popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 7874d15ca173ee41_cleanmgr.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\cleanmgr.exe
Size 14.5KB
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 f503da8eee4e7cd822239110b488b08b
SHA1 f122b5169aaf28a0906b16255cb0e4490dcfd62e
SHA256 7874d15ca173ee419b69c1ac2cae4eb6f158a8c1285b9bff7e59af840bed251e
CRC32 816C7720
ssdeep 384:N6P1J3MxbGglqBcpnHp//UeUB7Eb2eqJT:N6dkQBcLSB7Eb21t
Yara
  • Is_DotNET_EXE - (no description)
  • PE_Header_Zero - PE File Signature
  • Win_Backdoor_AsyncRAT_Zero - Win Backdoor AsyncRAT
  • IsPE32 - (no description)
VirusTotal Search for analysis
Name c296470f0a24955e_yy.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Start Menu\YY.exe
Size 512.0KB
Processes 2536 (cleanmgr.exe)
Type PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
MD5 5a01a667c84893b0ab403b39b3c73b53
SHA1 61e797ce7faf1a6eca4038b29aac0364fb61fba9
SHA256 c296470f0a24955e74c6695312974b6f7b32b89147368e84804b47f76d5befa3
CRC32 A699EFF1
ssdeep 12288:eN44r9HYXzdEXVDBbupm9PwbZxCMhrI5cRdbtF9fgdm1ttt:u9GeXVDmeYFM5cRdJ
Yara
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature
  • Win_Backdoor_AsyncRAT_Zero - Win Backdoor AsyncRAT
  • ConfuserEx_Zero - Confuser .NET
VirusTotal Search for analysis