Dropped Files

Name 51b75cfa31f65419_perfhost.exe
Download Submit file
Filepath C:\Windows\SysWOW64\perfhost.exe
Size 1.4MB
Processes 324 (3d8f31daa9025f13659fa3fd0f7a3c.exe)
Type PE32 executable (console) Intel 80386, for MS Windows
MD5 2a129bea78e2c1530755efc0ccd30298
SHA1 c33dbc22f3b0b94e05989fef988b99c2a42a2637
SHA256 51b75cfa31f65419e4208f6975b3f1749da2f9ad3094b787c53c5f444d2c9390
CRC32 8819A44E
ssdeep None
Yara None matched
VirusTotal Search for analysis
Name a9fda52ef09f461c_aspnet_state.exe
Download Submit file
Filepath C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
Size 1.5MB
Processes 324 (3d8f31daa9025f13659fa3fd0f7a3c.exe)
Type PE32+ executable (console) x86-64, for MS Windows
MD5 f284b10b74b48c547cf88cb1cad0a975
SHA1 3d36e192386a96a43d8ed3a61a83d821fdc34745
SHA256 a9fda52ef09f461c795882ee0e1e12a7c067a88021223b922062be45eb5035b6
CRC32 371D2544
ssdeep None
Yara
  • DebuggerException__SetConsoleCtrl - (no description)
  • anti_dbg - Checks if being debugged
  • network_tcp_listen - Listen for incoming communication
  • network_tcp_socket - Communications over RAW socket
  • win_registry - Affect system registries
VirusTotal Search for analysis
Cuckoo

We're processing your submission... This could take a few seconds.