Dropped Files

Name be392e41a127570a_sysctl.exe
Download Submit file
Filepath C:\Windows\SysWOW64\sysctl.exe
Size 423.9KB
Processes 2908 (cfa3afd8fbb7b732_sysctl.exe)
Type PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed
MD5 1571ad2d2c887f864c057ee6d8ff713f
SHA1 ac454ae8366f0716edfb860e2d933351d5b98b69
SHA256 be392e41a127570a98a05cd07442eb68e171b9db635d1023055bf2855951abb2
CRC32 80621D89
ssdeep None
Yara
  • suspicious_packer_section - The packer/protector section names/keywords
  • screenshot - Take screenshot
  • keylogger - Run a keylogger
  • win_mutex - Create or check mutex
  • win_registry - Affect system registries
  • win_files_operation - Affect private profile
  • win_hook - Affect hook table
VirusTotal Search for analysis
Cuckoo

We're processing your submission... This could take a few seconds.