popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name b50d2519ef1623f5_server.txt
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\Update\server.txt
Size 10.0B
Processes 2552 (sthealthclient.exe)
Type ASCII text, with no line terminators
MD5 920a7fe99d8e0996064ce3530e8cb3a7
SHA1 d18492962a5e4e108ffcc2ba660de71f3a883c98
SHA256 b50d2519ef1623f5ce4a162288661b67a2b876d8d9430bacc8fce3330171ce68
CRC32 6A6DBEFD
ssdeep 3:MR:MR
Yara None matched
VirusTotal Search for analysis
Name 229c201de7a746e6_sthealthupdate.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\STHealthUpdate.exe
Size 237.5KB
Processes 2552 (sthealthclient.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 341a6645505c8eaf54ec83738067d0c8
SHA1 ee06b6c55d3671090bcf1f5d711d3fa3aadc98cb
SHA256 229c201de7a746e65acb6552198aba51fa153619cb4f29de0af15cb3f2e1f7d0
CRC32 4CCDFA9D
ssdeep 6144:GDKW1Lgbdl0TBBvjc/n9dNAC6dM3KoUG808Z:gh1Lk70TnvjcTmC6sdR80K
Yara
  • Malicious_Library_Zero - Malicious_Library
  • MALWARE_Win_VT_RedLine - Detects RedLine infostealer
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • UPX_Zero - UPX packed file
  • UltraVNC_Zero - UltraVNC
  • Generic_Malware_Zero - Generic Malware
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis