popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name fa6c50e614a2ea66_z05vae1ltes978kerflmfrf4.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\Z05vAE1Ltes978KErflmFRf4.exe
Size 4.3KB
Processes 1108 (china.png)
Type HTML document, ASCII text
MD5 86443ff81a3d958e8d52e2fe8fdf413b
SHA1 ee35213f6fbae8ee48d914c40e52d16be3b2ed21
SHA256 fa6c50e614a2ea66ef60ce7ed9a16907328308d946c4592e24c848246e8ccb7d
CRC32 A729B470
ssdeep 96:1j9jwIjYjyDK/DZD8jH+k1CZBvJADh/pRsEsgszbGD:1j9jhjYjWK/lyH+kMBRADh/pmEsgsfGD
Yara None matched
VirusTotal Search for analysis
Name f9349585a2393d43_ywazrlhkvzkzyim9k4zsmpmr.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\ywazRlhKVZKzYiM9k4zSmpmR.exe
Size 494.0KB
Processes 1108 (china.png)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 28345a7bb63babaf99e760965ce493b7
SHA1 7e752390f6ebca4e1e8889302549be4dd0845f62
SHA256 f9349585a2393d4378e283e73fc48d04941666ec0ccae4dd2fb68c2cad7ac9a1
CRC32 1DB82DEF
ssdeep 12288:qpHLo/ADRUoBhT3d7ybbicrZumiAgp+zjgm6sFuMLGx:SroGRU+Fu+clhl/JVuMSx
Yara
  • win_registry - Affect system registries
  • win_files_operation - Affect private profile
  • PE_Header_Zero - PE File Signature Zero
  • OS_Processor_Check_Zero - OS Processor Check Signature Zero
  • IsPE32 - (no description)
  • IsWindowsGUI - (no description)
  • IsPacked - Entropy Check
VirusTotal Search for analysis
Name db10338601b6aa74_jkhjpfgei87lg9mjfrv8ezcs.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\jkhJpfGei87Lg9MjFrv8ezcs.exe
Size 4.3KB
Processes 1108 (china.png)
Type HTML document, ASCII text
MD5 20159539ec70d1b6fe7a0c4e8604fff7
SHA1 61b34ca9d2147fac3b740454b475197334bf78bb
SHA256 db10338601b6aa74ffb0c77f622af2ead79a1facb70d41aab27f6207a4804132
CRC32 C614BA7E
ssdeep 96:1j9jwIjYjyDK/DZD8jH+k1CZBvJADh/pRsisgszbGD:1j9jhjYjWK/lyH+kMBRADh/pmisgsfGD
Yara None matched
VirusTotal Search for analysis