popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 02dbffe00a4f21af_xclient.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\XClient.exe
Size 534.5KB
Processes 2544 (cVEHCL4.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 c88adc5cbaedceb9736716d910f3926c
SHA1 a7a790c51babae76371d87a1262d4f28af8b686f
SHA256 02dbffe00a4f21afcbf01f16ef154121957444bd8cce833c50f112952eb4cbac
CRC32 049B9669
ssdeep 12288:bh1Lk70TnvjcKJhb3w7QU9pk0PhmUDm8AqLofzl+w4VRy:nk70TrcOb7U70U68rkfzday
Yara
  • PE_Header_Zero - PE File Signature
  • MALWARE_Win_VT_RedLine - Detects RedLine infostealer
  • UltraVNC_Zero - UltraVNC
  • Malicious_Library_Zero - Malicious_Library
  • IsPE32 - (no description)
  • Generic_Malware_Zero - Generic Malware
  • OS_Processor_Check_Zero - OS Processor Check
  • UPX_Zero - UPX packed file
VirusTotal Search for analysis