popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name caee9f999cf6d6af_statislite.dll
Submit file
Filepath C:\Program Files\MSXML 3.88\StatisLite.dll
Size 2.8MB
Processes 2072 (Guendengf.exe)
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 8f06ce3ab20ed98e95857be06a2a36d4
SHA1 6d38a0e02477e72075c72c2fff0716ecd1ec788f
SHA256 caee9f999cf6d6af1074fce6c3ee6523e9b630438210b937df15ddc95a8e9b23
CRC32 68F3692E
ssdeep 24576:cKhVa3mP/8L96RGUu6tNkjYi6OVLx27KULbJUzAylA3pyKClOwh6HmUU:tXP/8L961u1UuUHGSYoHmUU
Yara
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
  • IsDLL - (no description)
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • Malicious_Packer_Zero - Malicious Packer
  • IsPE32 - (no description)
VirusTotal Search for analysis
Name 449d4c7b4b0c3dbe_colorossetup.log
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\ColorOsSetup.log
Size 83.0B
Processes 2136 (None)
Type ASCII text, with CRLF line terminators
MD5 85c2599be973e3c30e9540cee85f646c
SHA1 a2ae7d7d637e8389aca007d5937702f4eef84e6c
SHA256 449d4c7b4b0c3dbe8e098d9821181af4d4bba4915f378f3cf1b86e58ecfdcdfc
CRC32 36B93FA7
ssdeep 3:ttW1g5tIgDBk2:tkG5qGm2
Yara None matched
VirusTotal Search for analysis
Name d0a24a8c1191e688_layering.exe
Submit file
Filepath C:\Program Files\MSXML 3.88\layering.exe
Size 334.0KB
Processes 2072 (Guendengf.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 d25d6f47f151e2ea86d78f4e5b8921f8
SHA1 1f6d6b46f9ff02339352f805a6d9fa5c1c5e142a
SHA256 d0a24a8c1191e6882a0d65df7d3000059005863c1188a49ddcf9f0d6165c853f
CRC32 F808B744
ssdeep 6144:4mNlZV7cMl9DiOdrxbVJU/auNDdS4/kY0gVYKo2WQetLqW0LbXibXiu:48lZVwMl9DiOHLUZtk+Yt/1tLrL
Yara
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
VirusTotal Search for analysis