popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 65f68c86b215ee6c_o.exe
Submit file
Filepath C:\ProgramData\Roaming\O.exe
Size 2.5MB
Processes 1648 (svchost.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 e9724f79d09583b45931d5040f02eb35
SHA1 b36282772566336efe5d8a326e659629740a9daa
SHA256 65f68c86b215ee6c93a9c4f56eda6748e4af7d49589c69a3a5f96f5734468c25
CRC32 77F15C4F
ssdeep 49152:G/qJ1DLVsbF0nYqZfZonTzexyNXXzusxw13NTKWW8h+lle2dfhg5QbvZDx79Ow8:wQ1tI0YqZRonI+CGC3NTxW8h+esfhg5N
Yara
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • themida_packer - themida packer
  • Generic_Malware_Zero - Generic Malware
VirusTotal Search for analysis
Name 0aa906880f4ff841_s19s.0.bat
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\s19s.0.bat
Size 170.0B
Processes 1648 (svchost.exe)
Type DOS batch file, ASCII text, with CRLF line terminators
MD5 c0ed94b6181b631a04ef174cea000f07
SHA1 90ea53bb234341b97a49bd762c08e12cec5a8c9e
SHA256 0aa906880f4ff841ef6a5b4b6f9f4409584adbd86c09d0ad701436b716364170
CRC32 8D302F65
ssdeep 3:mKDDCMNqTtvL5mZkREaKC5XLvmqRDmWxpcL4E2J5xAIfndhgrHm1mWxpcL4E2J5n:hWKqTtTPNZ5XLvmq1mQpcLJ23ffnoHmP
Yara None matched
VirusTotal Search for analysis