popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name e873bf36afb816fe_ohblj.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\oHblj.exe
Size 273.0KB
Processes 1572 (wscript.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 bd4c3aad713bf19720df8e77722db408
SHA1 ca5231ccc86e83e3fbc1868ffe47dd8cad9ff9c2
SHA256 e873bf36afb816fe7e61322305c648ce6d17cbe68a7300e2c337aa1440897332
CRC32 4131CF73
ssdeep 3072:1KwTRAWaKMD7C/Mh7TyZWXuDjj0Q/5908bhhYWD1z/bfUM8js0VsZYTVgUiCbbY:fDrbbZbVEb
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • Malicious_Packer_Zero - Malicious Packer
  • Is_DotNET_EXE - (no description)
  • IsPE32 - (no description)
  • Win32_Trojan_PWS_Net_1_Zero - Win32 Trojan PWS .NET Azorult
  • UPX_Zero - UPX packed file
VirusTotal Search for analysis