popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 3f645d2746e16d34_utchmann.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\utchmann.exe
Size 247.0KB
Processes 2580 (docutc20230925.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 9b6f64d454ad8d3e91d6827a0262ca58
SHA1 95ad850c587f28410d390e5076ed7cbd89e19cc1
SHA256 3f645d2746e16d3444423afc3a11a5ef43c095164ffd117d59e820e0123cccdc
CRC32 D79E5B8F
ssdeep 3072:KJaIjo8Yij5+8IyyOIMFw28L8Z8el7V2DABJ8jRQ:Kp7AtDMFwTYZFMABcR
Yara
  • Malicious_Library_Zero - Malicious_Library
  • UPX_Zero - UPX packed file
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • Is_DotNET_EXE - (no description)
  • Malicious_Packer_Zero - Malicious Packer
VirusTotal Search for analysis
Name 3629ed9b94ae5d0f_svchost.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\svchost.exe
Size 621.5KB
Processes 1460 (docutc20230925.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 ed9d91fe584d5109d4067734ac452753
SHA1 c277e57866833509d94787fc6f4d634a2714825d
SHA256 3629ed9b94ae5d0f2659d02dcb7ce258cb5c2497d5bf18f3c4fed78878fba030
CRC32 F9547DD3
ssdeep 3072:BgYB72Q1ulDBuk18+NRnZY5OWTP9inYRBCDMLKU+wmeqBXYcLho34dmeGmoE:B2Q1OkynW1NCD/XYkqodzo
Yara
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • Is_DotNET_EXE - (no description)
VirusTotal Search for analysis