popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name cf67a50598ee170e_gxtuum.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\23a0892ef8\Gxtuum.exe
Size 429.0KB
Processes 2568 (Offnewhere.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 c07e06e76de584bcddd59073a4161dbb
SHA1 08954ac6f6cf51fd5d9d034060a9ae25a8448971
SHA256 cf67a50598ee170e0d8596f4e22f79cf70e1283b013c3e33e36094e1905ba8d9
CRC32 9136006C
ssdeep 12288:H/RCVy1xtsmUQTXNujba1fM0HRm77vRMmg:ntsouyBM+RmnRLg
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • Malicious_Packer_Zero - Malicious Packer
  • IsPE32 - (no description)
  • Generic_Malware_Zero - Generic Malware
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name e86c8aa64dbafe0b_gxtuum.job
Submit file
Filepath C:\Windows\Tasks\Gxtuum.job
Size 270.0B
Processes 2568 (Offnewhere.exe)
Type VAX-order 68k Blit mpx/mux executable
MD5 63483cafc8d9e22149b6ee6f6a8fef3a
SHA1 5c08b30e76a16ddde6703b3965130b23b1408a93
SHA256 e86c8aa64dbafe0b80bdf4e522c858223dd140e9bc238171b4e139f2cd67c832
CRC32 0B4BC3B3
ssdeep 6:8HtJgZNXE/E/UEZ+lX1MeNclfibtI4y0lBmsEt0:WUkE/Q1MeNclfim4VBOt0
Yara None matched
VirusTotal Search for analysis