popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 83c47eeb2aa2f34d_ghnmsver.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\gHnmsver.exe
Size 6.3MB
Processes 184 (msver.exe)
Type PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
MD5 962169b656fd8fc40a7cc41499100442
SHA1 05af939a5897461f057f30fb1741edccb83a6691
SHA256 83c47eeb2aa2f34d3c66d8c07ee8a0db06e102a9ab2160043841444c16257591
CRC32 1EEF81EF
ssdeep 49152:I8MlY/PjEfY0ZBQA/3y/iRa8HXrdat0luPa6PfuAlUJE1wovH8q0urQvPD0YG1GQ:VB/PjEfTZBJWi0kdaFi6P2AQuMHxnM
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • Malicious_Packer_Zero - Malicious Packer
  • IsPE64 - (no description)
  • anti_vm_detect - Possibly employs anti-virtualization techniques
  • UPX_Zero - UPX packed file
  • Generic_Malware_Zero - Generic Malware
VirusTotal Search for analysis