popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 43d1f6eee3f8ec92_xpt.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\~sfx003EA041DC\XPT.exe
Size 619.0KB
Processes 1688 (XPT.exe)
Type PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed
MD5 6c61006258f5fc3ff41079e083e69d83
SHA1 5cc6ced8db827f73c6c170d4f1da997d7b320007
SHA256 43d1f6eee3f8ec92d958bec8592045012b9b456ce84a592c862ed9c9f15ade53
CRC32 3F353E6E
ssdeep 12288:e6a348oLNU9zPIABmAKG1Aq3+OMPUspWodt2P8uZ63sKFCySfQ:evUU9LIfAGq3qcs7tYDKFCyQQ
Yara
  • PE_Header_Zero - PE File Signature
  • mzp_file_format - MZP(Delphi) file format
  • IsPE32 - (no description)
  • UPX_Zero - UPX packed file
VirusTotal Search for analysis
Name 58361275c9ce4b07_xsfxdel~.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\xsfxdel~.exe
Size 37.5KB
Processes 1688 (XPT.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 a48b642733b4ed0b2f63c726bea5710f
SHA1 f383f6eb661b6aea3da2f4f2b21b2cbc40ced2a2
SHA256 58361275c9ce4b07a6ee13ddc83f80e88571ea9d4e1aedc476f7d613938b47a6
CRC32 31F0EE6C
ssdeep 768:Op8N/wZaRSHS8m/3Ud6f04mw94y+CwY69IsXm648tcUb8x:OQFP3/EdC4y9QPtIx
Yara
  • PE_Header_Zero - PE File Signature
  • mzp_file_format - MZP(Delphi) file format
  • Malicious_Library_Zero - Malicious_Library
  • IsPE32 - (no description)
VirusTotal Search for analysis
Name 4527fce0e32b74f9_xptweaker.dll
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\~sfx003EA041DC\XPTweaker.dll
Size 13.0KB
Processes 1688 (XPT.exe)
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 2fc13ad11daa6959a40d96627b70f3a4
SHA1 472ae517d9fc2f0afaea920319627ff03046443f
SHA256 4527fce0e32b74f91183cd5f07ca14298f30ccd20ceb15e37262f066146dde79
CRC32 C58E2EE1
ssdeep 192:QSR/Wgvv7nIevBpvtggJMTSDOeLPKsrM725lGaKGqFE5psLWycABjfU8N:Ogvv7nIefZzDjb9oOGaKGGWjyc+fU8
Yara
  • PE_Header_Zero - PE File Signature
  • ASProtect_Zero - ASProtect packed file
  • IsDLL - (no description)
  • IsPE32 - (no description)
VirusTotal Search for analysis
Name 552f123876b2e81f_xpt.log
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\~sfx003EA041DC\XPT.log
Size 39.0B
Processes 2076 (XPT.exe)
Type ISO-8859 text, with CRLF line terminators
MD5 c15e4f6145114d773ea374b61d219fc2
SHA1 84211f1f23f21556381178be3472847328644be9
SHA256 552f123876b2e81ff1f293d480d3d2146ba0153eb4c04e490bf46e1c7926db3c
CRC32 731C8BCD
ssdeep 3:j5XphFFAxGAovn:jJphnoyn
Yara None matched
VirusTotal Search for analysis