Dropped Files | ZeroBOX
Name 19248357ed7cff72_ltkrn13n.dll
Submit file
Filepath c:\users\test22\appdata\local\brekkiesoft video capture 1.22\ltkrn13n.dll
Size 435.0KB
Processes 1440 (stail.tmp)
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 cac7e17311797c5471733638c0dc1f01
SHA1 58e0bd1b63525a2955439cb9be3431cea7ff1121
SHA256 19248357ed7cff72dead18b5743bf66c61438d68374bda59e3b9d444c6f8f505
CRC32 1946F0ED
ssdeep 12288:sosmML3+OytpWFkCU1wayvT33iiDNmAE27R9sY9kP0O+:soslvJ3RaY9wU
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
  • Win32_Trojan_Emotet_2_Zero - Win32 Trojan Emotet
  • IsPE32 - (no description)
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name 8094af5ee310714c_msvcr71.dll
Submit file
Filepath c:\users\test22\appdata\local\brekkiesoft video capture 1.22\msvcr71.dll
Size 340.0KB
Processes 1440 (stail.tmp)
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 86f1895ae8c5e8b17d99ece768a70732
SHA1 d5502a1d00787d68f548ddeebbde1eca5e2b38ca
SHA256 8094af5ee310714caebccaeee7769ffb08048503ba478b879edfef5f1a24fefe
CRC32 35563170
ssdeep 6144:OcV9z83OtqxnEYmt3NEnvfF+Tbmbw6An8FMciFMNrb3YgxxpbCAOxO2ElvlE:Ooz83OtIEzW+/m/AyF7bCrO/E
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • Win32_Trojan_Gen_1_0904B0_Zero - Win32 Trojan Emotet
  • IsDLL - (no description)
  • IsPE32 - (no description)
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name c97401d934939149_unins000.exe
Submit file
Filepath c:\users\test22\appdata\local\brekkiesoft video capture 1.22\uninstall\unins000.exe
Size 701.2KB
Processes 1440 (stail.tmp)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 8ce0140db324f02669575326b6680bf7
SHA1 29e0b66b887b4b06d6129e02b4a773f14aff773c
SHA256 c97401d93493914903577f7cd90bf1c1246c6bd3434c134925d37656d00f1246
CRC32 C90AB4D3
ssdeep 12288:0TPcYn5c/rPx37/zHBA6a5UeYpthr1CERAgrNuR+LIq5MRxyFW:oPcYn5c/rPx37/zHBA6pFptZ1CEmqMRP
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • Win32_Trojan_Gen_1_0904B0_Zero - Win32 Trojan Emotet
  • Win32_Trojan_Emotet_2_Zero - Win32 Trojan Emotet
  • IsPE32 - (no description)
  • mzp_file_format - MZP(Delphi) file format
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name 8003a4a0f9f5dfb6_brekkiesoftvideocapture.chm
Submit file
Filepath c:\users\test22\appdata\local\brekkiesoft video capture 1.22\brekkiesoftvideocapture.chm
Size 76.4KB
Processes 1440 (stail.tmp)
Type MS Windows HtmlHelp Data
MD5 b1b9e6d43319f6d4e52ed858c5726a97
SHA1 5033047a30cccf57783c600fd76a6d220021b19d
SHA256 8003a4a0f9f5dfb62befbf81f8c05894b0c1f987acfc8654a6c6ce02b6213910
CRC32 66F59D02
ssdeep 1536:Bkt2SjEQ3r94YqwyadpL1X6Dtn4afF1VowWb8ZmmUQNk3gNqCLbMsFxJse8hbpmn:mR/CYj9dp5XIyI2b/mY3gNjLbMsOaP
Yara
  • chm_file_format - chm file format
VirusTotal Search for analysis
Name e4fc574a01b272c2__setup64.tmp
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\is-N9G0C.tmp\_isetup\_setup64.tmp
Size 6.0KB
Processes 1440 (stail.tmp)
Type PE32+ executable (console) x86-64, for MS Windows
MD5 c8871efd8af2cf4d9d42d1ff8fadbf89
SHA1 d0eacd5322c036554d509c7566f0bcc7607209bd
SHA256 e4fc574a01b272c2d0aed0ec813f6d75212e2a15a5f5c417129dd65d69768f40
CRC32 35445B19
ssdeep 48:Sv1LfWvPcXegCPUo1vlZQrAxoONfHFZONfH3d1xCWMBFNL2pGSS4k+bkg6j0KHc:wfkcXegaJ/ZAYNzcld1xaX12pfSKvkc
Yara
  • PE_Header_Zero - PE File Signature
  • IsPE64 - (no description)
  • UPX_Zero - UPX packed file
VirusTotal Search for analysis
Name 16574f51785b0e2f_sqlite3.dll
Submit file
Filepath c:\users\test22\appdata\local\brekkiesoft video capture 1.22\sqlite3.dll
Size 630.5KB
Processes 1440 (stail.tmp)
Type PE32 executable (DLL) (console) Intel 80386, for MS Windows
MD5 e477a96c8f2b18d6b5c27bde49c990bf
SHA1 e980c9bf41330d1e5bd04556db4646a0210f7409
SHA256 16574f51785b0e2fc29c2c61477eb47bb39f714829999511dc8952b43ab17660
CRC32 9F30A75E
ssdeep 12288:i0zrcH2F3OfwjtWvuFEmhx0Cj37670jwX+E7tFKm0qTYh:iJUOfwh8u9hx0D70NE7tFTYh
Yara
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
  • IsPE32 - (no description)
  • Generic_Malware_Zero - Generic Malware
  • UPX_Zero - UPX packed file
VirusTotal Search for analysis
Name ba6f21d9717e185d_brekkiesoftvideocapture.exe
Submit file
Filepath c:\users\test22\appdata\local\brekkiesoft video capture 1.22\brekkiesoftvideocapture.exe
Size 2.9MB
Processes 1440 (stail.tmp)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 a8e7304dd59abe50d178c25af8b47759
SHA1 9e9c9f8b88b6d5a0ad3a03389c864c5504dc0fb3
SHA256 ba6f21d9717e185dd9d1b21258abd08a4166fb0f2d4aa5171fbc341e1e395129
CRC32 F84B0ADC
ssdeep 49152:GOjCo0SCto7J0gWSr4zgcKUsc9PI0PXKRt:Gcx6toagDragcKUsc9PIa0
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name 5374148ebcf4b456_brekkiesoftvideocapture.dll
Submit file
Filepath c:\users\test22\appdata\local\brekkiesoft video capture 1.22\brekkiesoftvideocapture.dll
Size 172.0KB
Processes 1440 (stail.tmp)
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 fec4ff0c2967a05543747e8d552cf9df
SHA1 b4449dc0df8c0afcc9f32776384a6f5b5cede20c
SHA256 5374148ebcf4b456f8711516a58c9a007a393ca88f3d9759041f691e4343c7d6
CRC32 E02729D7
ssdeep 3072:l9iEoC1+7N9UQV2Mi8NTUU3/EO3h3E9y6GeoPRtsoWhi75MUbvSHQ:l+ssU62Mi8x9P/UVGeQRthMUbvS
Yara
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
  • IsPE32 - (no description)
  • UPX_Zero - UPX packed file
VirusTotal Search for analysis
Name 9884e9d1b4f8a873__shfoldr.dll
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\is-N9G0C.tmp\_isetup\_shfoldr.dll
Size 22.8KB
Processes 1440 (stail.tmp)
Type PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows
MD5 92dc6ef532fbb4a5c3201469a5b5eb63
SHA1 3e89ff837147c16b4e41c30d6c796374e0b8e62c
SHA256 9884e9d1b4f8a873ccbd81f8ad0ae257776d2348d027d811a56475e028360d87
CRC32 AE2C3EC2
ssdeep 384:+Vm08QoKkiWZ76UJuP71W55iWHHoSHigH2euwsHTGHVb+VHHmnH+aHjHqLHxmoq1:2m08QotiCjJuPGw4
Yara
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
  • IsPE32 - (no description)
VirusTotal Search for analysis
Name df96156f6a548fd6_msvcp71.dll
Submit file
Filepath c:\users\test22\appdata\local\brekkiesoft video capture 1.22\msvcp71.dll
Size 488.0KB
Processes 1440 (stail.tmp)
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 561fa2abb31dfa8fab762145f81667c2
SHA1 c8ccb04eedac821a13fae314a2435192860c72b8
SHA256 df96156f6a548fd6fe5672918de5ae4509d3c810a57bffd2a91de45a3ed5b23b
CRC32 5A3B11D4
ssdeep 12288:fJzxYPVsBnxO/R7krZhUgiW6QR7t5k3Ooc8iHkC2eq:fZxvBnxOJ7ki3Ooc8iHkC2e
Yara
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
  • IsPE32 - (no description)
  • UPX_Zero - UPX packed file
VirusTotal Search for analysis
Name 1b5e9882c21be30d_stail.tmp
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\is-SVR9O.tmp\stail.tmp
Size 690.0KB
Processes 884 (stail.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 e9156237fced45ee8e16eff08467f143
SHA1 38703dd30674bcc9eb966cf51cf67e3737091372
SHA256 1b5e9882c21be30d890563110219d35165167337fc677b81ce11db38a52ed743
CRC32 92A8377A
ssdeep 12288:sTPcYn5c/rPx37/zHBA6a5UeYpthr1CERAgrNuR+LIq5MRxyF:wPcYn5c/rPx37/zHBA6pFptZ1CEmqMRU
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • Win32_Trojan_Gen_1_0904B0_Zero - Win32 Trojan Emotet
  • Win32_Trojan_Emotet_2_Zero - Win32 Trojan Emotet
  • IsPE32 - (no description)
  • mzp_file_format - MZP(Delphi) file format
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name 2f6294f9aa09f59a__iscrypt.dll
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\is-N9G0C.tmp\_isetup\_iscrypt.dll
Size 2.5KB
Processes 1440 (stail.tmp)
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 a69559718ab506675e907fe49deb71e9
SHA1 bc8f404ffdb1960b50c12ff9413c893b56f2e36f
SHA256 2f6294f9aa09f59a574b5dcd33be54e16b39377984f3d5658cda44950fa0f8fc
CRC32 FB05FA3A
ssdeep 24:e1GSgDIX566lIB6SXvVmMPUjvhBrDsqZ:SgDKRlVImgUNBsG
Yara
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
  • IsPE32 - (no description)
VirusTotal Search for analysis
Name f8196f03f8cbed87_ltdis13n.dll
Submit file
Filepath c:\users\test22\appdata\local\brekkiesoft video capture 1.22\ltdis13n.dll
Size 259.5KB
Processes 1440 (stail.tmp)
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 752ca72de243f44af2ed3ff023ef826e
SHA1 7b508f6b72bd270a861b368ec9fe4bf55d8d472f
SHA256 f8196f03f8cbed87a92ba5c1207a9063d4eebb0c22ca88a279f1ae1b1f1b8196
CRC32 AD8ACD50
ssdeep 6144:Fs7u3JL96d15Y2BmKh678IuYAhN3YCjlgiZioXyLWvCe93rZ5WZOlUmpNJ5mlbb/:e7WJL96d15Y2BmKh678IuYAhN3YCjlgw
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
  • Win32_Trojan_Emotet_2_Zero - Win32 Trojan Emotet
  • IsPE32 - (no description)
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name e9a52d82babfc3ef_unins000.dat
Submit file
Filepath C:\Users\test22\AppData\Local\Brekkiesoft Video Capture 1.22\uninstall\unins000.dat
Size 4.9KB
Processes 1440 (stail.tmp)
Type data
MD5 58b1a17f30949245c7988459648aeefd
SHA1 c695d6e7ee530206207bd6caf02b39512e61e331
SHA256 e9a52d82babfc3ef5ded38e9fffdb2e77647b51428ec0c2f30ef6e62e395606e
CRC32 56A07DE4
ssdeep 96:9edWU38Fp5BSK9f+eOIh8a7ICSss/LnnQtQA2g:9edWU3Sp5qHIhDICSsAna
Yara None matched
VirusTotal Search for analysis
Name f1da32183b3da19f_gdiplus.dll
Submit file
Filepath c:\users\test22\appdata\local\brekkiesoft video capture 1.22\gdiplus.dll
Size 1.6MB
Processes 1440 (stail.tmp)
Type PE32 executable (DLL) (console) Intel 80386, for MS Windows
MD5 871c903a90c45ca08a9d42803916c3f7
SHA1 d962a12bc15bfb4c505bb63f603ca211588958db
SHA256 f1da32183b3da19f75fa4ef0974a64895266b16d119bbb1da9fe63867dba0645
CRC32 D2E7CF70
ssdeep 24576:Fk18V2mHkfIE3Ip9vkWEgDecZV3W9kpOuRw8RhWd5Ixwzr6lOboU7j97S9D+z98v:FZNkf+uW3D1ZVG9kVw8I5Rv6lwH9+X
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
  • IsPE32 - (no description)
  • Generic_Malware_Zero - Generic Malware
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis