Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
11.05 04:11
VST32License.exe
11.05 03:11
VST32License.exe
11.03 01:11
DocTromTinNhan.exe
11.01 06:11
MPDW-constraints.vbs
11.01 06:11
87f3f2.exe
11.01 06:11
Client-built.exe
11.01 06:11
norm.exe
11.01 06:11
chrome_131.exe
11.01 06:11
kjrhjijawdkrjhh.exe
11.01 09:11
Calibre_Installer.exe

Latest News
11.05 01:11
메가존클라우드-파이오링크, 클라우드 보안...
11.05 01:11
프로페셔널 헤어케어 브랜드 레삐, ‘20...
11.05 01:11
Chinese Group Accused ...
11.05 01:11
25년 정보보호 전자공시시스템 고도화 및...
11.05 01:11
KISA, 민원 응대 보호시스템 전사 확대
11.05 01:11
아늑샵, 2024년 4분기 '한국소비자인...
11.05 01:11
크라운슬립, 프리미엄 구스 이불 론칭 기...
11.05 01:11
Google Warns of Active...
11.05 12:11
안랩, 2024년 3분기 매출 685억,...
11.05 12:11
Southeast Asia’s Digit...

Dropped Files | ZeroBOX

Name	b622d9dc3d67f879_glassvc3264.exe Submit file
Filepath	c:\users\test22\appdata\local\glass video converter\glassvc3264.exe
Size	2.6MB
Processes	288 (is-ECELE.tmp)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`4267ff028b228ceb6d79557816acd0ae`
SHA1	`0f84a84ba0dd71beb37413ce41055dcf8514d21e`
SHA256	`b622d9dc3d67f879f630e325fd855c8f335c8eeac0be250cd6e13735bddd3d3a`
CRC32	`EC4294E3`
ssdeep	`24576:nTxdi9YCzefWKKHI3KhmlXPr46Y6cvtCXjQ4S+TpK60hTSx4/OWsPJc2my6IA7Ks:n1BgRME6YxS5STMWVGa/Bv+J/UDuZWt`
Yara	Malicious_Library_Zero - Malicious_Library Admin_Tool_IN_Zero - Admin Tool Sysinternals PE_Header_Zero - PE File Signature IsPE32 - (no description) Generic_Malware_Zero - Generic Malware UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	18cbd64e56ce58ce_libglibmm-2.4-1.dll Submit file
Filepath	c:\users\test22\appdata\local\glass video converter\libglibmm-2.4-1.dll
Size	452.3KB
Processes	288 (is-ECELE.tmp)
Type	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
MD5	`d9d9c79e35945fca3f9d9a49378226e7`
SHA1	`4544a47d5b9765e5717273aaff62724df643f8f6`
SHA256	`18cbd64e56ce58ce7d1f67653752f711b30ad8c4a2dc4b0de88273785c937246`
CRC32	`1942F127`
ssdeep	`12288:qyoSS9Gy176UixTUTfeKEVfA/K4FW0BGXOjY:pS93176nxTUTEA/Kuk`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE32 - (no description)
VirusTotal	Search for analysis

Name	11074a6fb8f9f137_libgdkmm-2.4-1.dll Submit file
Filepath	c:\users\test22\appdata\local\glass video converter\libgdkmm-2.4-1.dll
Size	262.1KB
Processes	288 (is-ECELE.tmp)
Type	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
MD5	`c4c23388109d8a9cc2b87d984a1f09b8`
SHA1	`74c9d9f5588afe721d2a231f27b5415b4def8ba6`
SHA256	`11074a6fb8f9f137401025544121f4c3fb69ac46cc412469ca377d681d454db3`
CRC32	`58E807EE`
ssdeep	`3072:yL8lD0bVAYhILCN0z+tUbO01CDXQ6yw+RseNYWFZvc/NNap:1Uy+tUbO01CDXQ6ywcYWFZvCNNap`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE32 - (no description)
VirusTotal	Search for analysis

Name	e9652ab77a0956c5_libgomp-1.dll Submit file
Filepath	c:\users\test22\appdata\local\glass video converter\libgomp-1.dll
Size	170.5KB
Processes	288 (is-ECELE.tmp)
Type	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
MD5	`65d8cb2733295758e5328e5a3e1aff15`
SHA1	`f2378928bb9ccfba566ec574e501f6a82a833143`
SHA256	`e9652ab77a0956c5195970af39778cfc645fc5af22b95eed6d197dc998268642`
CRC32	`DD13732C`
ssdeep	`3072:F4yjzZ0q/RZ1vAjhByeVjxSTi7p2trtfKomZr8jPnJe0rkUlRGptdKH69T5GNg9v:FjjE0PCn3baPXuD7`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE32 - (no description)
VirusTotal	Search for analysis

Name	afb9779c4d24d0ce_libgdk_pixbuf-2.0-0.dll Submit file
Filepath	c:\users\test22\appdata\local\glass video converter\libgdk_pixbuf-2.0-0.dll
Size	177.3KB
Processes	288 (is-ECELE.tmp)
Type	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
MD5	`0d0d311d1837705b1eafbc5a85a695bd`
SHA1	`aa7fa3eb181cc5e5b0aa240892156a1646b45184`
SHA256	`afb9779c4d24d0ce660272533b70d2b56704f8c39f63dab0592c203d8ae74673`
CRC32	`4D2D4D42`
ssdeep	`3072:jJoxZgqj/2VkWePT1lempKE7PQrXGx6duqPhyxO+jOfMjHyv:jef/2eH72mprIs6VyfOfMY`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) Win32_Trojan_Gen_1_0904B0_Zero - Win32 Trojan Emotet IsPE32 - (no description)
VirusTotal	Search for analysis

Name	fc3c82fab6c91084_libgobject-2.0-0.dll Submit file
Filepath	c:\users\test22\appdata\local\glass video converter\libgobject-2.0-0.dll
Size	329.3KB
Processes	288 (is-ECELE.tmp)
Type	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
MD5	`51d62c9c7d56f2ef2f0f628b8fc249ad`
SHA1	`33602785de6d273f0ce7ca65fe8375e91ef1c0bc`
SHA256	`fc3c82fab6c91084c6b79c9a92c08dd6fa0659473756962efd6d8f8418b0dd50`
CRC32	`82ED2BC6`
ssdeep	`3072:TQkk4LTVKDKajZjp8aEEHeEkls4q5dRIFSqObK/q+P82JSccgSGDGxQXKHlTmn93:3kwpKlf1QNSqOb6q+PRJb6GDGmKH893`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) Win32_Trojan_Gen_1_0904B0_Zero - Win32 Trojan Emotet IsPE32 - (no description)
VirusTotal	Search for analysis

Name	fd574da66b7ccae6_libgraphite2.dll Submit file
Filepath	c:\users\test22\appdata\local\glass video converter\libgraphite2.dll
Size	229.5KB
Processes	288 (is-ECELE.tmp)
Type	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
MD5	`e1d0acd1243f9e59491dc115f4e379a4`
SHA1	`5e9010cfa8d75defbdc3fb760eb4229acf66633b`
SHA256	`fd574da66b7ccae6f4df31d5e2a2c7f9c5dae6ae9a8e5e7d2ca2056ab29a8c4f`
CRC32	`36C28E71`
ssdeep	`6144:fWa7MVS9CtXk4wP0filbZ5546Qx/cwx/svQbKDazN1x:3MVTtXlwP0f0rK6QxEYz`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE32 - (no description)
VirusTotal	Search for analysis

Name	7d4546773cfcc26f_librsvg-2-2.dll Submit file
Filepath	c:\users\test22\appdata\local\glass video converter\librsvg-2-2.dll
Size	242.9KB
Processes	288 (is-ECELE.tmp)
Type	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
MD5	`39a15291b9a87aee42fbc46ec1fe35d6`
SHA1	`aadf88bbb156ad3cb1a2122a3d6dc017a7d577c1`
SHA256	`7d4546773cfcc26fec8149f6a6603976834dc06024eeac749e46b1a08c1d2cf4`
CRC32	`C37C6537`
ssdeep	`6144:MUijoruDtud8kVtHvBcEcEJAbNkhJIXM3rhv:Cy8kTHvBcE1kI3rhv`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE32 - (no description)
VirusTotal	Search for analysis

Name	213b6addab856feb_libwinpthread-1.dll Submit file
Filepath	c:\users\test22\appdata\local\glass video converter\libwinpthread-1.dll
Size	63.7KB
Processes	288 (is-ECELE.tmp)
Type	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
MD5	`98a49cc8ae2d608c6e377e95833c569b`
SHA1	`ba001d8595ac846d9736a8a7d9161828615c135a`
SHA256	`213b6addab856feb85df1a22a75cdb9c010b2e3656322e1319d0def3e406531c`
CRC32	`64B617DB`
ssdeep	`768:1JrcDWlFkbBRAFqDnlLKgprfElH0hiGoeLXRcW/VB6dkhxLemE5ZHvIim3YWATMk:XrTk3iqzlLKgp6H38B6u0Uim3Y15P`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE32 - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	9ba147d15c8d72a9_libsigc-2.0-0.dll Submit file
Filepath	c:\users\test22\appdata\local\glass video converter\libsigc-2.0-0.dll
Size	30.3KB
Processes	288 (is-ECELE.tmp)
Type	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
MD5	`3c033f35fe26bc711c4d68eb7cf0066d`
SHA1	`83f1aed76e6f847f6831a1a1c00fedc50f909b81`
SHA256	`9ba147d15c8d72a99bc639ae173cff2d22574177242a7e6fe2e9bb09cc3d5982`
CRC32	`CE815F8F`
ssdeep	`768:SrCNSOFBZVDIxxDsIpx0uZjaYNdJSH6J6:SrCyx0maYNdh6`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE32 - (no description)
VirusTotal	Search for analysis

Name	25252b18ce0d80b3_liblcms2-2.dll Submit file
Filepath	c:\users\test22\appdata\local\glass video converter\liblcms2-2.dll
Size	388.5KB
Processes	288 (is-ECELE.tmp)
Type	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
MD5	`e0747d2e573e0a05a7421c5d9b9d63cc`
SHA1	`c45fc383f9400f8bbe0ca8e6a7693aa0831c1da7`
SHA256	`25252b18ce0d80b360a6de95c8b31e32efd8034199f65bf01e3612bd94abc63e`
CRC32	`AABC50F3`
ssdeep	`6144:q6WhfTNgMVVPwCxpk76CcIAg8TQfn9l1bBE3A97vupNBXH:q60TvSGpk7eIAg489l1S3A97vkVH`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE32 - (no description)
VirusTotal	Search for analysis

Name	a397c9c2b5cac7d0_libpixman-1-0.dll Submit file
Filepath	c:\users\test22\appdata\local\glass video converter\libpixman-1-0.dll
Size	689.6KB
Processes	288 (is-ECELE.tmp)
Type	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
MD5	`3a8a13f0215cda541ec58f7c80ed4782`
SHA1	`085c3d5f62227319446dd61082919f6be1efd162`
SHA256	`a397c9c2b5cac7d08a2ca720fed9f99ece72078114ffc86df5dbc2b53d5fa1ad`
CRC32	`5697274F`
ssdeep	`12288:8TCY9iAO+e+693qCfG0l2KDIq4N1i9aqi+:8piAO+e+69ne02KDINN1MaZ+`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE32 - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	e06c828e14262ebb_libgcc_s_dw2-1.dll Submit file
Filepath	c:\users\test22\appdata\local\glass video converter\libgcc_s_dw2-1.dll
Size	118.7KB
Processes	288 (is-ECELE.tmp)
Type	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
MD5	`6ce25fb0302f133cc244889c360a6541`
SHA1	`352892dd270135af5a79322c3b08f46298b6e79c`
SHA256	`e06c828e14262ebbe147fc172332d0054502b295b0236d88ab0db43326a589f3`
CRC32	`4C37ECE7`
ssdeep	`1536:9v6EzEhAArrzEYz8V2clMs4v6C7382gYbByUDM6H0ZulNDnt8zXxgf:9T8AArrzDylMs5C738FYbpH0Ent8zBgf`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE32 - (no description)
VirusTotal	Search for analysis

Name	06294f19ca2f7460_libgmodule-2.0-0.dll Submit file
Filepath	c:\users\test22\appdata\local\glass video converter\libgmodule-2.0-0.dll
Size	25.9KB
Processes	288 (is-ECELE.tmp)
Type	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
MD5	`e9c7068b3a10c09a283259aa1b5d86f2`
SHA1	`3ffe48b88f707aa0c947382fbf82bee6ef7abb78`
SHA256	`06294f19ca2f7460c546d4d0d7b290b238c4959223b63137bb6a1e2255eda74f`
CRC32	`07AC3D89`
ssdeep	`768:EaiL7abI5n6MnFUKs7qfSWWmJZLfw2tnPrPkV:4XabI5n5niKsOwmnU`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) Win32_Trojan_Gen_1_0904B0_Zero - Win32 Trojan Emotet IsPE32 - (no description)
VirusTotal	Search for analysis

Name	7e555192331655b0_libpangomm-1.4-1.dll Submit file
Filepath	c:\users\test22\appdata\local\glass video converter\libpangomm-1.4-1.dll
Size	161.9KB
Processes	288 (is-ECELE.tmp)
Type	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
MD5	`e2f18b37bc3d02cde2e5c15d93e38418`
SHA1	`1a6c58f4a50269d3db8c86d94b508a1919841279`
SHA256	`7e555192331655b04d18f40e8f19805670d56fc645b9c269b9f10bf45a320c97`
CRC32	`0826BE3B`
ssdeep	`3072:wqozCom32MhGf+cPlDQ6jGQGExqLsGXnru+5FMCp:wqxo4LGlDQ6yQGsqLsGXruSFMCp`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE32 - (no description)
VirusTotal	Search for analysis

Name	0bae9700e29e4e7c_libpangoft2-1.0-0.dll Submit file
Filepath	c:\users\test22\appdata\local\glass video converter\libpangoft2-1.0-0.dll
Size	89.9KB
Processes	288 (is-ECELE.tmp)
Type	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
MD5	`cc7dad980dd04e0387795741d809cbf7`
SHA1	`a49178a17b1c72ad71558606647f5011e0aa444b`
SHA256	`0bae9700e29e4e7c532996adf6cd9ade818f8287c455e16cf2998bb0d02c054b`
CRC32	`1F37029E`
ssdeep	`1536:+j80nVGEhJyBnvQXUDkUPoWCSgZosDGMsZLXWU9+HN4yoRtJJ:C8IgtyUDkBWIZosDGDBXWPHN4yoRtJJ`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) Win32_Trojan_Gen_1_0904B0_Zero - Win32 Trojan Emotet IsPE32 - (no description)
VirusTotal	Search for analysis

Name	0a6c41612400c340__setup64.tmp Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\is-UAHMT.tmp\_isetup\_setup64.tmp
Size	4.5KB
Processes	288 (is-ECELE.tmp)
Type	PE32+ executable (console) x86-64, for MS Windows
MD5	`42bf074b99a445614bd19c6e5724a01a`
SHA1	`a07123adbe7fa8bbd4a001332dc08aa6d3b5aec0`
SHA256	`0a6c41612400c3400466a0583dbb0e6c9bd310393704807e4f9617aa53abded6`
CRC32	`DE4308D6`
ssdeep	`48:68tbXKoGQ6oNrP/MXebrvrMTtFcEBO3K8/wzTqkO3KExygKBDM3f8:PX6Xe/DMTtWE0/wz5sxyblMv8`
Yara	PE_Header_Zero - PE File Signature IsPE64 - (no description) DllRegisterServer_Zero - execute regsvr32.exe
VirusTotal	Search for analysis

Name	9884e9d1b4f8a873__shfoldr.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\is-UAHMT.tmp\_isetup\_shfoldr.dll
Size	22.8KB
Processes	288 (is-ECELE.tmp)
Type	PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows
MD5	`92dc6ef532fbb4a5c3201469a5b5eb63`
SHA1	`3e89ff837147c16b4e41c30d6c796374e0b8e62c`
SHA256	`9884e9d1b4f8a873ccbd81f8ad0ae257776d2348d027d811a56475e028360d87`
CRC32	`AE2C3EC2`
ssdeep	`384:+Vm08QoKkiWZ76UJuP71W55iWHHoSHigH2euwsHTGHVb+VHHmnH+aHjHqLHxmoq1:2m08QotiCjJuPGw4`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE32 - (no description)
VirusTotal	Search for analysis

Name	c75587d54630b84d_libharfbuzz-0.dll Submit file
Filepath	c:\users\test22\appdata\local\glass video converter\libharfbuzz-0.dll
Size	431.6KB
Processes	288 (is-ECELE.tmp)
Type	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
MD5	`6cd78c8add1cfc7cbb85e2b971fcc764`
SHA1	`5ba22c943f0337d2a408b7e2569e7bf53ff51cc5`
SHA256	`c75587d54630b84dd1ca37514a77d9d03fce622aea89b6818ae8a4164f9f9c73`
CRC32	`DBA8C0D9`
ssdeep	`6144:KOjlUsee63NlC1NiiA0XcQj0S5XTJAmLYWB6EYWOsIEvCmiu:DRGNq0wdAmcWBGsIEviu`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE32 - (no description)
VirusTotal	Search for analysis

Name	a446f09626ce7ce6_libintl-8.dll Submit file
Filepath	c:\users\test22\appdata\local\glass video converter\libintl-8.dll
Size	137.5KB
Processes	288 (is-ECELE.tmp)
Type	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
MD5	`a8f646eb087f06f5aebc2539eb14c14d`
SHA1	`4b1fbab6c3022c3790bc0bd0dd2d9f3ba8ff1759`
SHA256	`a446f09626ce7ce63781f5864fdd6064c25d9a867a0a1a07dcecb4d5044b1c2b`
CRC32	`6AAB8FB3`
ssdeep	`3072:Uw0ucwd0gZ36KErK+i+35KwO/hVQN6ulXazERIdF+aP2je8g5og96:ZlcWpErK+i9zEQF+aPKZo6`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE32 - (no description)
VirusTotal	Search for analysis

Name	707dee17e943d474_libpcre-1.dll Submit file
Filepath	c:\users\test22\appdata\local\glass video converter\libpcre-1.dll
Size	284.4KB
Processes	288 (is-ECELE.tmp)
Type	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
MD5	`2d8a0bc588118aa2a63eed7bf6dfc8c5`
SHA1	`7fb318dc21768cd62c0614d7ad773ccfb7d6c893`
SHA256	`707dee17e943d474fbe24ef5843a9a37e923e149716cad0e2693a0cc8466f76e`
CRC32	`C6B10D29`
ssdeep	`6144:dg6RpdbWJbnZ9zwvNOmdcm0sn+g2eqZq6eadTD8:UJ99zwvNOmdcm0s+g1qZQadTD8`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE32 - (no description)
VirusTotal	Search for analysis

Name	17db74c713e0c12d__RegDLL.tmp Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\is-UAHMT.tmp\_isetup\_RegDLL.tmp
Size	2.0KB
Processes	288 (is-ECELE.tmp)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`054eed91b90c8066725331381c056a0b`
SHA1	`1a6ed65573f5f2e0664f32518b43b8b8cd7e14e0`
SHA256	`17db74c713e0c12df74245243e7a63e75815e4f4d6fd9feca2d4d38041dd6ef0`
CRC32	`51B79768`
ssdeep	`48:iBUZnkv1z1iyDuivJlEt/QJSquEMx5BC:+SIz1BqivJA/QMx5`
Yara	PE_Header_Zero - PE File Signature DllRegisterServer_Zero - execute regsvr32.exe IsPE32 - (no description)
VirusTotal	Search for analysis

Name	6850e211d09e850e_libpangocairo-1.0-0.dll Submit file
Filepath	c:\users\test22\appdata\local\glass video converter\libpangocairo-1.0-0.dll
Size	63.2KB
Processes	288 (is-ECELE.tmp)
Type	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
MD5	`7af455adea234dea33b2a65b715bf683`
SHA1	`f9311cb03dcf50657d160d89c66998b9bb1f40ba`
SHA256	`6850e211d09e850ee2510f6eab48d16e0458bce35916b6d2d4eb925670465778`
CRC32	`A20852B0`
ssdeep	`768:U84Oo2LbVtfNsqnYPL7cZ690d+yCG7QiZggD0Spo3YfklbTRPmK0Lz:Uf2LbVtfDGLr2xk4DU3YfkhTRuKW`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) Win32_Trojan_Gen_1_0904B0_Zero - Win32 Trojan Emotet IsPE32 - (no description)
VirusTotal	Search for analysis

Name	e8e2467121978653_libtiff-5.dll Submit file
Filepath	c:\users\test22\appdata\local\glass video converter\libtiff-5.dll
Size	438.0KB
Processes	288 (is-ECELE.tmp)
Type	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
MD5	`908111f583b7019d2ed3492435e5092d`
SHA1	`8177c5e3b4d5cc1c65108e095d07e0389164da76`
SHA256	`e8e2467121978653f9b6c69d7637d8be1d0ac6a4028b672a9b937021ad47603c`
CRC32	`0B3F146A`
ssdeep	`12288:TC5WwqtP7JRSIOKxQg2FgggggggTggZgoggggggggggggggggggnggDggD7d:TC5WltP7JRSIOKxmeR`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE32 - (no description)
VirusTotal	Search for analysis

Name	0ac1c17271d86289_libpangowin32-1.0-0.dll Submit file
Filepath	c:\users\test22\appdata\local\glass video converter\libpangowin32-1.0-0.dll
Size	99.2KB
Processes	288 (is-ECELE.tmp)
Type	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
MD5	`e13fcd8fb16e483e4de47a036687d904`
SHA1	`a54f56ba6253d4decaae3de8e8ac7607fd5f0af4`
SHA256	`0ac1c17271d862899b89b52faa13fc4848db88864cae2bf4dc7fb81c5a9a49bf`
CRC32	`B8F63AED`
ssdeep	`1536:nrYjG+7rjCKdiZ4axdj+nrlv3ecaQZ93yQNMRP2Ea5JPTxi0C9A046QET:M9eKdiBxUnfb3yZROEYJPTxib9A5ET`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) Win32_Trojan_Gen_1_0904B0_Zero - Win32 Trojan Emotet IsPE32 - (no description)
VirusTotal	Search for analysis

Name	d2d7d9821263f8c1_libgdk-win32-2.0-0.dll Submit file
Filepath	c:\users\test22\appdata\local\glass video converter\libgdk-win32-2.0-0.dll
Size	795.0KB
Processes	288 (is-ECELE.tmp)
Type	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
MD5	`5b1eb4b36f189362def93bf3e37354cc`
SHA1	`8c0a4992a6180d0256abf669dfdee228f03300ba`
SHA256	`d2d7d9821263f8c126c6d8758fff0c88f2f86e7e69bfcc28e7efabc1332eefd7`
CRC32	`FE807EEC`
ssdeep	`24576:ZEygs0MDl9NALk12XBoO/j+QDr4TARkKtff8WvLCC2:vKMDl9aGO+/TAR5tff8og`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsDLL - (no description) Win32_Trojan_Gen_1_0904B0_Zero - Win32 Trojan Emotet IsPE32 - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	2f6294f9aa09f59a__iscrypt.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\is-UAHMT.tmp\_isetup\_iscrypt.dll
Size	2.5KB
Processes	288 (is-ECELE.tmp)
Type	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5	`a69559718ab506675e907fe49deb71e9`
SHA1	`bc8f404ffdb1960b50c12ff9413c893b56f2e36f`
SHA256	`2f6294f9aa09f59a574b5dcd33be54e16b39377984f3d5658cda44950fa0f8fc`
CRC32	`FB05FA3A`
ssdeep	`24:e1GSgDIX566lIB6SXvVmMPUjvhBrDsqZ:SgDKRlVImgUNBsG`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE32 - (no description)
VirusTotal	Search for analysis

Name	4a7ad2198baacc14_zlib1.dll Submit file
Filepath	c:\users\test22\appdata\local\glass video converter\zlib1.dll
Size	96.3KB
Processes	288 (is-ECELE.tmp)
Type	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
MD5	`70ca53e8b46464ccf956d157501d367a`
SHA1	`ae0356fae59d9c2042270e157ea0d311a831c86a`
SHA256	`4a7ad2198baacc14ea2ffd803f560f20aad59c3688a1f8af2c8375a0d6cc9cfe`
CRC32	`5173A96E`
ssdeep	`1536:HDuZqv5WNPuWOD+QZ7OWN4oOlatKZ2XGnToIfQIOEIOGxpdo4VoWsj:r9P6WN4wyTBfGqGxpdo4VoB`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE32 - (no description)
VirusTotal	Search for analysis

Name	f5bc251e51206592_libpng16-16.dll Submit file
Filepath	c:\users\test22\appdata\local\glass video converter\libpng16-16.dll
Size	243.0KB
Processes	288 (is-ECELE.tmp)
Type	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
MD5	`c4002f9e4234dfb5dbe64c8d2c9c2f09`
SHA1	`5c1dcce276fdf06e6aa1f6ad4d4b49743961d62d`
SHA256	`f5bc251e51206592b56c3bd1bc4c030e2a98240684263fa766403ea687b1f664`
CRC32	`69BE0EBC`
ssdeep	`3072:oW4uzRci3pB4FvOhUHN1Dmfk46sR6/9+B7Bt9Z42fTSCi3QUqbQrPeL8rFErGfju:n4uB4FvHNElE9+B7Bj6GTSCiZPNVS`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE32 - (no description)
VirusTotal	Search for analysis

Name	61120e17f1eab860_unins000.exe Submit file
Filepath	c:\users\test22\appdata\local\glass video converter\uninstall\unins000.exe
Size	658.3KB
Processes	288 (is-ECELE.tmp)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`8745c2d28b8cec98db1ba7c9fda9b4d4`
SHA1	`d49cb699b8a2511f2099ccf1f05d1b8dac069290`
SHA256	`61120e17f1eab860e5f7ad877c3be4db7c264fc6d359c8c629c89ced772a5d35`
CRC32	`1AE9848E`
ssdeep	`12288:OeuHnWgyrgVu4rPy37WzH0A6uaF4JNK3NFRvYAajlxpV:nuHcrgVxrPy37WzH0A6uwkNKRKlxpV`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature ConfuserEx_Zero - Confuser .NET DllRegisterServer_Zero - execute regsvr32.exe Win32_Trojan_Gen_1_0904B0_Zero - Win32 Trojan Emotet Win32_Trojan_Emotet_2_Zero - Win32 Trojan Emotet IsPE32 - (no description) UPX_Zero - UPX packed file mzp_file_format - MZP(Delphi) file format OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	b1ec758b6edd3e5b_liblzma-5.dll Submit file
Filepath	c:\users\test22\appdata\local\glass video converter\liblzma-5.dll
Size	167.8KB
Processes	288 (is-ECELE.tmp)
Type	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
MD5	`236a679ab1b16e66625afba86a4669eb`
SHA1	`73ae354886ab2609ffa83429e74d8d9f34bd45f2`
SHA256	`b1ec758b6edd3e5b771938f1febac23026e6da2c888321032d404805e2b05500`
CRC32	`64C3DEBB`
ssdeep	`3072:LrhG5+L/AcY680k2SxVqetJP5Im+A9mNoWqlM5ywwoS:LV6+LA0G0enP5PFYOWi6w1`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE32 - (no description)
VirusTotal	Search for analysis

Name	1c8143e311168c27_is-ECELE.tmp Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\is-K314A.tmp\is-ECELE.tmp
Size	648.0KB
Processes	1608 (swf.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`e704bfe4196d131a1fcf85ee61a9a37a`
SHA1	`2edc981577844c8813f86fbfcb2c0b13b109611c`
SHA256	`1c8143e311168c27d09d12cddf3889465c62f6da03b9377a7fb8451c2a1d84b9`
CRC32	`DB1DE800`
ssdeep	`12288:meuHnWgyrgVu4rPy37WzH0A6uaF4JNK3NFRvYAajlxp:PuHcrgVxrPy37WzH0A6uwkNKRKlxp`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature ConfuserEx_Zero - Confuser .NET DllRegisterServer_Zero - execute regsvr32.exe Win32_Trojan_Gen_1_0904B0_Zero - Win32 Trojan Emotet Win32_Trojan_Emotet_2_Zero - Win32 Trojan Emotet IsPE32 - (no description) UPX_Zero - UPX packed file mzp_file_format - MZP(Delphi) file format OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	ea53a198aa646bed_libjpeg-8.dll Submit file
Filepath	c:\users\test22\appdata\local\glass video converter\libjpeg-8.dll
Size	498.0KB
Processes	288 (is-ECELE.tmp)
Type	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
MD5	`02e6c6ab886700e6f184eee43157c066`
SHA1	`e796b7f7762be9b90948eb80d0138c4598700ed9`
SHA256	`ea53a198aa646bed0b39b40b415602f8c6dc324c23e1b9fbdcf7b416c2c2947d`
CRC32	`D8D00BC7`
ssdeep	`6144:wx/Eqtn5oeHkJstujMWYVgUr/MSK/zwazshLKl11PC5qLJy1Pkfsm:M/NDXEJIPVgUrgbzslW11UqLJokfsm`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE32 - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	51d99fce0a2d13b8_unins000.dat Submit file
Filepath	C:\Users\test22\AppData\Local\Glass Video Converter\uninstall\unins000.dat
Size	5.7KB
Processes	288 (is-ECELE.tmp)
Type	data
MD5	`0f327fa7b5d9bfe59562dff44b672d38`
SHA1	`dd87b7081d00a36f98f4cdb26ae37530e364109c`
SHA256	`51d99fce0a2d13b8d9feb2008f3e09e8202735bf4ecbedd68117c3af12ee73fd`
CRC32	`6F1AD64D`
ssdeep	`96:1fNp8O4887p7xbpW9L+eOIhNKcQ8xaTNFVkxgJkdTgaIeYCv7EKGqsjiRP8i:NNpX48Qp7xbhHIhoYYi`
Yara	None matched
VirusTotal	Search for analysis

Name	513cec3ccbe4e0b3_libpango-1.0-0.dll Submit file
Filepath	c:\users\test22\appdata\local\glass video converter\libpango-1.0-0.dll
Size	252.9KB
Processes	288 (is-ECELE.tmp)
Type	PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
MD5	`b4fde05a19346072c713be2926af8961`
SHA1	`102562de2240042b654c464f1f22290676cb6e0f`
SHA256	`513cec3ccbe4e0b31542c870793ccbdc79725718915db0129aa39035202b7f97`
CRC32	`2DDE5AB0`
ssdeep	`3072:O4WGkOMuCsxvlBUlthMP3SyyqX3/yfGG7ca/RM3yH8Tw/yr+Jg8jGCzftns9/1tA:tWGkOME304A7ca/RNyN8jGCzftngvA`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) Win32_Trojan_Gen_1_0904B0_Zero - Win32 Trojan Emotet IsPE32 - (no description)
VirusTotal	Search for analysis