popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 12d59b63b5e8301d_vapo.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\vapo.exe
Size 32.5KB
Processes 292 (vapo.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 ee14a993b4f9bf8b3f0421f0a44c2057
SHA1 e5c03509023e186e2b5dbe92262e4d8b70c406ff
SHA256 12d59b63b5e8301d2f5a55e47931d91d2e17a1bcefc6941afe45c777222314a9
CRC32 5AA6B2D6
ssdeep 384:y+wOeemMOdqtlbRHvEdEmPLtzVFyXyLgZgJaqbNyHBw0V5AR8gtFqBLTm9zZwXJP:lEugjBzGWg6YvBzVOXFh9WkO/h+/zW
Yara
  • PE_Header_Zero - PE File Signature
  • Antivirus - Contains references to security software
  • Is_DotNET_EXE - (no description)
  • IsPE32 - (no description)
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name 86a41e5c52a2c3b3_vapo.lnk
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vapo.lnk
Size 708.0B
Processes 292 (vapo.exe)
Type MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Sun Jan 26 22:40:59 2025, mtime=Sun Jan 26 22:41:07 2025, atime=Sun Jan 26 22:41:07 2025, length=33280, window=hide
MD5 ebe701e6a8af6e4fb0f6a2edd2497781
SHA1 7487ee720775b8fa011164d731e0d9221b216bd8
SHA256 86a41e5c52a2c3b304dc08787513a5fb0ab88bf2baa2c0c9e7a4db4ce08b05e8
CRC32 943DC73C
ssdeep 12:8lsfyu4cZCrR8EvSEZnMSLXy55PizCCOLAHI9EgAuP:8q8sERdnnN2azNKEHuP
Yara
  • lnk_file_format - Microsoft Windows Shortcut File Format
  • Lnk_Format_Zero - LNK Format
VirusTotal Search for analysis