popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 9b49252d545b6516_jqszy.exe
Submit file
Filepath C:\ProgramData\x64netJS\JQSZY.exe
Size 9.0MB
Processes 2032 (netTime.exe)
Type PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
MD5 4b24aad7e5c7babf357bc21883883337
SHA1 999cfcbd1949a2ac78172fb890114e2ec693a360
SHA256 834b7bfef2d97d64a7a167c8f0ce1ce5d808ca7a2035c9a78a0a66326393e518
CRC32 CB2BF2F8
ssdeep 24576:nwuavnnwdBAQplinoHlKxbge2saZGobLLFJFpi0v+WZJPv:wuaOB3plniUbL5JFpAyJ
Yara
  • UPX_Zero - UPX packed file
  • PE_Header_Zero - PE File Signature
  • IsPE64 - (no description)
  • anti_vm_detect - Possibly employs anti-virtualization techniques
  • Malicious_Packer_Zero - Malicious Packer
  • ftp_command - ftp command
VirusTotal Search for analysis