Dropped Files | ZeroBOX

Name	3f645d2746e16d34_utchmann.exe Submit file
Filepath	C:\Users\test22\AppData\Roaming\utchmann.exe
Size	247.0KB
Processes	2580 (docutc20230925.exe)
Type	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5	`9b6f64d454ad8d3e91d6827a0262ca58`
SHA1	`95ad850c587f28410d390e5076ed7cbd89e19cc1`
SHA256	`3f645d2746e16d3444423afc3a11a5ef43c095164ffd117d59e820e0123cccdc`
CRC32	`D79E5B8F`
ssdeep	`3072:KJaIjo8Yij5+8IyyOIMFw28L8Z8el7V2DABJ8jRQ:Kp7AtDMFwTYZFMABcR`
Yara	Malicious_Library_Zero - Malicious_Library UPX_Zero - UPX packed file PE_Header_Zero - PE File Signature IsPE32 - (no description) Is_DotNET_EXE - (no description) Malicious_Packer_Zero - Malicious Packer
VirusTotal	Search for analysis

Name	3629ed9b94ae5d0f_svchost.exe Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\svchost.exe
Size	621.5KB
Processes	1460 (docutc20230925.exe)
Type	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5	`ed9d91fe584d5109d4067734ac452753`
SHA1	`c277e57866833509d94787fc6f4d634a2714825d`
SHA256	`3629ed9b94ae5d0f2659d02dcb7ce258cb5c2497d5bf18f3c4fed78878fba030`
CRC32	`F9547DD3`
ssdeep	`3072:BgYB72Q1ulDBuk18+NRnZY5OWTP9inYRBCDMLKU+wmeqBXYcLho34dmeGmoE:B2Q1OkynW1NCD/XYkqodzo`
Yara	PE_Header_Zero - PE File Signature IsPE32 - (no description) Is_DotNET_EXE - (no description)
VirusTotal	Search for analysis