popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name d4e472879954380f_LatencyMon.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\is-3N5HN.tmp\LatencyMon.exe
Size 3.3MB
Processes 2620 (EditPro_Installer-release-.tmp)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 f6fecdf60ac591c720e28c8568580975
SHA1 291a7535f71a1f4df3717de9d952e64b96590ef9
SHA256 d4e472879954380f5fbc49e2d5be8c5dbd75d5cf8908dd77278472598c6d17af
CRC32 B515BFE0
ssdeep 49152:tBuZrEUqA+xFE4ub82x2oPaQiJzRqCevM3hBxdigsYbR55DdN7POGja:7kLz+x24PNo8JRqCaivCgsYV55lja
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • UPX_Zero - UPX packed file
  • Generic_Malware_Zero - Generic Malware
  • mzp_file_format - MZP(Delphi) file format
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name 41b6def9c77b8c2b_EditPro_Installer-release-.tmp
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\is-VS2LV.tmp\EditPro_Installer-release-.tmp
Size 2.5MB
Processes 2544 (EditPro_Installer-release-.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 e9ad4d2411579823cb0d6aff031e35f5
SHA1 404a76f97f53d69acd52c0aa41116f940e502d4b
SHA256 41b6def9c77b8c2b4442d98b46b8086441324b8ddf5d9abe1a4afaad55f34874
CRC32 38235C3E
ssdeep 49152:rR/KpmZubPf2S8W2ILeWl+C1p9jWy5Mnd0wigbL:t/jtYLP1Sy5i0
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • UPX_Zero - UPX packed file
  • Win32_Trojan_Emotet_2_Zero - Win32 Trojan Emotet
  • Generic_Malware_Zero - Generic Malware
  • mzp_file_format - MZP(Delphi) file format
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name 54e7e0ad32a22b77_idp.dll
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\is-3N5HN.tmp\idp.dll
Size 232.0KB
Processes 2620 (EditPro_Installer-release-.tmp)
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 55c310c0319260d798757557ab3bf636
SHA1 0892eb7ed31d8bb20a56c6835990749011a2d8de
SHA256 54e7e0ad32a22b775131a6288f083ed3286a9a436941377fc20f85dd9ad983ed
CRC32 E86B363C
ssdeep 3072:dnSx3lws+iWbUmJmE8dxMw7r+mjT5PbzEFwyGIyTcHY10tSB9j:IP0bUmQEUr+mRcbTx4N
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
  • IsPE32 - (no description)
  • UPX_Zero - UPX packed file
  • Generic_Malware_Zero - Generic Malware
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name 388a796580234efc__setup64.tmp
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\is-3N5HN.tmp\_isetup\_setup64.tmp
Size 6.0KB
Processes 2620 (EditPro_Installer-release-.tmp)
Type PE32+ executable (console) x86-64, for MS Windows
MD5 e4211d6d009757c078a9fac7ff4f03d4
SHA1 019cd56ba687d39d12d4b13991c9a42ea6ba03da
SHA256 388a796580234efc95f3b1c70ad4cb44bfddc7ba0f9203bf4902b9929b136f95
CRC32 2CDCC338
ssdeep 96:sfkcXegaJ/ZAYNzcld1xaX12p+gt1sONA0:sfJEVYlvxaX12C6A0
Yara
  • PE_Header_Zero - PE File Signature
  • IsPE64 - (no description)
  • UPX_Zero - UPX packed file
VirusTotal Search for analysis