popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 0afe69a59d759dcb_syswow64.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\SysWOW64 ver8.82\SysWOW64.exe
Size 128.0MB
Processes 1684 (Stub1.exe)
Type PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
MD5 1f248ca70431b1f6f15edf7f4cee6e73
SHA1 8905bde7467bb387482b5901b5cad563af082504
SHA256 8682f55d020f77df52f96d615af8f304d9bae3cd5bc78b2f069f55594d08d422
CRC32 CAC8350E
ssdeep 3145728:oE0IPpWVyWG3g+0IPy0R8AToEbZ0n6/gm7PLmk0QtqDUQ4ObG9wJ:70IRWVKg+00rTFbe6fPLmwtqUOr
Yara
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature
  • Generic_Malware_Zero - Generic Malware
  • OS_Processor_Check_Zero - OS Processor Check
  • anti_vm_detect - Possibly employs anti-virtualization techniques
  • Is_DotNET_EXE - (no description)
  • Win_Backdoor_AsyncRAT_Zero - Win Backdoor AsyncRAT
  • Win32_Trojan_PWS_Net_1_Zero - Win32 Trojan PWS .NET Azorult
VirusTotal Search for analysis
Name 85e82b9e9200e798_agiledotnetrt64.dll
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\788086f6-8ca0-4e47-8d8a-507c7b3c79ad\AgileDotNetRT64.dll
Size 141.8KB
Processes 1684 (Stub1.exe)
Type PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5 e8641f344213ca05d8b5264b5f4e2dee
SHA1 96729e31f9b805800b2248fd22a4b53e226c8309
SHA256 85e82b9e9200e798e8f434459eacee03ed9818cc6c9a513fe083e72d48884e24
CRC32 B3B84F8F
ssdeep 3072:2vHGxvpTI1xUSnsEYVA+9yaJAUiXbNxqAmi3zGDm/8S:mmwWmrtPTj9jGq/8S
Yara
  • Malicious_Packer_Zero - Malicious Packer
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature
  • Win32_Trojan_Gen_2_0904B0_Zero - Win32 Trojan Gen
  • IsDLL - (no description)
  • Malicious_Library_Zero - Malicious_Library
VirusTotal Search for analysis
Name e81831c05123a7dd_fa2c2c07f4d56a862adf
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\FA2C2C07F4D56A862ADF
Size 192.0B
Processes 1684 (Stub1.exe)
Type ASCII text, with CRLF line terminators
MD5 6c967b17f589131664286472c78b0eac
SHA1 7886dbe7a08e5e8d63e7c5349542869e05306304
SHA256 e81831c05123a7dd2624763b722c39f98caa4d40bb69ffce9f93cf3a15ecfb4b
CRC32 2B3E218F
ssdeep 3:XttktgkC6wwRRpo2tcysm3uTkoreOx+RrttktgkC6wwRRpo2tNd3/RVZBXWj+y:dhwrpoEduIor/xSthwrpoENXVbmL
Yara None matched
VirusTotal Search for analysis