popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 58575c15e6a7c56b_dctooux.job
Submit file
Filepath C:\Windows\Tasks\Dctooux.job
Size 272.0B
Processes 2060 (Vbsveuhnjb.exe)
Type VAX-order 68k Blit mpx/mux executable
MD5 8e508ddf994a015b6f8fad411b70eeba
SHA1 bb1ccb63f3c6b596b7dea71544bf542333094b0b
SHA256 58575c15e6a7c56b683a68d2757a9a55c165063f4d0b1603a971fd61b5db455d
CRC32 E2F201F4
ssdeep 6:aLXE///UEZ+lX1RalHlsk6tI4y0lDRut0:qk//Q1RalHakv4VUt0
Yara None matched
VirusTotal Search for analysis
Name 49b524dbe9797e4a_dctooux.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\eff1401c19\Dctooux.exe
Size 1.2MB
Processes 2060 (Vbsveuhnjb.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 58d5a4054fb2b552c02250a2ba355421
SHA1 cad1c48f5cff5d6bdabedaf9a3ff1961ee650a71
SHA256 49b524dbe9797e4a8905bca4b74da0f7aac977b07a5f72c66e7f3d22597a86e7
CRC32 AD1BB2F6
ssdeep 12288:Rs++Ywg32+1g2o1rn98T6w+290xp0pSkpn/Xc8HmLw7IAC1CYdbZyZL9Ch:vwf+y/1rnOeBbsvcjE4yLk
Yara
  • IsPE32 - (no description)
  • PE_Header_Zero - PE File Signature
  • hide_executable_file - Hide executable file
  • Is_DotNET_EXE - (no description)
  • Win32_Trojan_PWS_Net_1_Zero - Win32 Trojan PWS .NET Azorult
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis