popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name faa806dcfd3a37ca_wsfmvg.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\IXP000.TMP\wsfmvg.exe
Size 128.0MB
Processes 2768 (clp_wsfmvg.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 e66672798cd429fe56a8af55bef945ad
SHA1 d428954720dbbd2700c5c6888baf781b5c7f057c
SHA256 94be4e35c231f294e2ab52c5ddb49b604e9f97bc859c139ce599619fa1edbfb5
CRC32 6B7D0C2A
ssdeep 49152:2BkObnSGUpiaKboxEy5QfK0cUSb5x8jHXulP:2BkObSGeiaIzyzPmj3QP
Yara
  • Admin_Tool_IN_Zero - Admin Tool Sysinternals
  • PE_Header_Zero - PE File Signature
  • Generic_Malware_Zero - Generic Malware
  • IsPE32 - (no description)
  • Is_DotNET_EXE - (no description)
  • Win_Backdoor_AsyncRAT_Zero - Win Backdoor AsyncRAT
VirusTotal Search for analysis