popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 6867edd53b5819ad_hid.dll
Submit file
Filepath C:\hid.dll
Size 98.8KB
Processes 932 (steamrepairnet.exe)
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 4cf94726cf6654a6582428e8f556a0f3
SHA1 168f273fe9d53be6848e6437381d8ebd34c7540d
SHA256 6867edd53b5819ad3914414d81c52ec9bab507f80dc2f255a7ff1cfc0098ce6d
CRC32 5AAE4C2F
ssdeep 3072:mj6w/KJlOpSSSYwF5sG7jpwXfKpNJJiD/Wb:ScTOTSYEhr7J8/s
Yara
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
  • Malicious_Library_Zero - Malicious_Library
  • IsDLL - (no description)
  • Malicious_Packer_Zero - Malicious Packer
  • IsPE32 - (no description)
  • PE_Header_Zero - PE File Signature
VirusTotal Search for analysis
Name e270f357833a46a9_config.ini
Submit file
Filepath C:\Users\test22\AppData\Roaming\Stool\config.ini
Size 368.0B
Processes 932 (steamrepairnet.exe)
Type ASCII text, with very long lines, with CRLF line terminators
MD5 2b2e71356767a032389d8de8d56bc45e
SHA1 13db4083c213acd081bc9339fc65f357e1a62839
SHA256 e270f357833a46a926433f66973092fb8bfaf0ec5596ec51074ab5371cce146b
CRC32 0D802A2B
ssdeep 6:2RisTVQGFcmRGZBQuWbtQfUbGQNUQnmIJgqvG33u4j8u2KeOnDaxh3kW6gCxy7X6:2DqdIuqtE8KQnmIJgnu48Qkxh3k0B7X6
Yara None matched
VirusTotal Search for analysis
Name b5302b1ec3dc9643_legit.pak
Submit file
Filepath C:\Users\test22\AppData\Roaming\Stool\Legit.pak
Size 1.2MB
Processes 932 (steamrepairnet.exe)
Type data
MD5 bdf38048e9b28a41cf634337c2d6d8ac
SHA1 79efb5406c449ae8feb1901a73723a7edb73ad1b
SHA256 b5302b1ec3dc96438af75eb21cb504680c427903478e421fdfb1a4f5757db04e
CRC32 F4AE53CB
ssdeep 24576:Byx2DANF2rk4j5srBiC5DtpHW1GQWw3PHpwkLLVTeYuVP6jz4G/NoPoBbN:ByxIANF2Q4j5Wj5LSGQW6PHPLxTKVP6r
Yara None matched
VirusTotal Search for analysis