popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 8496956ae3178b5c_visual-c++.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\visual-c++.exe
Size 172.9KB
Processes 516 (payload.exe)
Type PE32+ executable (GUI) x86-64, for MS Windows
MD5 0919efe4f7d63d868ab7d04b695c9084
SHA1 2f84840ddfc50be63b1c2548c9d062b2034e197a
SHA256 8496956ae3178b5c7f840618736786d6e0ec862dfe26d9f4e4b969f5e2e7e916
CRC32 CED2464C
ssdeep 3072:Drlo9Zo9xEs65oSmXKHCXguhl5FN9u0KPLAoTptF2j44I5rjSL:l3QZGcCXgennu0KjpeWrjQ
Yara
  • UPX_Zero - UPX packed file
  • Malicious_Library_Zero - Malicious_Library
  • OS_Processor_Check_Zero - OS Processor Check
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature
VirusTotal Search for analysis
Name fe0c2c6438a5ed2d_runtime-bind.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\runtime-bind.exe
Size 3.6MB
Processes 516 (payload.exe)
Type PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
MD5 679f7bb9c60003a65a6a98d474f3fb0e
SHA1 9f1030b22b9873e888478f0362d4406c346ce61a
SHA256 fe0c2c6438a5ed2dd338a52678b1d5be0a63de608bd360437129976ae19ee1c1
CRC32 FBCE36D1
ssdeep 98304:4emYRF9KAR+oj+kQf4KnqI8VV4xqxVT9111UoQDKBfcxTgb8pg:pCARpj+11MqedFMDTAx
Yara
  • Malicious_Library_Zero - Malicious_Library
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature
VirusTotal Search for analysis