popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name f3c6834b83000b99_svchost.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\svchost.exe
Size 296.5KB
Processes 1884 (ax.exe)
Type PE32+ executable (GUI) x86-64, for MS Windows
MD5 7460f67864161928611617d5c28dada8
SHA1 f1de37cb94fc08b4897fe89f57eff6fb07250a20
SHA256 f3c6834b83000b99f2bbef17060d8379f7519a16a6bcef1780aa06e141e57875
CRC32 A9DF02BE
ssdeep 6144:LL6Aj2ws/+HCn2PrYwX7U4ilaTgsZigfLafwwZDJSTBxt124Bq2tI:LWAjhe+H8KIFsZiHJSTF1g
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • Malicious_Packer_Zero - Malicious Packer
  • IsPE64 - (no description)
  • Antivirus - Contains references to security software
  • anti_vm_detect - Possibly employs anti-virtualization techniques
  • Generic_Malware_Zero - Generic Malware
  • UPX_Zero - UPX packed file
VirusTotal Search for analysis
Name dfd1da4158f6b8ea_$171918157
Submit file
Filepath C:\Users\test22\AppData\Roaming\$171918157
Size 1.2MB
Processes 1884 (ax.exe)
Type data
MD5 5d547475fe1b3c4fb855be0fc426c420
SHA1 4a403d5bfb103e6684523233b8bd91c65cf5958a
SHA256 dfd1da4158f6b8ea279198361d42720ec2f1e0703edc6e1dddb00ef6e13c07ce
CRC32 D613FCD1
ssdeep 24576:EWAjhe+H8KIF0ipSTF04bDOphvGTO5+L0Un5cOoaPaoWXqEinqg4dNMBlqD9:j3M7TF5D2n+H5cOoUao+vib4rMu
Yara
  • Malicious_Library_Zero - Malicious_Library
  • Antivirus - Contains references to security software
  • anti_vm_detect - Possibly employs anti-virtualization techniques
  • Generic_Malware_Zero - Generic Malware
VirusTotal Search for analysis
Name 4cc1ab70e6fd0d44_qq.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\QQ.exe
Size 940.0KB
Processes 1884 (ax.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 b36366f4a27987d6de47887b03f29c68
SHA1 6f290bd6c132ec5c824558a29bdf75d25ced94e3
SHA256 4cc1ab70e6fd0d4441c778d40212c6e3114e14d56da85717214f8498e1c1501b
CRC32 374DFC5E
ssdeep 24576:q4bDOphvGTO5+L0Un5cOoaPaoWXqEinqg4dNMBlqD9:HD2n+H5cOoUao+vib4rMu
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • Malicious_Packer_Zero - Malicious Packer
  • anti_vm_detect - Possibly employs anti-virtualization techniques
  • IsPE32 - (no description)
  • Generic_Malware_Zero - Generic Malware
  • UPX_Zero - UPX packed file
VirusTotal Search for analysis