popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 0fe775da1670feea_windowsnt.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Windows NT ver1.60\WindowsNT.exe
Size 128.0MB
Processes 2456 (Stub.exe)
Type PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
MD5 a5a06e2089281a6330775c4605ac0baa
SHA1 72bae0e819482460a08d092d2cbb5910622b1597
SHA256 fd88d8792faac343644ef1034e4cd1664914da044e85489f7cbb959eb07cf2ac
CRC32 49FA8A52
ssdeep 3145728:vWNhwwB8NhJDuDt1Hxjkz2emYzDBwRkzMDFr+o6y:vGw5cT+zlvP8
Yara
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature
  • Generic_Malware_Zero - Generic Malware
  • OS_Processor_Check_Zero - OS Processor Check
  • Is_DotNET_EXE - (no description)
  • Win_Backdoor_AsyncRAT_Zero - Win Backdoor AsyncRAT
  • Win32_Trojan_PWS_Net_1_Zero - Win32 Trojan PWS .NET Azorult
  • NPKI_Zero - File included NPKI
VirusTotal Search for analysis
Name 9bab8cbcf5428643_fa2c2c07f4d56a862adf
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\FA2C2C07F4D56A862ADF
Size 192.0B
Processes 2456 (Stub.exe)
Type ASCII text, with CRLF line terminators
MD5 4824dcda2201b6e0a374eca6516a953b
SHA1 0f7d22ee182b4e2db97f4163fcdd331129c1a139
SHA256 9bab8cbcf5428643ac38634b94d83fa5fb34316e407f07598dd4b824de2e3131
CRC32 326C9780
ssdeep 3:XttktgkC6wwRRpo2tNd3CXymW6Pdk6yHF1RrttktgkC6wwRRpo2tNd3/RVRl3Ry:dhwrpoENoCydk6K5thwrpoENXVDQ
Yara None matched
VirusTotal Search for analysis
Name 85e82b9e9200e798_agiledotnetrt64.dll
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\f0ec8eee-ade2-43df-bb11-fc753ea1d2c1\AgileDotNetRT64.dll
Size 141.8KB
Processes 2456 (Stub.exe)
Type PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5 e8641f344213ca05d8b5264b5f4e2dee
SHA1 96729e31f9b805800b2248fd22a4b53e226c8309
SHA256 85e82b9e9200e798e8f434459eacee03ed9818cc6c9a513fe083e72d48884e24
CRC32 B3B84F8F
ssdeep 3072:2vHGxvpTI1xUSnsEYVA+9yaJAUiXbNxqAmi3zGDm/8S:mmwWmrtPTj9jGq/8S
Yara
  • Malicious_Packer_Zero - Malicious Packer
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature
  • Win32_Trojan_Gen_2_0904B0_Zero - Win32 Trojan Gen
  • IsDLL - (no description)
  • Malicious_Library_Zero - Malicious_Library
VirusTotal Search for analysis