Dropped Files | ZeroBOX

Name	df567fbec321a382_windowsdefender.exe Submit file
Filepath	C:\Users\test22\AppData\Roaming\WindowsDefender\WindowsDefender.exe
Size	6.2MB
Processes	2216 (nok.exe)
Type	PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
MD5	`5930b25610cc3ebdc2543cf8a1bf1906`
SHA1	`80392a751e3b501019acd69d69e868db8ac93c15`
SHA256	`df567fbec321a3828643118c5b8f28e9ca7a70d416be9463d267389ec80595ca`
CRC32	`5E3468B5`
ssdeep	`98304:Djv+PGv4y17elko0DU9hsiEsn1cHmyY1/b4Kwz1ua/Ea4UFikLPr1:f+xy17elBcU9hf1ywJkKwrc+iG`
Yara	UPX_Zero - UPX packed file IsPE64 - (no description) PE_Header_Zero - PE File Signature Generic_Malware_Zero - Generic Malware Microsoft_Office_File_Zero - Microsoft Office File
VirusTotal	Search for analysis