popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name b70ee93e9f63d907_gfheqsv.exe
Submit file
Filepath C:\Users\Public\Libraries\Gfheqsv\Gfheqsv.exe
Size 774.0KB
Processes 1188 (RFQ-Order_Sheet#43254363-Sept-21_signed-copy.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 68038cd6686e726c8d5fcfdf5b62d37a
SHA1 3540f781ed5720b4d3a71f964e6e5142748fb182
SHA256 b70ee93e9f63d90785264d45dae48012a1d00b92f63c21ccae0f5d2003c00554
CRC32 67212C91
ssdeep 6144:5CZ5dEs7ZrwziKYDZ2/avaYvqfbUacyHeP/hz0Xkb5fjUOCMXjqfZPFVb/4rr7ZG:QZ5l7ZrwzLCMHHi5rUlI64rimoAryZV
Yara
  • PE_Header_Zero - PE File Signature
  • Malicious_Library_Zero - Malicious_Library
  • IsPE32 - (no description)
VirusTotal Search for analysis
Name 27851e12661a9f41_vsqehfg.url
Submit file
Filepath C:\Users\Public\Libraries\vsqehfG.url
Size 96.0B
Processes 1188 (RFQ-Order_Sheet#43254363-Sept-21_signed-copy.exe)
Type MS Windows 95 Internet shortcut text (URL=<file:"C:\\Users\\Public\\Libraries\\Gfheqsv\\Gfheqsv.exe">), ASCII text, with CRLF line terminators
MD5 de13576e43d9c0885012b44ab9b443d2
SHA1 916815f7f3640835bd15dbe3d6e5e05477c21580
SHA256 27851e12661a9f41947307f53daa2177bb706a114a6f2cce89af985999fd9a44
CRC32 541716CF
ssdeep 3:HRAbABGQYmTWAX+rSF55i0XMiWsxWYiysGKd7ovn:HRYFVmTWDyziVMsb7yn
Yara None matched
VirusTotal Search for analysis