popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 124c17b099d8c09d_taskshostw.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\taskshostw.exe
Size 245.5KB
Processes 2584 (taskshostw.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 e538f67d529d672c55304f3c9ad05392
SHA1 f7ff40a1901d51dd6222b420bbece575b46b2cd2
SHA256 124c17b099d8c09db4bd82b5ef3d41cea61727a480abfd56a943208d858ea8cf
CRC32 06A2DA9E
ssdeep 3072:eTIu4ZQ8M2A1vA7m5+C6ZoEHBAnpK37nXz8o1008Q75wPsoB74tyJhvSK/KkMc/X:LHA1vweOR8CTwPnLKkM/u
Yara
  • Is_DotNET_EXE - (no description)
  • Win_Backdoor_AsyncRAT_Zero - Win Backdoor AsyncRAT
  • IsPE32 - (no description)
  • PE_Header_Zero - PE File Signature
  • Antivirus - Contains references to security software
  • NorthKorea_Zero - Maybe it's North Korea File
VirusTotal Search for analysis