popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 340c8464c2007ce3_cred64.dll
Submit file
Filepath C:\Users\test22\AppData\Roaming\a091ec0a6e2227\cred64.dll
Size 162.0B
Processes 2252 (legorum.exe)
Type HTML document, ASCII text, with CRLF line terminators
MD5 1b7c22a214949975556626d7217e9a39
SHA1 d01c97e2944166ed23e47e4a62ff471ab8fa031f
SHA256 340c8464c2007ce3f80682e15dfafa4180b641d53c14201b929906b7b0284d87
CRC32 CC58D737
ssdeep 3:qVoB3tURObOb0qHXboAcMBXqWrKb0GklIVLLPROZ/eIwcWWGu:q43tIkObRHXiMIWObtklI5LPROeIpfGu
Yara None matched
VirusTotal Search for analysis
Name 860acbf6104e2539_legorum.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\01036400e7\legorum.exe
Size 224.4KB
Processes 2124 (t7079733.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 8c385053bb9e0ffa85d15f851b7f91ed
SHA1 ff679a86eaa42d26291a1226db0ec1d1186cbb26
SHA256 860acbf6104e2539254be7453824e3e81fedfc229f3bc6fb43b75d5e8f502f18
CRC32 F4E22F1A
ssdeep 3072:aTzC4usLP+wOULUFAB3i9nyRA4/Prk3huiPFSbuZRuNcZVKOUm8LHIMbkyfWtsm3:aTzYsLdf/Rity237PFHRuNcPKOKsy+
Yara
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • Malicious_Packer_Zero - Malicious Packer
  • IsPE32 - (no description)
VirusTotal Search for analysis
Name 767b03b1909c858a_clip64.dll
Submit file
Filepath C:\Users\test22\AppData\Roaming\a091ec0a6e2227\clip64.dll
Size 89.0KB
Processes 2252 (legorum.exe)
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 c0973231287f23e7cf3e8335a031bb8d
SHA1 0d6ccd55a69a0ce07b2a76121d52395ea0563cff
SHA256 767b03b1909c858a948371ed7791ff0c0629e5e4c7d60f97900b1fc27485103a
CRC32 F29EF5B3
ssdeep 1536:/o4NPCKLbqoYkbpplW9YoUsxXzbcouNhj2ZszsWuKcdJUmETaB89p:/oUCWbBNpplToUs1uNhj25LJUmGaB89p
Yara
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
  • IsDLL - (no description)
  • Admin_Tool_IN_Zero - Admin Tool Sysinternals
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
VirusTotal Search for analysis