Dropped Files | ZeroBOX
Name 2244b4dc9afc6cfa_clip64.dll
Submit file
Filepath C:\Users\test22\AppData\Roaming\006700e5a2ab05\clip64.dll
Size 89.0KB
Processes 2796 (pdates.exe)
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 2392b231cf4a80739b5cb09bf808127d
SHA1 41b5cf81c50884954911d96444fe83cfd0da465b
SHA256 2244b4dc9afc6cfab7ef1dea92420e2acd275bac7349b929a69f3c1ae25f5e2f
CRC32 16AB7A40
ssdeep 1536:Oo4NPCKLbqoYkbpplW9YoUsxXzbcouNhj2ZszsWuKcdJUabaB89p:OoUCWbBNpplToUs1uNhj25LJUQaB89p
Yara
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
  • IsDLL - (no description)
  • Admin_Tool_IN_Zero - Admin Tool Sysinternals
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • Win_Amadey_Zero - Amadey bot
  • IsPE32 - (no description)
VirusTotal Search for analysis
Name 58b02c8b4bc2bf7f_pdates.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\925e7e99c5\pdates.exe
Size 223.5KB
Processes 2680 (g0268788.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 aea234064483f651010cf9d981f59fea
SHA1 002ad73a666d2d92d0c6d6b617e61c6fa0c5f3a6
SHA256 58b02c8b4bc2bf7f5f1e8e45d7c206956f188ae56b648922ca75987b999db503
CRC32 5ABBB6AC
ssdeep 3072:3vtV3ROZ6RDwrR3wMUzUVwQ3rInyRnIvPak3hhiHFSbuZhuNcZVKBzqm8LHIkbGB:ftV3euVz6rKyS3yHFHhuNcPKpwU+
Yara
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • Malicious_Packer_Zero - Malicious Packer
  • Win_Amadey_Zero - Amadey bot
  • IsPE32 - (no description)
VirusTotal Search for analysis
Name 03afb988f3eec62c_cred64.dll
Submit file
Filepath C:\Users\test22\AppData\Roaming\006700e5a2ab05\cred64.dll
Size 273.0B
Processes 2796 (pdates.exe)
Type HTML document, ASCII text
MD5 9851b884bf4aadfade57d911a3f03332
SHA1 aaadd1c1856c22844bb9fbb030cf4f586ed8866a
SHA256 03afb988f3eec62c2da682af371625adcac5a0e69615298f83d99365ab07ac0f
CRC32 685C995D
ssdeep 6:pn0+Dy9xwGObRmEr6VnetdzRx3G0CezoIR+knaCyjEcXaoD:J0+oxBeRmR9etdzRxGezH0qaCtma+
Yara None matched
VirusTotal Search for analysis