popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name f59d23fcb44d07bd_8989.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\8989.exe
Size 48.0KB
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 7d8056785948284e8f6b89004886c936
SHA1 fb954f84b2c0afffb5e788b04029563685054dee
SHA256 f59d23fcb44d07bd1cfc3852bc17b60cc4c35a21a66125953d6f5f697131a521
CRC32 0DE8374D
ssdeep 768:zynb12Aw5J6HC4kq5Jp9bjAzhyY55J+NStcEeUlyqgZl4p67ChPC:Ub1MsHz3JDwhyWr+N95OTga6R
Yara
  • Malicious_Library_Zero - Malicious_Library
  • hide_executable_file - Hide executable file
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • Generic_Malware_Zero - Generic Malware
VirusTotal Search for analysis
Name 45a684f6b92724df_20461485.dll
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\20461485.dll
Size 25.5KB
Processes 2556 (8989.exe)
Type PE32 executable (DLL) (console) Intel 80386, for MS Windows
MD5 6a7114eb7f0ab9a6406ef61947aed405
SHA1 b9b73a30867a32d84dd4586330b451fca611c90d
SHA256 45a684f6b92724df6d38f9e71b65013ca7d1c588dd5d85df5039e50d70993ff7
CRC32 FDC11725
ssdeep 384:8T9IWqIwt10zr6lXYhCRdkyurLmC2S1xJrQcWrH/RUAMO0MY0holUxHdWq4tKDES:8ht+Izr6pqRrLuS1vzWpaGZHdKYDG
Yara
  • Win_Backdoor_Farfli - gives threat-actors several options of gaining access to the affected system.
  • Malicious_Library_Zero - Malicious_Library
  • IsDLL - (no description)
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • UPX_Zero - UPX packed file
  • Generic_Malware_Zero - Generic Malware
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis