popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name d2168af8c285ad1a_wskrpanfgk5ek1k0jnnezzf3.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\WskrpAnfgK5eK1k0jNnEzzf3.exe
Size 4.3KB
Processes 3800 (xLSUYqRUzzhAU5weLqgJRcbb.exe)
Type HTML document, ASCII text
MD5 1b058f6362c93520904ead6495b7cc38
SHA1 5ea4068c413222a798280a2db8dbb4386d7a84e3
SHA256 d2168af8c285ad1a2bf60174f0dc134548cdc25247d1c403d3036817ca780a26
CRC32 4BCCEDAD
ssdeep 96:1j9jwIjYjyDK/DZD8jH+k1CZBvJADh/pRsqhsgszbGD:1j9jhjYjWK/lyH+kMBRADh/pmqhsgsf0
Yara None matched
VirusTotal Search for analysis
Name 0099e62ea3beb0f1_xlsuyqruzzhau5welqgjrcbb.exe
Submit file
Filepath C:\Users\test22\Documents\xLSUYqRUzzhAU5weLqgJRcbb.exe
Size 7.5KB
Processes 2616 (updatechannel4.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 6be41709f8bfbf06307cc56d04249801
SHA1 911d8ade72bef752233237351fbdb7a9f96e2cf0
SHA256 0099e62ea3beb0f1631eb088bd697fd829963713ef4cb0e3a0a72b8c950c2383
CRC32 F4B3FBBE
ssdeep 192:3rFqRMky3fM9V7FKI47Wd+h4+0XoQ9DWhL3mj9:3rFqRMh3KlFP47Wd+hr059UL3m
Yara
  • Win_Backdoor_AsyncRAT_Zero - Win Backdoor AsyncRAT
  • PE_Header_Zero - PE File Signature Zero
  • IsPE32 - (no description)
  • IsNET_EXE - (no description)
  • IsWindowsGUI - (no description)
  • HasDebugData - DebugData Check
VirusTotal Search for analysis
Name 5414e31a0147dfa8_kgmapqzhmrye0iiyfpfvhmi6.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\KgMaPqZhMrYe0IIyfpFVhMI6.exe
Size 4.3KB
Processes 3800 (xLSUYqRUzzhAU5weLqgJRcbb.exe)
Type HTML document, ASCII text
MD5 3c2920b26b717a7ecf264112fefce14b
SHA1 5273f75c63b7b996ae627c1bee2f02d6fcf57614
SHA256 5414e31a0147dfa81a1bd850b896e48085343adcaa4ef8bd82a6f00cb6bfb384
CRC32 4969327A
ssdeep 96:1j9jwIjYjyDK/DZD8jH+k1CZBvJADh/pRsOsgszbGD:1j9jhjYjWK/lyH+kMBRADh/pmOsgsfGD
Yara None matched
VirusTotal Search for analysis
Name f9349585a2393d43_iqhfnfy2p6k2x3h3zlrbwgjj.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\iQhfnfy2P6K2x3h3ZLrBWgjj.exe
Size 494.0KB
Processes 3800 (xLSUYqRUzzhAU5weLqgJRcbb.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 28345a7bb63babaf99e760965ce493b7
SHA1 7e752390f6ebca4e1e8889302549be4dd0845f62
SHA256 f9349585a2393d4378e283e73fc48d04941666ec0ccae4dd2fb68c2cad7ac9a1
CRC32 1DB82DEF
ssdeep 12288:qpHLo/ADRUoBhT3d7ybbicrZumiAgp+zjgm6sFuMLGx:SroGRU+Fu+clhl/JVuMSx
Yara
  • win_registry - Affect system registries
  • win_files_operation - Affect private profile
  • PE_Header_Zero - PE File Signature Zero
  • OS_Processor_Check_Zero - OS Processor Check Signature Zero
  • IsPE32 - (no description)
  • IsWindowsGUI - (no description)
  • IsPacked - Entropy Check
VirusTotal Search for analysis