Dropped Files

Name 55fa45ab6f436460_backup.exe
Download Submit file
Filepath C:\Users\Administrator\AppData\Local\Temp\0C7910BA-F902-421E-9E69-CF9AEE0DD4D7\backup.exe
Size 446.8KB
Processes 1256 (48a96e765f308053_backup.exe)
Type PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed
MD5 60df1bb33c29cb6d93ab002c2233ddfd
SHA1 c45f3452142b7ef12e23c5cb748aa3a44c946a9b
SHA256 55fa45ab6f4364603d55a40532fac35b586b8f37bf5277753a1bff1a2c1477c5
CRC32 4D799121
ssdeep None
Yara
  • UPX - (no description)
  • suspicious_packer_section - The packer/protector section names/keywords
  • SEH__vba - (no description)
  • escalate_priv - Escalade priviledges
  • win_mutex - Create or check mutex
  • win_registry - Affect system registries
  • win_token - Affect system token
VirusTotal Search for analysis
Name d0603d1dd59dc6a8_backup.exe
Download Submit file
Filepath C:\backup.exe
Size 446.8KB
Processes 1396 (backup.exe)
Type PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed
MD5 4e146e22ad6ac632639cf8e26a605518
SHA1 ac5ff9715ce7a8107830c8568f2491ce75199581
SHA256 d0603d1dd59dc6a89a3e694349782974a9cf74506568c6ab3974d5551f854a8c
CRC32 78968554
ssdeep None
Yara
  • UPX - (no description)
  • suspicious_packer_section - The packer/protector section names/keywords
  • SEH__vba - (no description)
  • escalate_priv - Escalade priviledges
  • win_mutex - Create or check mutex
  • win_registry - Affect system registries
  • win_token - Affect system token
VirusTotal Search for analysis
Cuckoo

We're processing your submission... This could take a few seconds.