popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 617cc50e0428e187_igmwllfk.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\igmwllfk.exe
Size 2.3MB
Processes 3032 (E-FILLING FORM B.bat)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 252278969fa0d8c1cc719e73b61a76a4
SHA1 e1c516032393ebc83d5e2e44c72aa8f636ccd0b2
SHA256 617cc50e0428e187c69d94da100ea9d3653a1b557e0cb76ba8a767a919192195
CRC32 2B8C66E4
ssdeep 49152:ikWk5cS7a+9XYaQ9Zehc4mTYJ78V9gyBn4c0fmP/SA8N:WajJSZ942KQV9hp4dfmP/SA8
Yara
  • UPX_Zero - UPX packed file
  • Admin_Tool_IN_Zero - Admin Tool Sysinternals
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • Antivirus - Contains references to security software
VirusTotal Search for analysis