popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name c0f642742fbd5879_gug.dll
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\is-0CBR1.tmp\gug.dll
Size 299.0KB
Processes 2104 (unknown.tmp)
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 856f0154092d6937bd522493568faa5c
SHA1 a76abe24a50080b087809c1fec75cfd390016637
SHA256 c0f642742fbd5879510fe4060435b20ae9f7661d60958e78b24d6b1102778311
CRC32 361FFFF4
ssdeep 3072:nz6CbzvTDZ24d1Dl9RZePbMZcHhFszIrExPTaXB7aNiQLGXW/JFtPIlGpaAXnDm4:mCbzhd1p9RZeecHhaUSPuwhftIaL
Yara
  • IsPE32 - (no description)
  • OS_Processor_Check_Zero - OS Processor Check
  • Malicious_Library_Zero - Malicious_Library
  • UPX_Zero - UPX packed file
  • IsDLL - (no description)
  • PE_Header_Zero - PE File Signature
VirusTotal Search for analysis
Name acbde0a66386880f_unknown.tmp
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\is-70VVC.tmp\unknown.tmp
Size 3.0MB
Processes 1072 (unknown.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 23251f1236b59ed49e1ee5ad7a8e3a0a
SHA1 89e4cd02c5fd8b349561f6200c53f6d3149fa64c
SHA256 acbde0a66386880f164999bb39c4bebdf92eefa8aba76e7f997e668e861b831c
CRC32 2CE5571B
ssdeep 49152:6dx4HDQNJL0VR6SgMt+k4RiP+RmXMjiINiMq95FoHVHNTQTEjT333TY:LHDYsqiPRhINnq95FoHVBT333T
Yara
  • Generic_Malware_Zero - Generic Malware
  • IsPE32 - (no description)
  • OS_Processor_Check_Zero - OS Processor Check
  • Malicious_Library_Zero - Malicious_Library
  • UPX_Zero - UPX packed file
  • PE_Header_Zero - PE File Signature
VirusTotal Search for analysis
Name 388a796580234efc__setup64.tmp
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\is-0CBR1.tmp\_isetup\_setup64.tmp
Size 6.0KB
Processes 2104 (unknown.tmp)
Type PE32+ executable (console) x86-64, for MS Windows
MD5 e4211d6d009757c078a9fac7ff4f03d4
SHA1 019cd56ba687d39d12d4b13991c9a42ea6ba03da
SHA256 388a796580234efc95f3b1c70ad4cb44bfddc7ba0f9203bf4902b9929b136f95
CRC32 2CDCC338
ssdeep 96:sfkcXegaJ/ZAYNzcld1xaX12p+gt1sONA0:sfJEVYlvxaX12C6A0
Yara
  • UPX_Zero - UPX packed file
  • PE_Header_Zero - PE File Signature
  • IsPE64 - (no description)
VirusTotal Search for analysis