popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 873357eeca6b2391_xclient.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\XClient.exe
Size 37.5KB
Processes 2564 (XClient1.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 dedb302aba9b69536c287633fbe41f5d
SHA1 bc3878c4370e139280d1fb9cb2258d6316c05e0c
SHA256 873357eeca6b2391ccb682fa669d5177ed8afc27cf7a25ec7dfd09d4d2bf9c64
CRC32 A8C9ED8D
ssdeep 768:Dcq50224u+jTmerM6tQ6B7xTFU9k2UOMhbbj:Dcqm224P2eOg7NFU9krOM1/
Yara
  • PE_Header_Zero - PE File Signature
  • Antivirus - Contains references to security software
  • Is_DotNET_EXE - (no description)
  • IsPE32 - (no description)
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name dd7ed6bd7e548de8_xclient.lnk
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\XClient.lnk
Size 725.0B
Processes 2564 (XClient1.exe)
Type MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Fri Jun 28 21:13:02 2024, mtime=Fri Jun 28 21:13:02 2024, atime=Fri Jun 28 21:13:02 2024, length=38400, window=hide
MD5 0615616c4aef4915350f4754b9b1de1c
SHA1 2f1086e2eaedb062f5ee1734f831352ee3607432
SHA256 dd7ed6bd7e548de84971af189d40781d701140db8e75b43a85a35b73532d24f7
CRC32 765B62E0
ssdeep 12:8EnWKR4cZCrR8EvSEVFJUSLOluizCCOLAHkqEgdhN:8GYsERdrFnOlNzNqqEa
Yara
  • lnk_file_format - Microsoft Windows Shortcut File Format
  • Lnk_Format_Zero - LNK Format
VirusTotal Search for analysis