popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name e16b96cf483c1fd9_microsoft works.exe
Submit file
Filepath C:\Users\test22\Documents\Hnc\Microsoft Visual Studio 8\Microsoft Works.exe
Size 6.6MB
Processes 2548 (9358_8410.exe)
Type PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
MD5 d1929c259e2f7bf7fe7d028c64ebe5dc
SHA1 84d92157ad279efa50eb7009ff7b2dbc17d419f2
SHA256 e16b96cf483c1fd955a50beb79205f2f2bb37650e1079ef1b8ebccddfe179146
CRC32 ED54CF67
ssdeep 98304:n6QuKdcljouL2k+TrPodcljoQfuwbe6K1ouccl5gHeMhXwzw:6Y+jotPzjoQfuwa1oeiHbhb
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • Malicious_Packer_Zero - Malicious Packer
  • Win32_Trojan_Gen_1_0904B0_Zero - Win32 Trojan Emotet
  • IsPE32 - (no description)
  • OS_Processor_Check_Zero - OS Processor Check
  • UPX_Zero - UPX packed file
VirusTotal Search for analysis