popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name dc5fc48cbd764acf_helpscientist.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\IXP000.TMP\helpscientist.exe
Size 1.4MB
Processes 2560 (helpscientistpro.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 cec1d3aaecac4b9109d46586697b850b
SHA1 109b94db1b67c10998642178d540b829ff7a3e92
SHA256 dc5fc48cbd764acf7dd28c385279cf8b4296fb2d1e7b9aca3bc2352893194c94
CRC32 6F2EE1CA
ssdeep 24576:7hcBEBQRheuudVf344JUdIoOjwoahd04r1nIDUvobbt9ED:9QRMuKth4r1nIDUvobbt9k
Yara
  • UPX_Zero - UPX packed file
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • Is_DotNET_EXE - (no description)
  • Win32_Trojan_PWS_Net_1_Zero - Win32 Trojan PWS .NET Azorult
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name d9969e58b024f6d4_helpsciientist.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\IXP000.TMP\helpsciientist.exe
Size 1.4MB
Processes 2560 (helpscientistpro.exe)
Type PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
MD5 8b9e84e4763d2ede8193f524190f3929
SHA1 722c3772b81eaf13fd4ea9be7645f191a6f99936
SHA256 d9969e58b024f6d48913aad6d3ba2e0fb04301b27d6d9900161b7b9a8187ad47
CRC32 3E01DA51
ssdeep 24576:p2CzrBKDfJXr3QfvNjA8srb3GQsbTd1zFL1k4YEUPC8Q1kAjA:Nor3OQrSZ64YEUPC8Q1kAE
Yara
  • UPX_Zero - UPX packed file
  • PE_Header_Zero - PE File Signature
  • IsPE64 - (no description)
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis