Name 9120f299cf62f62d_backup.exe
Filepath C:\Users\Administrator\AppData\Local\Temp\0C7910BA-F902-421E-9E69-CF9AEE0DD4D7\backup.exe
Size 101.6KB
Processes 2228 (b6957464fb9871684276bfbd256fbf9ee5517498b051a42daa675000fee0d37d.exe)
Type PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, PECompact2 compressed
MD5 1278e40f0e6672d9900731e5d1699e9a
SHA1 85f5220565df3b3c974c482536914c1f0206cdd5
SHA256 9120f299cf62f62d54cd66e5edccbf02dcc4678b5e8635bad8bca88290f48532
CRC32 B64805F7
ssdeep None
Yara
  • suspicious_packer_section - The packer/protector section names/keywords
  • SEH__vba - (no description)
  • escalate_priv - Escalade priviledges
  • win_mutex - Create or check mutex
  • win_registry - Affect system registries
  • win_token - Affect system token
VirusTotal Search for analysis
Name 5011280a9fb8547c_backup.exe
Filepath C:\backup.exe
Size 101.6KB
Processes 2424 (backup.exe)
Type PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, PECompact2 compressed
MD5 5c78cc72f488e078ec49f2700fff3865
SHA1 a45ff7d1a4aa1024866dd821b46cabde6f128324
SHA256 5011280a9fb8547cb91d74f531242ae66a684aefc6a1606606023eb6421479e4
CRC32 F34776F8
ssdeep None
Yara
  • suspicious_packer_section - The packer/protector section names/keywords
  • SEH__vba - (no description)
  • escalate_priv - Escalade priviledges
  • win_mutex - Create or check mutex
  • win_registry - Affect system registries
  • win_token - Affect system token
VirusTotal Search for analysis
Cuckoo

We're processing your submission... This could take a few seconds.