popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 400e4a5e0e1d3243_server.txt
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\Update\server.txt
Size 12.0B
Processes 2568 (STHealthClient.exe)
Type ASCII text, with no line terminators
MD5 67d2cd3c90b556213462666f92c17f06
SHA1 160b61ef0bbb7d022dec1ceb02d3dc10044a94b9
SHA256 400e4a5e0e1d32437451ba59b4ef46ddc19b8c49b85b73c7b1efc60d7e193c02
CRC32 9B3899EC
ssdeep 3:MjQ:MjQ
Yara None matched
VirusTotal Search for analysis
Name 229c201de7a746e6_sthealthupdate.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\STHealthUpdate.exe
Size 237.5KB
Processes 2568 (STHealthClient.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 341a6645505c8eaf54ec83738067d0c8
SHA1 ee06b6c55d3671090bcf1f5d711d3fa3aadc98cb
SHA256 229c201de7a746e65acb6552198aba51fa153619cb4f29de0af15cb3f2e1f7d0
CRC32 4CCDFA9D
ssdeep 6144:GDKW1Lgbdl0TBBvjc/n9dNAC6dM3KoUG808Z:gh1Lk70TnvjcTmC6sdR80K
Yara
  • Malicious_Library_Zero - Malicious_Library
  • MALWARE_Win_VT_RedLine - Detects RedLine infostealer
  • UltraVNC_Zero - UltraVNC
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • UPX_Zero - UPX packed file
  • Generic_Malware_Zero - Generic Malware
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis