popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 9b5009d2369bac9b_353.chm
Submit file
Filepath C:\Users\Public\353.CHM
Size 12.6KB
Processes 2084 (doudian8574.exe)
Type MS Windows HtmlHelp Data
MD5 fbb2bf38067cca4ba0f7a2dc3edfcdc8
SHA1 7ad7ab194092c969922d0f8a6de357778f255004
SHA256 9b5009d2369bac9b4c127f13078ab81f013645a80f77ab412c4873d67349d79a
CRC32 89564F75
ssdeep 96:Hx9KUcdXpbr9tQrYtZIEinZBJ9J/E5CD7tXkwULwFDsZ3cI+Ye0XkjzM:Hx9K15bnZEnZhJE5ssuYe0XWM
Yara
  • chm_file_format - chm file format
VirusTotal Search for analysis
Name f6de9c9fd5d16461_zdmxd.exe
Submit file
Filepath C:\Users\Public\zdmxd.exe
Size 27.0KB
Processes 2084 (doudian8574.exe)
Type PE32+ executable (GUI) x86-64, for MS Windows
MD5 02223ae678f09c3b885971903cf8bd63
SHA1 c97c3c3177a1c95b3a097c395e8ed9f7cd0ff5af
SHA256 f6de9c9fd5d16461cb22bd02913f1a4fb2dbe63107aa86713c612842287f4338
CRC32 5C115D50
ssdeep 384:hbh03LpP7A2SrKQO/ds+5OUKJeQJRdnhlCCHXmbpxTBHKxPVTS+iAR3wuLPOQhSu:hYxAVy/2+0xQQvnH2BKPTfRnmCSbEl
Yara
  • UPX_Zero - UPX packed file
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature
VirusTotal Search for analysis
Name e0eb13e49105f145_unityplayer.dll
Submit file
Filepath C:\Users\Public\Documents\Microsoft\UnityPlayer.dll
Size 114.6KB
Processes 2084 (doudian8574.exe)
Type PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5 16af9ec92cb7e2baf47619f06e7ccd7d
SHA1 bc228a78f635f19f09f6503c73e0d2bb00e6bbee
SHA256 e0eb13e49105f145e1e110c83dcb51f2e2603822e1a01a1d5f2ab6966ac96ad4
CRC32 51C1E882
ssdeep 1536:ge1zL/FjHU0a2CGXuwSj2ynAgzjumsw2J0wsWLd09dlWnlPk0sYZ7N3hQZ:L1zLpHUTwewe27YjRwmQMklPkJ24Z
Yara
  • OS_Processor_Check_Zero - OS Processor Check
  • UPX_Zero - UPX packed file
  • IsDLL - (no description)
  • IsPE64 - (no description)
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
VirusTotal Search for analysis
Name cfa46626de2511b8_windows.exe
Submit file
Filepath C:\Users\Public\Documents\Microsoft\windows.exe
Size 643.6KB
Processes 2084 (doudian8574.exe)
Type PE32+ executable (GUI) x86-64, for MS Windows
MD5 dd12729cb9aa55eb4a036a6aa0cec3b9
SHA1 cfe064e88f93d7b93677fd7e9d184a45758bcd5a
SHA256 cfa46626de2511b8bba3ddb850768bcd531eacef7cd60daa6c6b4858278d08ac
CRC32 A8898A2D
ssdeep 3072:jys7oYfSbbQTLWuiUg7VsS4jMDN00aiDRV4Z:j/7oYfSHQPWTUg49vCqZ
Yara
  • OS_Processor_Check_Zero - OS Processor Check
  • UPX_Zero - UPX packed file
  • IsPE64 - (no description)
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
VirusTotal Search for analysis