popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name c33e1bafafd441b4_vorbisfile.dll
Submit file
Filepath C:\Program Files (x86)\GOS Helper\SyncWithGame\vorbisFile.dll
Size 52.5KB
Processes 2024 (install_cleo_files.exe)
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 90223f6248b55e0813687fe1b7277dd7
SHA1 83b8acac449bbbfbe3b9627bb2bdccea6e8a1f60
SHA256 c33e1bafafd441b42eaa6d322393b9dd700f8a9c13fb2e7780daf49707a46353
CRC32 71A12D2D
ssdeep 768:tUZW9sK6cH+lWnWthft2Wm1+PuqTzqx5Ygy/8LGKHsUED3nyALUgTJ:tQTfAWmEuqyxOgy/8ad2
Yara
  • PE_Header_Zero - PE File Signature
  • OS_Processor_Check_Zero - OS Processor Check
  • IsDLL - (no description)
  • Malicious_Library_Zero - Malicious_Library
  • IsPE32 - (no description)
VirusTotal Search for analysis
Name cd8a78699852953b_inifiles.cleo
Submit file
Filepath C:\Program Files (x86)\GOS Helper\SyncWithGame\cleo\IniFiles.cleo
Size 80.0KB
Processes 2024 (install_cleo_files.exe)
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 a7fc5491f5436a81b04d6fe55ad7e07d
SHA1 0a091282f7227701042a01891157d32dedcfa9b6
SHA256 cd8a78699852953bacb1af21f38e0140652c4e7c7661773e672c06ccd8cb41c9
CRC32 23C49EA2
ssdeep 1536:sKFmrsz86/pLLfeNlgTdfLcl3cUsWjcdMnG07:zmIvGX0dfwcbk5
Yara
  • PE_Header_Zero - PE File Signature
  • OS_Processor_Check_Zero - OS Processor Check
  • IsDLL - (no description)
  • Malicious_Library_Zero - Malicious_Library
  • IsPE32 - (no description)
VirusTotal Search for analysis
Name b228adbf1d83b515_cleo.asi
Submit file
Filepath C:\Program Files (x86)\GOS Helper\SyncWithGame\CLEO.asi
Size 258.5KB
Processes 2024 (install_cleo_files.exe)
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 380ba63a1cb18d09335782d3f0a3a682
SHA1 f5e7799694d9aa45c86440749e265eaf56d68865
SHA256 b228adbf1d83b5151b62ef66e02010fc4f74ee0a86bf9ab20a1bba4ca13bde3b
CRC32 41EAD3BA
ssdeep 3072:/RZpDrQH6R2u/YA1DEodDsGqtejMmzkUHKDbd85F198BAg0FuMUFC28SjzM:/RZNrJQwAoZ7jMok/i5FjmAOMC8u
Yara
  • PE_Header_Zero - PE File Signature
  • OS_Processor_Check_Zero - OS Processor Check
  • IsDLL - (no description)
  • Malicious_Library_Zero - Malicious_Library
  • IsPE32 - (no description)
VirusTotal Search for analysis
Name 29a802d73aba522f_filesystemoperations.cleo
Submit file
Filepath C:\Program Files (x86)\GOS Helper\SyncWithGame\cleo\FileSystemOperations.cleo
Size 63.5KB
Processes 2024 (install_cleo_files.exe)
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 ec7fc1b2d143ce3de49ee800aeb9d2d5
SHA1 3f034cc745abd3e19c176df02150b346ece44d17
SHA256 29a802d73aba522f63c036d13d5c872edb6c445a1b6d6e7fa957b37ce8f5edbc
CRC32 8193B56A
ssdeep 768:HB9foSVzOLFqVZnuPM6S/ijHavvgZRbWEvZFLcFWGNKbq62HsWjcdOv1RriHi5:H0gTd6havcWebLcF24sWjcdRHo
Yara
  • PE_Header_Zero - PE File Signature
  • OS_Processor_Check_Zero - OS Processor Check
  • IsDLL - (no description)
  • Malicious_Library_Zero - Malicious_Library
  • IsPE32 - (no description)
VirusTotal Search for analysis
Name e3b0c44298fc1c14___tmp_rar_sfx_access_check_7756093
Empty file or file not found
Filepath C:\Program Files (x86)\GOS Helper\SyncWithGame\__tmp_rar_sfx_access_check_7756093
Size 0.0B
Type empty
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
CRC32 00000000
ssdeep 3::
Yara None matched
VirusTotal Search for analysis
Name a08923479000cec3_vorbishooked.dll
Submit file
Filepath C:\Program Files (x86)\GOS Helper\SyncWithGame\vorbisHooked.dll
Size 64.0KB
Processes 2024 (install_cleo_files.exe)
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 2b7b803311d2b228f065c45d13e1aeb2
SHA1 905d33aa70ad00d513c701cce22ad6fdb9d7d463
SHA256 a08923479000cec366967fb8259e0920b7aa18859722c7dda1415726bed4774f
CRC32 45AF5127
ssdeep 768:RG9mqQnM6D5cmIc33qTRP8XV/+EVFnnU/iB9Zfe4MtoZAo4CsRTJ0v:Rum/Xd7qTRkX0E7J1CtoK
Yara
  • PE_Header_Zero - PE File Signature
  • OS_Processor_Check_Zero - OS Processor Check
  • IsDLL - (no description)
  • Malicious_Library_Zero - Malicious_Library
  • IsPE32 - (no description)
VirusTotal Search for analysis
Name 651a2bcac36f8098_intoperations.cleo
Submit file
Filepath C:\Program Files (x86)\GOS Helper\SyncWithGame\cleo\IntOperations.cleo
Size 57.0KB
Processes 2024 (install_cleo_files.exe)
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 03910b057c88c30a8609e74a5a908976
SHA1 883647fcebab3477295045dcab1bb90da6cec922
SHA256 651a2bcac36f8098453555773fe6c69b47b639b9ce34164caa10cc2abc134a4a
CRC32 8831BC34
ssdeep 768:B+CQ6K66l7yvaDuCJfimK/CjSdcdWQNKRSTsVbsWjcdtfA0rmajGDHO:wCF6FDu6fPucduSTEbsWjcdtKajGbO
Yara
  • PE_Header_Zero - PE File Signature
  • OS_Processor_Check_Zero - OS Processor Check
  • IsDLL - (no description)
  • Malicious_Library_Zero - Malicious_Library
  • IsPE32 - (no description)
VirusTotal Search for analysis
Name a3b00967d5c4ef1a_bass.dll
Submit file
Filepath C:\Program Files (x86)\GOS Helper\SyncWithGame\bass.dll
Size 105.1KB
Processes 2024 (install_cleo_files.exe)
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 9586e7be6ae8016932038932d1417241
SHA1 1581bd3d522c083e721f3c190e56b95a935580e0
SHA256 a3b00967d5c4ef1a2b4980183934d46ef36cee4b3dc1b2a6da1f820d63448390
CRC32 48271458
ssdeep 3072:tyYiAB2IFLa2e/GFMx8lU5gKDkjm76wdX:tjBNN+G6TKKAqnd
Yara
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
  • IsPE32 - (no description)
VirusTotal Search for analysis
Name 4996e00167f7ab9e_global.ini
Submit file
Filepath C:\Program Files (x86)\GOS Helper\SyncWithGame\scripts\global.ini
Size 154.0B
Processes 2024 (install_cleo_files.exe)
Type ASCII text, with CRLF line terminators
MD5 e173796b3089c48b4b61d61e15232848
SHA1 e72dff9c74baf115e522cc148ddd17335ffc263f
SHA256 4996e00167f7ab9e42504cebc17e636c576c277a2b67b5a6f6e742335f132735
CRC32 34C7A501
ssdeep 3:JJwlSn4FV2DFca2SEWCKUEoMLAYWDZHRGLsGcVRvtHMKCLEI+gROyppMPLW5:HwlShzdCt4WDZ0LsVvtHMKCw3gRPpt
Yara None matched
VirusTotal Search for analysis