popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name e3b0c44298fc1c14_nsm74EC.tmp
Empty file or file not found
Filepath C:\Users\test22\AppData\Local\Temp\nsm74EC.tmp
Size 0.0B
Type empty
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
CRC32 00000000
ssdeep 3::
Yara None matched
VirusTotal Search for analysis
Name ae724fae1df235b2_of0jocmztzd
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\of0jocmztzd
Size 104.0KB
Processes 3800 (winlog.exe)
Type data
MD5 b0e05446fdae70decb35df19bce11c21
SHA1 1310b2f4ed7d1a15a7dec7477384ea38ddedafef
SHA256 ae724fae1df235b28335acfb2b4a66efeeb57ef431a535160de403ca8dba6319
CRC32 3FC1E305
ssdeep 1536:C2+R3/nkCFcEG4P/HPufoF+Dkhc7gUphuosyi5Y7bVQZxP/0my3oiZzi9iSdSEg:C7R3docc7JphuosyiybVQZ91MPi4
Yara None matched
VirusTotal Search for analysis
Name cc61f38d76cb736c_6d6f4d.hdb
Submit file
Filepath C:\Users\test22\AppData\Roaming\41D896\6D6F4D.hdb
Size 4.0B
Processes 1812 (winlog.exe)
Type data
MD5 4aafd0ca53d32aff9d2b334f88b5ede8
SHA1 13c537af99d00dd99419116e8c6ca219d3e12575
SHA256 cc61f38d76cb736c3c6a120a258cb9b15d0a3f355ef0b61c1d61a624ee276197
CRC32 83287B0E
ssdeep 3:S:S
Yara None matched
VirusTotal Search for analysis
Name 6b86b273ff34fce1_6D6F4D.lck
Submit file
Filepath C:\Users\test22\AppData\Roaming\41D896\6D6F4D.lck
Size 1.0B
Processes 1812 (winlog.exe)
Type very short file (no magic)
MD5 c4ca4238a0b923820dcc509a6f75849b
SHA1 356a192b7913b04c54574d18c28d46e6395428ab
SHA256 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
CRC32 83DCEFB7
ssdeep 3:U:U
Yara None matched
VirusTotal Search for analysis
Name ad683777ecd3a926_tus4oj3.dll
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\nsm74ED.tmp\tus4oj3.dll
Size 5.0KB
Processes 3800 (winlog.exe)
Type PE32 executable (DLL) (console) Intel 80386, for MS Windows
MD5 77fc437afe97d781991a4654276a7b5b
SHA1 3825c456dcfccb180ff477d8ee32b7a587091bd0
SHA256 ad683777ecd3a926afe8b2f88d8a0be0705401a48b653d7a71f91f209d11efe3
CRC32 AD99FBC2
ssdeep 48:Sthh5cPtqTWxWGa6PTh7SKFt5ET9TbOGa4zzBvoAXAdUMQ9Bg6RuqSK:AfTmw6BD5EhTiGXHBgVueax
Yara
  • rat_webcam - Remote Administration toolkit using webcam
  • win_files_operation - Affect private profile
  • Str_Win32_Wininet_Library - Match Windows Inet API library declaration
  • PE_Header_Zero - PE File Signature Zero
  • OS_Processor_Check_Zero - OS Processor Check Signature Zero
  • IsPE32 - (no description)
  • IsDLL - (no description)
  • IsConsole - (no description)
  • HasDebugData - DebugData Check
  • HasRichSignature - Rich Signature Check
VirusTotal Search for analysis
Name fbc6fba9876bda4a_hwy9rf3ncn
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\hwy9rf3ncn
Size 6.5KB
Processes 3800 (winlog.exe)
Type data
MD5 2473eaf28aae693393547de70363f56d
SHA1 208cb66e1cd745ee2800200c9880cda1269db08e
SHA256 fbc6fba9876bda4a639ea8c7364560698486d6da25ac2a94ad9a6cd935e271d5
CRC32 86DA825D
ssdeep 192:dtvU5Ci3GTzcLzmuLja5aeYrVNYPyuCQ9C:da5CiezcLskZwauCQg
Yara None matched
VirusTotal Search for analysis