popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name ccb9502bf8ba5bec_helper.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\IXP000.TMP\helper.exe
Size 4.4MB
Processes 1932 (d4940780-7f90-11e9-8b57-4bd4b694b3a7.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 6a4853cd0584dc90067e15afb43c4962
SHA1 ae59bbb123e98dc8379d08887f83d7e52b1b47fc
SHA256 ccb9502bf8ba5becf8b758ca04a5625c30b79e2d10d2677cc43ae4253e1288ec
CRC32 C13279AE
ssdeep 98304:XyDt6K4MJVnjOobt/JN1LA5elHc+S4fRp5UvluKo:XyDtK8bbxn+IHcBEV/F
Yara
  • PE_Header_Zero - PE File Signature
  • Malicious_Library_Zero - Malicious_Library
  • Is_DotNET_EXE - (no description)
  • IsPE32 - (no description)
VirusTotal Search for analysis
Name 63ed16670362ddbc_chromi~2.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\IXP000.TMP\CHROMI~2.EXE
Size 13.5KB
Processes 1932 (d4940780-7f90-11e9-8b57-4bd4b694b3a7.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 b840b27df10b80d7d17e7ba88fe549ca
SHA1 2769b3696b80aa8048fbab5e08629c7369810499
SHA256 63ed16670362ddbc0fb96d2762c84f68073988d1f1f49fc4f064fad56076287e
CRC32 538F49CC
ssdeep 384:KrjF4fNHJ7d8WALstjhrJV9HGhcORDuqfs:cj+f9JRWs7GiORDuT
Yara
  • PE_Header_Zero - PE File Signature
  • Admin_Tool_IN_Zero - Admin Tool Sysinternals
  • Malicious_Library_Zero - Malicious_Library
  • Is_DotNET_EXE - (no description)
  • IsPE32 - (no description)
VirusTotal Search for analysis