popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 6f8899b8bc021eab_jqszy.exe
Submit file
Filepath C:\ProgramData\x64netJS\JQSZY.exe
Size 16.0MB
Processes 2636 (netTime.exe)
Type PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
MD5 99c9aa5d38023581bb915c0371cdb0e6
SHA1 0c8b18a3ec4b6dc9457392a54acc8138edb1d40c
SHA256 713c42e0870b47a028523a9d572038f11fa480c17aee1dcca78acef0382a181e
CRC32 D4244816
ssdeep 49152:+rrM8ykrJLTarx7otjag3oSPV71Unco9U+ED45aU8QrMmI/KP5zXbYhU/Krq1Ze0:+mcWWYTa96txQxuT66hyYTBDLL
Yara
  • UPX_Zero - UPX packed file
  • PE_Header_Zero - PE File Signature
  • IsPE64 - (no description)
  • anti_vm_detect - Possibly employs anti-virtualization techniques
  • Malicious_Packer_Zero - Malicious Packer
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis