popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 8787a2fa21de99c2_jqszy.exe
Submit file
Filepath C:\ProgramData\x64netJS\JQSZY.exe
Size 18.4MB
Processes 2560 (netTime.exe)
Type PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
MD5 b9c31464ef939e8f54c7a96325f5e403
SHA1 027853b1a0bc01964e10e55fa693d463127d8966
SHA256 b665f9c902e91007699c635baa93c0e24ab74bf60f526f94d6fcc52d140558da
CRC32 545C5BF5
ssdeep 49152:N/F6ITLDKa1cEOMZSB5VKfQYrdYBLgO8Ki5cbbb0Y:NdTHKa1Nog4YWgK6N
Yara
  • Win32_Trojan_Emotet_2_Zero - Win32 Trojan Emotet
  • UPX_Zero - UPX packed file
  • PE_Header_Zero - PE File Signature
  • IsPE64 - (no description)
  • anti_vm_detect - Possibly employs anti-virtualization techniques
  • Malicious_Packer_Zero - Malicious Packer
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis