popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 403c9330cc0ed078_federalprojections.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\IXP000.TMP\federalprojections.exe
Size 2.2MB
Processes 300 (ClamAV-0.103.4.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 1c005475012c4d6ac7faa83056e4b719
SHA1 8ac6411e1683b108df1707b448f2c2a421583c38
SHA256 403c9330cc0ed0785a55911471983f66c16cc6ebb55e0f5fcefadac8aa1c68d9
CRC32 57BF86DE
ssdeep 49152:lIRNt/NayWaXSybsv++v1ZATe87iCQDgOgI9WowZafDS7zlf:atQyW7/H2e8IZgI9YZ0Stf
Yara
  • IsPE32 - (no description)
  • PE_Header_Zero - PE File Signature
  • hide_executable_file - Hide executable file
  • Is_DotNET_EXE - (no description)
  • Win32_Trojan_PWS_Net_1_Zero - Win32 Trojan PWS .NET Azorult
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis