Dropped Files

Name 64d626e50bb350aa_msitss55.dll
Download Submit file
Filepath C:\Program Files\Common Files\Microsoft Shared\Help\msitss55.dll
Size 27.8MB
Processes 1480 (ff185ec81d19e900_dw20.exe)
Type PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
MD5 09bdc536da159d46eb3b55e59ca15ced
SHA1 f5362eadddf2f2075cd8ab9166b811ac2f2d3b71
SHA256 64d626e50bb350aaeb2388678417ddc82c9ad642bed8fd7e96d09b8dee21bfa4
CRC32 28E50DFB
ssdeep None
Yara
  • PoetRat_Python - (no description)
  • Base64_encoded_Executable - Detects an base64 encoded executable (often embedded)
  • DebuggerException__ConsoleCtrl - (no description)
  • DebuggerException__SetConsoleCtrl - (no description)
  • SEH__vectored - (no description)
  • create_service - Create a windows service
  • network_udp_sock - Communications over UDP network
  • network_tcp_listen - Listen for incoming communication
  • network_tcp_socket - Communications over RAW socket
  • network_dns - Communications use DNS
VirusTotal Search for analysis
Name d50d9b2590f1505d_acecore.dll.exe
Download Submit file
Filepath C:\Program Files\Common Files\Microsoft Shared\OFFICE14\ACECORE.DLL.exe
Size 27.8MB
Processes 1480 (ff185ec81d19e900_dw20.exe)
Type PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
MD5 c938149151de64dc4b59830b4fcea779
SHA1 b4a04aaf0e963ab24ffca100381dbc6c1a546513
SHA256 d50d9b2590f1505d2744519905cf7a57b6c8453677e6c714beaf990f518afcdf
CRC32 B99700F4
ssdeep None
Yara
  • PoetRat_Python - (no description)
  • Base64_encoded_Executable - Detects an base64 encoded executable (often embedded)
  • DebuggerException__ConsoleCtrl - (no description)
  • DebuggerException__SetConsoleCtrl - (no description)
  • SEH__vectored - (no description)
  • create_service - Create a windows service
  • network_udp_sock - Communications over UDP network
  • network_tcp_listen - Listen for incoming communication
  • network_tcp_socket - Communications over RAW socket
  • network_dns - Communications use DNS
VirusTotal Search for analysis
Cuckoo

We're processing your submission... This could take a few seconds.