popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 3e9e7ae7027d195b_screenconnect.clientsetup.msi
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\ScreenConnect\24.3.7.9067\e9736d81e38965d1\ScreenConnect.ClientSetup.msi
Size 9.5MB
Processes 2548 (USDTFlash.exe)
Type Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, MSI Installer, Code page: 1252, Title: Installation Database, Subject: Default, Author: ScreenConnect Software, Keywords: Default, Comments: Default, Template: Intel;1033, Revision Number: {BB4623BD-0E0D-9E3E-1620-F0C6B00D36B9}, Create Time/Date: Mon Oct 28 17:43:52 2024, Last Saved Time/Date: Mon Oct 28 17:43:52 2024, Number of Pages: 200, Number of Words: 2, Name of Creating Application: Windows Installer XML Toolset (3.11.0.1701), Security: 2
MD5 e979de7d232e18c44428620ca6e3e126
SHA1 9632ebc9439d2b6d1eb1a18bb08c8b6560a2248a
SHA256 3e9e7ae7027d195b56e3df6b19d7a2ed41f9316a371d445a15ecaf2cfe4be4bd
CRC32 6E22CEB6
ssdeep 98304:FwJ4t1h0cG5FGJRPxow8O8wJ4t1h0cG5pwJ4t1h0cG5nwJ4t1h0cG5hwJ4t1h0cW:yWh0cGw7Wh0cG4Wh0cGSWh0cGIWh0cG
Yara
  • Malicious_Library_Zero - Malicious_Library
  • CAB_file_format - CAB archive file
  • Microsoft_Office_File_Zero - Microsoft Office File
  • Generic_Malware_Zero - Generic Malware
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name 0918d8ab2237368a_MSIF78F.tmp
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\MSIF78F.tmp
Size 1.0MB
Processes 2676 (msiexec.exe)
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, InstallShield self-extracting archive
MD5 8a8767f589ea2f2c7496b63d8ccc2552
SHA1 cc5de8dd18e7117d8f2520a51edb1d165cae64b0
SHA256 0918d8ab2237368a5cec8ce99261fb07a1a1beeda20464c0f91af0fe3349636b
CRC32 843406AE
ssdeep 24576:QUUGGHn+rUGemcPe9MpKL4Plb2sZWV+tLv0QYu5OPthT+gd:jGHpRPqMpvlqs0O4iO2k
Yara
  • PE_Header_Zero - PE File Signature
  • Malicious_Library_Zero - Malicious_Library
  • IsDLL - (no description)
  • CAB_file_format - CAB archive file
  • IsPE32 - (no description)
  • Generic_Malware_Zero - Generic Malware
  • OS_Processor_Check_Zero - OS Processor Check
  • UPX_Zero - UPX packed file
VirusTotal Search for analysis