popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name e39766b1fc2d6838_updates.xll
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\Updates.xll
Size 1.9MB
Processes 1460 (mshta.exe)
Type PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
MD5 3b76372ea47632fa545dc7a95beedea6
SHA1 df5dccf09a8977c83469696574a21288b578e969
SHA256 e39766b1fc2d68385c08787687d17b5c7866b3d84795c62e81982ec7fc4dc616
CRC32 A4BF36CD
ssdeep 24576:CKB6YdPAuSRy2h9mALABq+D1hBXwKCO0Z2PlN+vfmMkygiVyquzx2A:CKB6YNARRy2LEs+D1DTCX2WnmmgiVglV
Yara
  • OS_Processor_Check_Zero - OS Processor Check
  • UPX_Zero - UPX packed file
  • IsDLL - (no description)
  • IsPE64 - (no description)
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • Malicious_Packer_Zero - Malicious Packer
VirusTotal Search for analysis