popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 55e61408253acb20_movwxshfsgoqa.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\movwXShFsgOqA.exe
Size 566.0KB
Processes 2644 (HTML.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 b080010f26154310dc09d7154d6a898c
SHA1 52d255822e94001805993be67f863d29ea2a6241
SHA256 55e61408253acb2043cd74cae28916dfef364ff8581ff4933e898d41826d5b4a
CRC32 49BD3D3F
ssdeep 12288:LawpeOSvqfKeVyEcF5mrzCmlDCK9X5OinvXEDywfPsHk:LawpeOSvqShEMoSU39JhnvUDj8E
Yara
  • Admin_Tool_IN_Zero - Admin Tool Sysinternals
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • Is_DotNET_EXE - (no description)
  • Win32_Trojan_PWS_Net_1_Zero - Win32 Trojan PWS .NET Azorult
VirusTotal Search for analysis
Name b531989e4f28080b_tmp70A7.tmp
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\tmp70A7.tmp
Size 1.6KB
Processes 2644 (HTML.exe)
Type XML 1.0 document, ASCII text, with CRLF line terminators
MD5 0ca6bf13fc3e53efa619c607b1463a2d
SHA1 bfccade4c961288e51792e7785a8da2f09385a2c
SHA256 b531989e4f28080bc46fc3a3f943acaf2be5f5026675123c682149f6099b1fa1
CRC32 4D237B66
ssdeep 24:2dH4+SEqCH/7IlNMFQ/rlMhEMjnGpwjpIgUYODOLD9RJh7h8gKBY0tn:cbhf7IlNQQ/rydbz9I3YODOLNdq3N
Yara None matched
VirusTotal Search for analysis