popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name f4fc6ec1991b08d5_windows update.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\Windows Update.exe
Size 599.0KB
Processes 2784 (v8hBqWuKscbjZRqNatPw.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 c90ca07c3efed56ae7d986da2b486a51
SHA1 838c246e30d173f1ca5678721a3e01137a704870
SHA256 f4fc6ec1991b08d57d1a88e96aac6e0860c479aad42de3eb3d0f645755ceac62
CRC32 A8482E01
ssdeep 6144:eYEBIy4mGmhCB+I6obLsP2nOxOOfUS1CekWBcj5ndX:eYo/cB6obLsP2nOxOOfUS1Cb
Yara
  • PE_Header_Zero - PE File Signature
  • Generic_Malware_Zero - Generic Malware
  • IsPE32 - (no description)
  • Is_DotNET_EXE - (no description)
  • UPX_Zero - UPX packed file
VirusTotal Search for analysis
Name 5caac962de01bd76_security.config.cch
Submit file
Filepath c:\windows\microsoft.net\framework64\v2.0.50727\config\security.config.cch
Size 430.0B
Processes 3004 (Windows Update.exe)
Type data
MD5 768dfc1e8e7cb5c166092cea17d3de30
SHA1 6019ee4b0ec74bcfa3004dc32cc94fc3f8c24220
SHA256 5caac962de01bd762743916f4efd66c45650e683c98f5298edbc4ac80ca0e670
CRC32 5C55B900
ssdeep 12:s6WfKKtHaK+wTUBmQHJkcL5nQa1Q2cL5BKh:0plh+cUfGcLWb2cLb
Yara None matched
VirusTotal Search for analysis
Name 8a0d5d6c5ab131ba_windows update.exe.config
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\Windows Update.exe.config
Size 1.8KB
Processes 2784 (v8hBqWuKscbjZRqNatPw.exe)
Type XML 1.0 document, ASCII text, with CRLF line terminators
MD5 a2ebf843442988ee2d667e9c7fc28ce1
SHA1 7f24c475bb217c448090dce593abee8957b7b1d4
SHA256 8a0d5d6c5ab131bab9c8a29a7bcc81d6470ec515f2e4bca977a4fe62fd156acc
CRC32 F40991DE
ssdeep 24:2dZmhW3aXfygeOygjOgC5XgtXdXkBHnUdQzFDWby2GpyI:cccAfyge7gjOgCNgBRkBHUdQzqQ
Yara None matched
VirusTotal Search for analysis