popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 0c45879e4f510d8e_ykm.exe
Submit file
Filepath C:\ProgramData\SMUCCI\YKM.exe
Size 4.8MB
Processes 2556 (clips.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 c6ae3bd0ab0e78257468cdab2b867707
SHA1 7ceaea50b3684b4fd5394da5bcdaf2b892f0aca2
SHA256 0c45879e4f510d8eef11fb33154a26d2dae2e42ff1c78414f513643cd2a9bbd1
CRC32 BC804263
ssdeep 98304:YCPO66/Yrv9RuZLiTfhDTAySK1Vsb/RBUXm7vdojR1AfxHI3oiggocIBAES8o3:YCPO6y+TuLidxSwCRn7vd0kxo3oiggoc
Yara
  • UPX_Zero - UPX packed file
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • VMProtect_Zero - VMProtect packed file
  • themida_packer - themida packer
VirusTotal Search for analysis
Name 51db83431d95cdd4_s1z0.0.bat
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\s1z0.0.bat
Size 171.0B
Processes 2556 (clips.exe)
Type DOS batch file, ASCII text, with CRLF line terminators
MD5 db59c1c19d82037057490d8d10d0aafe
SHA1 0571307257bd6efdf8f5cdd848024d0b25bc116f
SHA256 51db83431d95cdd43fe0d4145f250f6ee6a8ee9dd4d525aef83aab6d775bbb05
CRC32 DC4F3F77
ssdeep 3:mKDDCMNqTtvL5mZkRE0Y8nmvmqRDmWxpcL4E2J5xAIfpPgrHm1mWxpcL4E2J5xAQ:hWKqTtTP1Y8nmvmq1mQpcLJ23ffpPkHu
Yara None matched
VirusTotal Search for analysis