popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 015d60486e75035f_clip64.dll
Submit file
Filepath C:\Users\test22\AppData\Roaming\006700e5a2ab05\clip64.dll
Size 89.0KB
Processes 2828 (metado.exe)
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 547bae937be965d63f61d89e8eafb4a1
SHA1 85466c95625bcbb7f68aa89a367149d35f80e1fa
SHA256 015d60486e75035f83ea454e87afb38d11ec39643c33b07f61a40343078ee4f5
CRC32 DE80468A
ssdeep 1536:Xo4NPCKLbqoYkbpplW9YoUsxXzbcouNhj2ZszsWuKcdJUynTaB89p:XoUCWbBNpplToUs1uNhj25LJUUaB89p
Yara
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
  • Malicious_Library_Zero - Malicious_Library
  • IsDLL - (no description)
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • Admin_Tool_IN_Zero - Admin Tool Sysinternals
VirusTotal Search for analysis
Name 340c8464c2007ce3_cred64.dll
Submit file
Filepath C:\Users\test22\AppData\Roaming\006700e5a2ab05\cred64.dll
Size 162.0B
Processes 2828 (metado.exe)
Type HTML document, ASCII text, with CRLF line terminators
MD5 1b7c22a214949975556626d7217e9a39
SHA1 d01c97e2944166ed23e47e4a62ff471ab8fa031f
SHA256 340c8464c2007ce3f80682e15dfafa4180b641d53c14201b929906b7b0284d87
CRC32 CC58D737
ssdeep 3:qVoB3tURObOb0qHXboAcMBXqWrKb0GklIVLLPROZ/eIwcWWGu:q43tIkObRHXiMIWObtklI5LPROeIpfGu
Yara None matched
VirusTotal Search for analysis
Name f1789e65408fb8ad_metado.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\a9e2a16078\metado.exe
Size 210.4KB
Processes 2712 (h7004067.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 e87123f505ed53c13e961b5aeb23a50c
SHA1 be4cf6cd10cb652fbfbb73bbc5364d9c25118a15
SHA256 f1789e65408fb8adb5d4a9b0da511987f160b937a1649ec3b06bd11ec416ddd1
CRC32 F33223CA
ssdeep 3072:meTRJ0kHbnpN23kQKp5XzutZXKGrpeN84LuZAIybiy3xEfbi:FTR2AnpN2wDurXBeBuZAIMEj
Yara
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • Malicious_Packer_Zero - Malicious Packer
VirusTotal Search for analysis