popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 36b9e2e48e5f7ab4_go-memexec-2265040774.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\go-memexec-2265040774.exe
Size 273.5KB
Processes 1532 (updates.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 8d832a17a7134571f228bc0da586a541
SHA1 274f83a8874d16ff937d3e8c231bcf4916d18fe8
SHA256 36b9e2e48e5f7ab4543df7f80d299bb72e65c5f343d8bb1d8bff39764a829c8f
CRC32 9416949A
ssdeep 6144:ebhnot4+sbOAtbkfHLDiT6OzR8Q0l+/NyqRKbhoXqqD8XAm8B:elnot4+UwLDiT6OzR8llAgqtB
Yara
  • Malicious_Library_Zero - Malicious_Library
  • IsPE32 - (no description)
  • infoStealer_browser_b_Zero - browser info stealer
  • PE_Header_Zero - PE File Signature
  • NetWire_RAT_Zero - NetWire RAT
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name dd6df05832c8ca1c_testlink.lnk
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TestLink.lnk
Size 1.0KB
Processes 2156 (go-memexec-2265040774.exe)
Type MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Read-Only, Archive, ctime=Sat Nov 25 19:32:21 2023, mtime=Sat Nov 25 19:32:21 2023, atime=Sat Nov 25 19:32:21 2023, length=280064, window=hide
MD5 5331858ab0ff5bbcdf525d50fc4e1bae
SHA1 7bbb525a42480a52f4218a7fc9fc3882e6278508
SHA256 dd6df05832c8ca1cd119ba9da0b9312140c072ef897a0459ce7d60a6f8efb2fe
CRC32 B06DE8A2
ssdeep 24:8rsERddERywSvcn9nuzNRDIhIL9n/6PyB:8rs1RKUn9nupRmIL9nqyB
Yara
  • lnk_file_format - Microsoft Windows Shortcut File Format
  • Lnk_Format_Zero - LNK Format
VirusTotal Search for analysis