popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 41338d57548c9cdf_svchost64.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\svchost64.exe
Size 2.0MB
Processes 1764 (969020.exe) 2744 (cmd.exe)
Type PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
MD5 0378d005dc0ea00351040b6f27b9a7c2
SHA1 b6db95d4f3b3b755ef25e6ff8c755c857e081d2b
SHA256 41338d57548c9cdf622a882a3cb64fa5a5fe0b62f9356e4dae100e4d11721979
CRC32 BCEBF900
ssdeep 49152:i5C7wae0cbMVQQ6UKvOj+tG0kP3O84eqVuD62i+Yr+7Zaj:i5Pae0AMVQ6KvhJMOjuD6Vr+7q
Yara
  • PE_Header_Zero - PE File Signature
  • IsPE64 - (no description)
  • Generic_Malware_Zero - Generic Malware
  • Malicious_Packer_Zero - Malicious Packer
  • Win_Backdoor_AsyncRAT_Zero - Win Backdoor AsyncRAT
VirusTotal Search for analysis
Name 9d3d13c55b2614c0_590aee7bdd69b59b.customDestinations-ms~RFd2a76d.TMP
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-ms~RFd2a76d.TMP
Size 7.8KB
Processes 1744 (powershell.exe) 2392 (powershell.exe)
Type data
MD5 3eb6fb80f9dbbc1201de9e762252141b
SHA1 c6d1e6ea5f2fef6f4458695b8ed7586aed429f1c
SHA256 9d3d13c55b2614c0615acea119139123b2a29f2a0daded7edd5146e4614a78e6
CRC32 23B7285A
ssdeep 96:YtuCaGCPDXBqvsqvJCwo9tuCaGCPDXBqvsEHyqvJCwor/tDHXyWlUVul:YtzXo9tzbHnorlTyo
Yara
  • Antivirus - Contains references to security software
  • Generic_Malware_Zero - Generic Malware
VirusTotal Search for analysis
Name 2650439a8681d31a_590aee7bdd69b59b.customDestinations-ms~RFd32383.TMP
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-ms~RFd32383.TMP
Size 7.8KB
Processes 2320 (powershell.exe) 808 (powershell.exe)
Type data
MD5 96ddc4206934fec29311c7812713d4aa
SHA1 9fa39a4bc6c0a72db99302fdc1f8e993bbe7d0e7
SHA256 2650439a8681d31aa853e7ac6d512c8024aec9ed6e36ff631e640ce52f9a492c
CRC32 CBFEC637
ssdeep 96:YtuCaGCPDXBqvsqvJCwo9tuCaGCPDXBqvsEHyqvJCworLtDHXyWlUVul:YtzXo9tzbHnorRTyo
Yara
  • Antivirus - Contains references to security software
  • Generic_Malware_Zero - Generic Malware
VirusTotal Search for analysis