popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name be95bccc949fa88b_win.exe
Submit file
Filepath C:\Program Files\Windows NT\win.exe
Size 32.0KB
Processes 2576 (NODD.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 0d34a5f97ae366a48c3c47017004d1bc
SHA1 fc5be63cbc1af64ef23f853eb9598361bf025aba
SHA256 be95bccc949fa88be42961ff957d0012faea53f51b71bf75d88044945b78b932
CRC32 90F174B7
ssdeep 384:uTkWKqDfSFnhadpwhmC+GIYVgg1l+JHnjbIla6U4t9yN1x4dT:uNjLOnhaQhKBgiJHIl04KzGdT
Yara
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
  • Malicious_Packer_Zero - Malicious Packer
  • IsPE32 - (no description)
  • PE_Header_Zero - PE File Signature
  • Antivirus - Contains references to security software
  • Malicious_Library_Zero - Malicious_Library
VirusTotal Search for analysis
Name 68f138cb55fdaef6_TemporaryFile
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\19262218\TemporaryFile\TemporaryFile
Size 27.7KB
Type PE32+ executable (native) x86-64, for MS Windows
MD5 3357c324de7bf59e305fa9032ba590d9
SHA1 9653e8156ea34cc2917ad7d988ec8bb00d3d53ac
SHA256 68f138cb55fdaef61b6897af7a9643ec98ab27a3b32679472256e5c14747e8e6
CRC32 D4B49183
ssdeep 384:+NDGQbeOX82FclB5N2rGgvdcpeOX8j6RB5N20P:+N7KOs2uBj6vdrOsj6RBjz
Yara
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature
VirusTotal Search for analysis