popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 08d6be84d8a701e5_setup.msi
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\ScreenConnect\e6cb77284cf765aa\setup.msi
Size 12.7MB
Processes 1280 (Statement.exe)
Type Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, MSI Installer, Code page: 1252, Title: Installation Database, Subject: Default, Author: ScreenConnect Software, Keywords: Default, Comments: Default, Template: Intel;1033, Revision Number: {CE458FC6-8C82-1D7A-0E8D-CF9029603765}, Create Time/Date: Tue Aug 13 22:22:20 2024, Last Saved Time/Date: Tue Aug 13 22:22:20 2024, Number of Pages: 200, Number of Words: 2, Name of Creating Application: Windows Installer XML Toolset (3.11.0.1701), Security: 2
MD5 04ecfd2a8fbd57dcf49e26757585d554
SHA1 fc770fe0b4fa255015f613804aa58a40697b581a
SHA256 08d6be84d8a701e52a40c6aa4bc12ea8827df18768968c4fbd36007c49a7bf18
CRC32 921E7198
ssdeep 196608:S53JLR3LGMLiW35/53JLR3LGMLc53JLR3LGMLC53JLR3LGMLw53JLR3LGMLr53Ju:mTiuVTMTWTwTxTZTG
Yara
  • Malicious_Library_Zero - Malicious_Library
  • Microsoft_Office_File_Zero - Microsoft Office File
  • CAB_file_format - CAB archive file
  • Generic_Malware_Zero - Generic Malware
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name 4bb0e9b5c70e3cae_MSIC733.tmp
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\MSIC733.tmp
Size 1.0MB
Processes 2080 (msiexec.exe)
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, InstallShield self-extracting archive
MD5 30ca21632f98d354a940903214ae4de1
SHA1 6c59a3a65fb8e7d4ad96a3e8d90e72b02091d3f4
SHA256 4bb0e9b5c70e3caeb955397a4a3b228c0ea5836729202b8d4ba1be531b60dafc
CRC32 CCAF6D5D
ssdeep 24576:4UUGG/qSDceVjLHGeRdtRiypAxiK7cl72km/4aoczU:bG/XcW32gqkAfosU
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
  • CAB_file_format - CAB archive file
  • IsPE32 - (no description)
  • Generic_Malware_Zero - Generic Malware
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis