popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 363841b14e9048fd_omegaengine.exe
Submit file
Filepath C:\Users\test22\Documents\System\OmegaEngine.exe
Size 6.8MB
Processes 1960 (file.exe)
Type PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows
MD5 2c5f8843f514824fc636f451fc6a18b4
SHA1 a1c5490efea431fa3f54562d0d19d4f6826c562a
SHA256 363841b14e9048fd50a012f2a3e04c3f86312fbcd3c1f4a837a102fe7e258ca7
CRC32 31D8B0DF
ssdeep 196608:HCXYEhEswp8HD1XF2XTnTuTmVpDce4EQ/H5Tc05tI8lCt30fWsaVb:2JwCMcwQ/IV39b
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • Malicious_Packer_Zero - Malicious Packer
  • IsPE32 - (no description)
  • Generic_Malware_Zero - Generic Malware
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name 11bd2c9f9e2397c9_winring0x64.sys
Submit file
Filepath C:\Users\test22\Documents\System\WinRing0x64.sys
Size 14.2KB
Processes 1960 (file.exe)
Type PE32+ executable (native) x86-64, for MS Windows
MD5 0c0195c48b6b8582fa6f6373032118da
SHA1 d25340ae8e92a6d29f599fef426a2bc1b5217299
SHA256 11bd2c9f9e2397c9a16e0990e4ed2cf0679498fe0fd418a3dfdac60b5c160ee5
CRC32 6B0323EB
ssdeep 192:nqjKhp+GQvzj3i+5T9oGYJh1wAoxhSF6OOoe068jSJUbueq1H2PIP0:qjKL+v/y+5TWGYOf2OJ06dUb+pQ
Yara
  • PE_Header_Zero - PE File Signature
  • IsPE64 - (no description)
VirusTotal Search for analysis
Name 90d678f599884eb4_config.json
Submit file
Filepath C:\Users\test22\Documents\System\config.json
Size 2.2KB
Processes 1960 (file.exe)
Type ASCII text
MD5 efe186d3302fe8b6f6c751610dc424d6
SHA1 0b75736c95acab29a0d8cbf7edbef454f3529ee5
SHA256 90d678f599884eb4ee0f2a12dc297ad02521d58cb1020708185ca92c83dcd00f
CRC32 40C48EEB
ssdeep 48:CtWTHcW08bqUZylCfby+F1IfF0lFGRdyCSPCoECyo12udQK9Q:CtWTvZy+F1IfF0lFGRdyCmCZCN2u39Q
Yara None matched
VirusTotal Search for analysis