popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 0d9e31079d162625_2c706lra.exe
Submit file
Filepath C:\Users\Public\Desktop\2C706LRA.exe
Size 1.8MB
Processes 2552 (AYReport_EN.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 cdb983e76d6fc15c5eaef54a063f0091
SHA1 ff22a165f86cf929727fa12d8e787e69d24bb19c
SHA256 0d9e31079d1626252be3d0241e9559e975a0ccf94648d4f41219119136f361f1
CRC32 B2B3CD00
ssdeep 49152:dVA/JKt3we3e/iRyHKixZ0DRafnoQ7FT/Yb8b:dVs83w/iyHKc0DRafo6db
Yara
  • UPX_Zero - UPX packed file
  • Malicious_Library_Zero - Malicious_Library
  • PhysicalDrive_20181001 - (no description)
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • anti_vm_detect - Possibly employs anti-virtualization techniques
  • ASPack_Zero - ASPack packed file
  • Malicious_Packer_Zero - Malicious Packer
  • Generic_Malware_Zero - Generic Malware
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name c50a943a78dc0049_glwzeumk.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\Macromedia\GLWZEUMK.exe
Size 1.8MB
Processes 2552 (AYReport_EN.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 8bbaf95337912b8a1d36594e5bb2f5e6
SHA1 5db26a00543868b7f7bc88ec6597a17cf0dc71ae
SHA256 c50a943a78dc0049438b810fae2973ade0350c6ad76f924348fd56daff9fdf3a
CRC32 A28DDC67
ssdeep 49152:RC6pCkV5+fDepJvZA0xY1aBJ4/xRmWr55h:RC6P70MJvZecQ/xEWrR
Yara
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • Is_DotNET_EXE - (no description)
  • Win32_Trojan_PWS_Net_1_Zero - Win32 Trojan PWS .NET Azorult
  • Generic_Malware_Zero - Generic Malware
VirusTotal Search for analysis