popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 55c501ff428230ff_truthworker.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\IXP000.TMP\truthworker.exe
Size 62.5KB
Processes 2672 (firmresource.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 6e366139af7b312507ec517b0a57e552
SHA1 615ae06d2d5b4ed5bf94778b08c0b157ea0efc44
SHA256 55c501ff428230ffa356ba238cf0b66af261c0631188fc4dc56bae4f184bf826
CRC32 3A7DEA47
ssdeep 1536:Uec6J5L7EgudBrKGyUqEB/YzM3dydyc4F9nY++czovzI0ctcT9qSz:S6PLogCBeEB/BimFpJwzI0ceT9r
Yara
  • Win32_Trojan_PWS_Net_1_Zero - Win32 Trojan PWS .NET Azorult
  • Is_DotNET_EXE - (no description)
  • PE_Header_Zero - PE File Signature
  • Malicious_Packer_Zero - Malicious Packer
  • IsPE32 - (no description)
VirusTotal Search for analysis
Name bde6b8bc656f479e_trutthworker.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\IXP000.TMP\trutthworker.exe
Size 62.5KB
Processes 2672 (firmresource.exe)
Type PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
MD5 c7991ec3ade36c816c187b62208ccbce
SHA1 aa57af4a0f3716fff8739c1866ce02d43dcd5346
SHA256 bde6b8bc656f479ebc6ec551d383d5c8399dc49246295cceaa5fd5f58fc43f57
CRC32 BCB16939
ssdeep 1536:Ty3XAjqVguJWcG+udH4Exbzl63dydyc4F9nY++c4tvs0ctPEi686:u3X8qg9nyCmFpJ4O0cdEk6
Yara
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature
  • Malicious_Packer_Zero - Malicious Packer
VirusTotal Search for analysis