Dropped Files | ZeroBOX

Name	dedd4c249a6a78e8_fulloption_2.1xenos.exe Submit file
Filepath	C:\Users\test22\AppData\Roaming\FullOption_2.1Xenos.exe
Size	4.0MB
Processes	2644 (CE5Mv2.exe)
Type	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5	`c442a9b9299246b2e5683641a4341641`
SHA1	`31f41c27ceacc503f33ea72c1ac7c077bc5d9235`
SHA256	`dedd4c249a6a78e8e2603e7bf8227bbcd1dcca0e0f272ec204cf4a1a61dae7d9`
CRC32	`FCA71116`
ssdeep	`98304:mer3mJdJ0Gz+yQ3zkgHC3lD1qhPEeXkZGRaGxOJx1/q:jSJdJrz+yOkg8BQPfXYoI1`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature Is_DotNET_EXE - (no description) IsPE32 - (no description)
VirusTotal	Search for analysis

Name	57ec7bca087dd678_svchost.exe Submit file
Filepath	C:\Users\test22\AppData\Roaming\svchost.exe
Size	73.5KB
Processes	2644 (CE5Mv2.exe) 1384 (FullOption_2.1Xenos.exe) 2624 (FullOption_2.1Xenos.exe) 2304 (FullOption_2.1Xenos.exe) 2576 (FullOption_2.1Xenos.exe) 1644 (FullOption_2.1Xenos.exe)
Type	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5	`12b722899c9a6b517d52b8de2c7c3e2e`
SHA1	`a92dbc8edd02adeeab5fa9c0e2a884a84a315fe5`
SHA256	`57ec7bca087dd678bef5aeaaa52f4f393d63613976701e6a111015fb7f9f1b6c`
CRC32	`D613F902`
ssdeep	`1536:jSJd0NZZ4CuyMAa70b36MJP6ROuEn9i8:+J3C1ba70b3xYOuEn48`
Yara	PE_Header_Zero - PE File Signature Antivirus - Contains references to security software Is_DotNET_EXE - (no description) IsPE32 - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis