popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name ab0ca1d93238d0ef_iizs2trqf69azblax3cf3edn.exe
Submit file
Filepath C:\ProgramData\IIZS2TRqf69aZbLAX3cf3edn.exe
Size 660.0KB
Processes 2552 (stub.exe)
Type PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
MD5 8083fed730e151bf47528621db8e7ff8
SHA1 4ab5e2eb5c6326fd68704cdc5a4f719d332f51a6
SHA256 ab0ca1d93238d0efc02a41a7b311efe3fc07c042f22d0608d33ea5313a667e55
CRC32 4A4386F0
ssdeep 12288:nQZ3hb7F0Rz5oquPojKv3rLMmVIhF2nde4S9MQfh0/Al2B4KtFejEqhPBBl0:G8zOFPOKzLM0k4dQf2B1E4q5Bs
Yara
  • PE_Header_Zero - PE File Signature
  • IsPE64 - (no description)
VirusTotal Search for analysis
Name 6b59309ab12f1859_fraqbc8wsa1xvpfvjcrgrywt.exe
Submit file
Filepath C:\ProgramData\FRaqbC8wSA1XvpFVjCRGryWt.exe
Size 94.0KB
Processes 2552 (stub.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 db5717fd494495eea3c8f7d4ab29d6b0
SHA1 39ba82340121d9b08e9cf3d4ba6dfcb12eb6c559
SHA256 6b59309ab12f1859a94fb2ce1c98639b2a538e6e098ffac127e45c29733bd993
CRC32 389C82B7
ssdeep 1536:1z8H8uTSHKoKlDeE0C3shB1ueVby8EXEFA4Xib6TWcgMfAOISZsw61EmS:+c/q/l6EP3mvuwby8EXuhX6cgXOI0stE
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • Antivirus - Contains references to security software
  • Is_DotNET_EXE - (no description)
  • IsPE32 - (no description)
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis