Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
07.04 10:07
eveningfiledatinglover...
07.04 10:07
file_qzz145uz.kxq.txt.ps1
07.04 10:07
file_20dp34d4.orr.txt.ps1
07.04 10:07
file_3e3wgwby.144.txt.ps1
07.04 10:07
new-image_j.jpg.exe
07.04 10:07
moon.txt.exe
07.04 10:07
okeydookietrational.tx...
07.04 10:07
streamer.exe
07.04 10:07
file_2n4kbwex.dbr.txt.ps1
07.04 09:07
file_5jjhn5s1.zo4.txt.ps1

Latest News
07.04 10:07
해외에서 금융정보 훔친 악성 앱, 한국에...
07.04 10:07
파수, 삼기의 글로벌 자동차 시장 공략 ...
07.04 10:07
진주시, 신규 공무원 ‘정보보안 및 행정...
07.04 10:07
광주시, 노인성질환 임상실증 인공지능플랫...
07.04 10:07
표준연-지·산·학·연 27개 기관, 양자...
07.04 10:07
NHN, ESG 주요 성과 및 중장기 실...
07.04 10:07
LG헬로비전-인천교육청, 인천상상플랫폼 ...
07.04 10:07
LG전자, AI홈 시대 선도 위해 스마트...
07.04 10:07
디지털 분야 첨단 연구 선도할 석박사급 ...
07.04 10:07
에코프로, 자사 사칭 불법 사이트 발견....

Dropped Files | ZeroBOX

Name	3e6e9fc56e1a9fe5__ssl.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI22802\_ssl.pyd
Size	62.3KB
Processes	2280 (gupdater.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`2089768e25606262921e4424a590ff05`
SHA1	`bc94a8ff462547ab48c2fbf705673a1552545b76`
SHA256	`3e6e9fc56e1a9fe5edb39ee03e5d47fa0e3f6adb17be1f087dc6f891d3b0bbca`
CRC32	`AB510769`
ssdeep	`1536:NHBhG6a7BLI9d70XIKNSTuGaLOIPC7s0K7Sy1Pxd:/hI67uIKNSTICIPC7sBDxd`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	d6431d5645fffd05_d93f411851d7c929.customdestinations-ms Submit file
Filepath	c:\users\test22\appdata\roaming\microsoft\windows\recent\customdestinations\d93f411851d7c929.customdestinations-ms
Size	7.8KB
Processes	2180 (powershell.exe)
Type	data
MD5	`260d23ce04a8f8555a73b7d2dc15e911`
SHA1	`ebad746fb7de847c50f7502a44f6e35534733efd`
SHA256	`d6431d5645fffd05a23166d630253bc7ce8c099cf6e9c956f8ae5e1249ee8588`
CRC32	`11D6B213`
ssdeep	`96:ctuCeGCPDXBqvsqvJCwo5tuCeGCPDXBqvsEHyqvJCworSP7Hwxf2lUVul:ctvXo5tvbHnorrxQ`
Yara	Antivirus - Contains references to security software Generic_Malware_Zero - Generic Malware
VirusTotal	Search for analysis

Name	64e8fd952ccf5b8a__ctypes.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI22802\_ctypes.pyd
Size	58.3KB
Processes	2280 (gupdater.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`1adfe4d0f4d68c9c539489b89717984d`
SHA1	`8ae31b831b3160f5b88dda58ad3959c7423f8eb2`
SHA256	`64e8fd952ccf5b8adca80ce8c7bc6c96ec7df381789256fe8d326f111f02e95c`
CRC32	`2577CB96`
ssdeep	`1536:UUOlRJUIp/i+OnIlnhKaK+DIKIPLP3n7SySPxH9F:pOpnomln0aK+0KIPLP3nUxdF`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	6b41dfd7d6ac12af__sqlite3.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI22802\_sqlite3.pyd
Size	56.3KB
Processes	2280 (gupdater.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`eb6313b94292c827a5758eea82d018d9`
SHA1	`7070f715d088c669eda130d0f15e4e4e9c4b7961`
SHA256	`6b41dfd7d6ac12afe523d74a68f8bd984a75e438dcf2daa23a1f934ca02e89da`
CRC32	`943EB6E3`
ssdeep	`1536:vUoHNtQh2qxFtxAnHq70rF7VRUjCpcIPOQ397SyU8Pxp:vUiNtQhxAnMORUmOIPOQ39xxp`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	a4e45a46a84f8038_gupdater.exe Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\gupdater.exe
Size	6.9MB
Processes	2108 (updater.exe)
Type	PE32+ executable (GUI) x86-64, for MS Windows
MD5	`426e59ac373c95971b451fe03331dda0`
SHA1	`835be142c6e7f9648b59c9d35b930dd756ee8940`
SHA256	`a4e45a46a84f80384ec2f8671836dc39ff4db291dcb3e721357e943124d14d7b`
CRC32	`F6C73720`
ssdeep	`98304:WQzHqdVfB2DFEsZjg27zyuT/9vUIdD9C+z3zO917vOTh+ezDNh70UlvSvBb155mC:WYQsDVhXbT/9bvLz3S1bA3zVlKVii04`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsPE64 - (no description) Antivirus - Contains references to security software Win32_Trojan_Gen_1_0904B0_Zero - Win32 Trojan Emotet UPX_Zero - UPX packed file Generic_Malware_Zero - Generic Malware OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	3c9d5a9433b22538__lzma.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI22802\_lzma.pyd
Size	85.8KB
Processes	2280 (gupdater.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`3798175fd77eded46a8af6b03c5e5f6d`
SHA1	`f637eaf42080dcc620642400571473a3fdf9174f`
SHA256	`3c9d5a9433b22538fc64141cd3784800c567c18e4379003329cf69a1d59b2a41`
CRC32	`92E2F53D`
ssdeep	`1536:AUZZh3A5zFTPuztVVQW1AyOXEyvYsnHUZK+K+k6VWLZLpIPZ1887SyKPxN:AIvA5utzWfXE0V0ZK+K+QLHIPZ188ExN`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	abbe3933a34a9653__bz2.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI22802\_bz2.pyd
Size	48.3KB
Processes	2280 (gupdater.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`2d461b41f6e9a305dde68e9c59e4110a`
SHA1	`97c2266f47a651e37a72c153116d81d93c7556e8`
SHA256	`abbe3933a34a9653a757244e8e55b0d7d3a108527a3e9e8a7f2013b5f2a9eff4`
CRC32	`311CAADD`
ssdeep	`768:XulhAbgFQ1/NGSS1xNDrxiRx8/CWpsVDIA35/Mw3kp0HIPCVnRn5YiSyvYPxWEu:XiGgF1TxbYecf5UcHIPCVnv7SyQPx`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	424fb8ac515ed912_blank.aes Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI22802\blank.aes
Size	118.5KB
Processes	2280 (gupdater.exe)
Type	data
MD5	`79c3f541d1536b03c6b88d9987300145`
SHA1	`071ad36b598c390b59359297dfc339a80e67250f`
SHA256	`424fb8ac515ed91209664ffc28cfcc402003f039dd7bec856478a7eb37f9c98d`
CRC32	`46C7802A`
ssdeep	`3072:MxuXC2RGknrYc2PfPdnav3Y/ur9SZOg+K/n67/szSh:MxuSGGknunav3YmrcZOgN/6gSh`
Yara	None matched
VirusTotal	Search for analysis

Name	c4e8740c5dbbd274__decimal.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI22802\_decimal.pyd
Size	106.8KB
Processes	2280 (gupdater.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`a8952538e090e2ff0efb0ba3c890cd04`
SHA1	`cdc8bd05a3178a95416e1c15b6c875ee026274df`
SHA256	`c4e8740c5dbbd2741fc4124908da4b65fa9c3e17d9c9bf3f634710202e0c7009`
CRC32	`416F3AD3`
ssdeep	`3072:rAXWq+Shd+pVgLxCmdrrrvYoVZPQxqrU1uIPOqpCT6x1:Q+Smip7YwVQsrU1nCq`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	58209c8ab4191e83_rarreg.key Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI22802\rarreg.key
Size	456.0B
Processes	2280 (gupdater.exe)
Type	ASCII text
MD5	`4531984cad7dacf24c086830068c4abe`
SHA1	`fa7c8c46677af01a83cf652ef30ba39b2aae14c3`
SHA256	`58209c8ab4191e834ffe2ecd003fd7a830d3650f0fd1355a74eb8a47c61d4211`
CRC32	`B967B544`
ssdeep	`12:Bn9j9sxpCDPxfhKLiaE5cNH0u/OCIhjWO:B9jiWDpf025cNU7CIEO`
Yara	None matched
VirusTotal	Search for analysis

Name	3660b985ca47ca1b__hashlib.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI22802\_hashlib.pyd
Size	35.3KB
Processes	2280 (gupdater.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`f10d896ed25751ead72d8b03e404ea36`
SHA1	`eb8e0fd6e2356f76b5ea0cb72ab37399ec9d8ecb`
SHA256	`3660b985ca47ca1bba07db01458b3153e4e692ee57a8b23ce22f1a5ca18707c3`
CRC32	`1DA06AF1`
ssdeep	`768:5rusWqAYiGR2VL0gdxwxpj9bTIPOICR5YiSyv4PxWEu:5ynqA/dL0gdxwX9bTIPOICf7SygPx`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	8e8870dac8c96217_sqlite3.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI22802\sqlite3.dll
Size	622.8KB
Processes	2280 (gupdater.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`395332e795cb6abaca7d0126d6c1f215`
SHA1	`b845bd8864cd35dcb61f6db3710acc2659ed9f18`
SHA256	`8e8870dac8c96217feff4fa8af7c687470fbccd093d97121bc1eac533f47316c`
CRC32	`1593C1E1`
ssdeep	`12288:2VROCPPIR0z79c8aCucuAVbXiFHTiDheVoxz0u4d0M2A9UCC:2VERAc83uc1XiJly01hUCC`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	9d4880f7d0129b1d__queue.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI22802\_queue.pyd
Size	25.8KB
Processes	2280 (gupdater.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`decdabaca104520549b0f66c136a9dc1`
SHA1	`423e6f3100013e5a2c97e65e94834b1b18770a87`
SHA256	`9d4880f7d0129b1de95becd8ea8bbbf0c044d63e87764d18f9ec00d382e43f84`
CRC32	`372A2849`
ssdeep	`384:r0Psz9rLZgNhzHjlHv0vFTMwZa7gJXTDIPQUCNQHQIYiSy1pCQqIPxh8E9VF0Nyo:RihFP0tTHpDDIPQUCI5YiSyv3PxWEun`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	987a6d21ce961afe_unicodedata.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI22802\unicodedata.pyd
Size	295.8KB
Processes	2280 (gupdater.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`c2556dc74aea61b0bd9bd15e9cd7b0d6`
SHA1	`05eff76e393bfb77958614ff08229b6b770a1750`
SHA256	`987a6d21ce961afeaaa40ba69859d4dd80d20b77c4ca6d2b928305a873d6796d`
CRC32	`3504A582`
ssdeep	`6144:ik/Qvs7yfQJYx4x9UVqHDMDNCStEQc5YmDp9Kik+V65:ikUfQJbUV2MhCwEQc5Np9zk+U5`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	135b115e77479eed_libcrypto-1_1.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI22802\libcrypto-1_1.dll
Size	1.1MB
Processes	2280 (gupdater.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`dffcab08f94e627de159e5b27326d2fc`
SHA1	`ab8954e9ae94ae76067e5a0b1df074bccc7c3b68`
SHA256	`135b115e77479eedd908d7a782e004ece6dd900bb1ca05cc1260d5dd6273ef15`
CRC32	`9F6E5A9F`
ssdeep	`24576:OehIVnK0yupAu74grd7gqiAtpzdZveNuKF1CPwDv3uFfJR:SYupAm7d7gqNtpzzveNuM1CPwDv3uFff`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	90341ac8dcc9ec5f_rar.exe Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI22802\rar.exe
Size	616.0KB
Processes	2280 (gupdater.exe)
Type	PE32+ executable (console) x86-64, for MS Windows
MD5	`9c223575ae5b9544bc3d69ac6364f75e`
SHA1	`8a1cb5ee02c742e937febc57609ac312247ba386`
SHA256	`90341ac8dcc9ec5f9efe89945a381eb701fe15c3196f594d9d9f0f67b4fc2213`
CRC32	`F9469D0F`
ssdeep	`12288:3lPCcFDlj+gV4zOifKlOWVNcjfQww0S5JPgdbBC9qxbYG9Y:3lPCcvj+YYrfSOWVNcj1JS5JPgdbBCZd`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsPE64 - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	a8f950b4357ec12c_vcruntime140.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI22802\VCRUNTIME140.dll
Size	106.8KB
Processes	2280 (gupdater.exe)
Type	PE32+ executable (DLL) (console) x86-64, for MS Windows
MD5	`4585a96cc4eef6aafd5e27ea09147dc6`
SHA1	`489cfff1b19abbec98fda26ac8958005e88dd0cb`
SHA256	`a8f950b4357ec12cfccddc9094cca56a3d5244b95e09ea6e9a746489f2d58736`
CRC32	`14161551`
ssdeep	`1536:GcghbEGyzXJZDWnEzWG9q4lVOiVgXjO5/woecbq8qZHg2zuCS+zuecL:GV3iC0h9q4v6XjKwoecbq8qBTq+1cL`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) Win32_Trojan_Gen_1_0904B0_Zero - Win32 Trojan Emotet UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	e4b5059218574483_base_library.zip Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI22802\base_library.zip
Size	1.4MB
Processes	2280 (gupdater.exe)
Type	Zip archive data, at least v2.0 to extract
MD5	`d0c4a6abb0467f290879ffc87c1b4340`
SHA1	`70c1dfb2f54ac02004a552ee34fb83d5249c6c9f`
SHA256	`e4b50592185744830d7706d4b53df4fa5e37f8a52f36e58bd46516be92bb1e2d`
CRC32	`1EDAD6CA`
ssdeep	`24576:mQR5pATuFRm4lUKdcubgAnyfbmZ0iwhldYfdPXsCHHU:mQR5p7RmyJy`
Yara	zip_file_format - ZIP file format
VirusTotal	Search for analysis

Name	135c772b42ba6353_libffi-8.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI22802\libffi-8.dll
Size	29.3KB
Processes	2280 (gupdater.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`08b000c3d990bc018fcb91a1e175e06e`
SHA1	`bd0ce09bb3414d11c91316113c2becfff0862d0d`
SHA256	`135c772b42ba6353757a4d076ce03dbf792456143b42d25a62066da46144fece`
CRC32	`A886B038`
ssdeep	`768:3p/6aepjG56w24Up3p45YiSyvkIPxWEqG:tA154spK7SytPxF`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	a9220271c0eb79e5_d93f411851d7c929.customDestinations-ms~RF1f02a9d.TMP Submit file
Filepath	C:\Users\test22\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d93f411851d7c929.customDestinations-ms~RF1f02a9d.TMP
Size	7.8KB
Type	data
MD5	`b0c9ff441742f3847ea27da9dee7f2cd`
SHA1	`c42a1eb32ba953a0ce5d8635caabf71b5b281495`
SHA256	`a9220271c0eb79e5750e0d0e62058ecac560e09cdf9e82ef61aeeabada5d48a4`
CRC32	`0BBCAB1A`
ssdeep	`96:RutuCOGCPDXBqvsqvJCwo+utuCOGCPDXBqvsEHyqvJCworSP7Hwxf2lUVul:UtvXoxtvbHnorrxQ`
Yara	Antivirus - Contains references to security software Generic_Malware_Zero - Generic Malware
VirusTotal	Search for analysis

Name	4e19f29266a3d6c1__socket.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI22802\_socket.pyd
Size	43.3KB
Processes	2280 (gupdater.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`bcc3e26a18d59d76fd6cf7cd64e9e14d`
SHA1	`b85e4e7d300dbeec942cb44e4a38f2c6314d3166`
SHA256	`4e19f29266a3d6c127e5e8de01d2c9b68bc55075dd3d6aabe22cf0de4b946a98`
CRC32	`4213DA32`
ssdeep	`768:fLQ8MABQVeC50swbKjNcoVApXo2gwl49wMvfscpZTfIPLwnFW5YiSyvhPxWEu:zTIt50swZoKp929fsiTfIPLwnFs7SyZ5`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	7e1370058177d78a_python311.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI22802\python311.dll
Size	1.6MB
Processes	2280 (gupdater.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`5792adeab1e4414e0129ce7a228eb8b8`
SHA1	`e9f022e687b6d88d20ee96d9509f82e916b9ee8c`
SHA256	`7e1370058177d78a415b7ed113cc15472974440d84267fc44cdc5729535e3967`
CRC32	`6CAB5875`
ssdeep	`24576:IzvTIooNigMzmPPExBYeZ0pqJx5F7vYNBw5K2RH9lVggq4lUTNeTVZXo3uYIPDhh:C9oNizvxB3ZAEx5ONCVwXUmeTVlv`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	a6a14c1beccbd412_libssl-1_1.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI22802\libssl-1_1.dll
Size	204.8KB
Processes	2280 (gupdater.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`8e8a145e122a593af7d6cde06d2bb89f`
SHA1	`b0e7d78bb78108d407239e9f1b376e0c8c295175`
SHA256	`a6a14c1beccbd4128763e78c3ec588f747640297ffb3cc5604a9728e8ef246b1`
CRC32	`59204BD2`
ssdeep	`3072:de9fHP8SzrOGFIXkUNNlvBK8Tg111WMEGf0+fGYahm8YNI2DglFjEW0wuDmxD:A99u/XRxpK8M111nEE0iGYzi9jd0wN`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	5bbbb4f0b4f9e532_select.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI22802\select.pyd
Size	25.8KB
Processes	2280 (gupdater.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`90fea71c9828751e36c00168b9ba4b2b`
SHA1	`15b506df7d02612e3ba49f816757ad0c141e9dc1`
SHA256	`5bbbb4f0b4f9e5329ba1d518d6e8144b1f7d83e2d7eaf6c50eef6a304d78f37d`
CRC32	`F4BB4FD3`
ssdeep	`768:UjW1JOQuL3pJbNIPQGCF5YiSyvnnPxWEuN:UjW1AnbNIPQGCL7SyvnPxa`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis