  • Generic_Malware_Zero - Generic Malware
  • Win_Backdoor_AsyncRAT_Zero - Win Backdoor AsyncRAT
VirusTotal Search for analysis
Name 11bd2c9f9e2397c9_wr64.sys
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Libs\WR64.sys
Size 14.2KB
Processes 2020 (svchost.exe)
Type PE32+ executable (native) x86-64, for MS Windows
MD5 0c0195c48b6b8582fa6f6373032118da
SHA1 d25340ae8e92a6d29f599fef426a2bc1b5217299
SHA256 11bd2c9f9e2397c9a16e0990e4ed2cf0679498fe0fd418a3dfdac60b5c160ee5
CRC32 6B0323EB
ssdeep 192:nqjKhp+GQvzj3i+5T9oGYJh1wAoxhSF6OOoe068jSJUbueq1H2PIP0:qjKL+v/y+5TWGYOf2OJ06dUb+pQ
Yara
  • PE_Header_Zero - PE File Signature
  • IsPE64 - (no description)
VirusTotal Search for analysis