popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 66109a8b85766255_svchost.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\svchost.exe
Size 42.0KB
Processes 1680 (svchost.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 04c9852d75f4ed4e56393bf22360615c
SHA1 f0afc40e9a4ea3820c9d49f2edbbc682a9501820
SHA256 66109a8b85766255fa950425c7962781b61c934f6926ecdb9158d50ffb533147
CRC32 A054322A
ssdeep 768:gs9JP27hBL38zPERI6zH4VQBrEsgegdAohLOcqCEP:gs992VBL2ZVmgR11ORCEP
Yara
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
  • Is_DotNET_EXE - (no description)
  • Win_Backdoor_AsyncRAT_Zero - Win Backdoor AsyncRAT
  • IsPE32 - (no description)
  • PE_Header_Zero - PE File Signature
VirusTotal Search for analysis