popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name b6a26b1ce153582e_windows host processor.exe
Submit file
Filepath C:\ProgramData\Windows\Windows Host Processor.exe
Size 128.0MB
Processes 2560 (LicenseChecker.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 548cdfa3c926e9f19650d9307008915d
SHA1 6a53508dcf6a2a7c94aed39bdbe5252b6063e028
SHA256 3171704aa4d1ad6b05ac531225ccec55c64395879a08f216e163d6300cbbfe64
CRC32 0ADE68D7
ssdeep 3145728:LmmQ3negQSQN5Uk25Q2hie4kQl1zzfv9e5d+0drR2CJy:LDQ3egQf5LnMielQl1zzX9IvdVa
Yara
  • PE_Header_Zero - PE File Signature
  • ftp_command - ftp command
  • IsPE32 - (no description)
  • Is_DotNET_EXE - (no description)
VirusTotal Search for analysis
Name 6786c8dfac78d353_tmp6155.tmp.bat
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\tmp6155.tmp.bat
Size 168.0B
Processes 2560 (LicenseChecker.exe) 2932 (cmd.exe)
Type DOS batch file, ASCII text, with CRLF line terminators
MD5 044d0d990329d16aa801464fbf8f4d44
SHA1 41880d6090c43b8199fc723b053dc35223cfa960
SHA256 6786c8dfac78d353f4d808761050f2eb7f2b5bf46dfb7ff293882ad7d8bb1313
CRC32 CBD8447B
ssdeep 3:mKDDCMNuwGv3DmWxpcL4E2J5xAIJpMqm9DwU1hGDmWxpcL4E2J5xAInTRI5eLA1k:hWKuZLmQpcLJ23fJHADNemQpcLJ23fTJ
Yara None matched
VirusTotal Search for analysis
Name cf46d2936bc3e358_LicenseChecker.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\LicenseChecker.exe
Size 140.5KB
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 9fdc64ec19b88144c87e10004a7ebebd
SHA1 1656feed58037314f2c1e8f96ded866b086f0268
SHA256 cf46d2936bc3e358a7702ddc43087a9498676b37287f2d1d3e1473375a7fa57b
CRC32 A8F02B6B
ssdeep 3072:3bw2rJgywh3XAKMEpCAPWX1i9/plee8qTNKdSwwkTp:3bpreFhnAqEi9/7eVGNKbwkT
Yara
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • Is_DotNET_EXE - (no description)
VirusTotal Search for analysis