popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 340c8464c2007ce3_cred64.dll
Submit file
Filepath C:\Users\test22\AppData\Roaming\006700e5a2ab05\cred64.dll
Size 162.0B
Processes 2668 (lamod.exe)
Type HTML document, ASCII text, with CRLF line terminators
MD5 1b7c22a214949975556626d7217e9a39
SHA1 d01c97e2944166ed23e47e4a62ff471ab8fa031f
SHA256 340c8464c2007ce3f80682e15dfafa4180b641d53c14201b929906b7b0284d87
CRC32 CC58D737
ssdeep 3:qVoB3tURObOb0qHXboAcMBXqWrKb0GklIVLLPROZ/eIwcWWGu:q43tIkObRHXiMIWObtklI5LPROeIpfGu
Yara None matched
VirusTotal Search for analysis
Name 37866bce927c1c7a_lamod.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\a9e2a16078\lamod.exe
Size 206.9KB
Processes 2548 (sonne.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 f4af549b7d5af2412c9b092cbe5610d1
SHA1 95eb3e49b5020f2435afb731e99a7ee23cc62323
SHA256 37866bce927c1c7a29c83a74d23b17ff60323751da00d678eba6b6ee2dcd3a02
CRC32 98BE38C0
ssdeep 3072:H/DmgskHbfHN+Pst60p0zuNmnKG7peNMQbuZAIqbey3lfbi:fDmfAfHN+wiuInRexuZAIij
Yara
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
  • Malicious_Library_Zero - Malicious_Library
  • Malicious_Packer_Zero - Malicious Packer
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
VirusTotal Search for analysis
Name dbcdc009781edffc_clip64.dll
Submit file
Filepath C:\Users\test22\AppData\Roaming\006700e5a2ab05\clip64.dll
Size 89.0KB
Processes 2668 (lamod.exe)
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 a5ed103ec4719a27ab3d3c01dac66f01
SHA1 c830d6980d7edea60568a518eccd36c0bc2a4924
SHA256 dbcdc009781edffc3c4e5234d3d23d26364d6bff47e2e384cffdef148d7b5b36
CRC32 F6CBC3B2
ssdeep 1536:Qo4NPCKLbqoYkbpplW9YoUsxXzbcouNhj2ZszsWuKcdJUQHaB89p:QoUCWbBNpplToUs1uNhj25LJUSaB89p
Yara
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
  • IsDLL - (no description)
  • Malicious_Library_Zero - Malicious_Library
  • Admin_Tool_IN_Zero - Admin Tool Sysinternals
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
VirusTotal Search for analysis