popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 798af20db39280f9_sqlmap.dll
Submit file
Filepath C:\Program Files\Microsoft DN1\sqlmap.dll
Size 114.0KB
Processes 8768 (scan.exe)
Type PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5 461ade40b800ae80a40985594e1ac236
SHA1 b3892eef846c044a2b0785d54a432b3e93a968c8
SHA256 798af20db39280f90a1d35f2ac2c1d62124d1f5218a2a0fa29d87a13340bd3e4
CRC32 CF004A91
ssdeep 3072:m3zxbyHM+TstVfFyov7je9LBMMmMJDOvYYVs:oMjTiVw2ve9LBMMpJsT
Yara
  • win_files_operation - Affect private profile
  • PE_Header_Zero - PE File Signature Zero
  • OS_Processor_Check_Zero - OS Processor Check Signature Zero
  • IsPE64 - (no description)
  • IsDLL - (no description)
  • IsWindowsGUI - (no description)
  • HasRichSignature - Rich Signature Check
VirusTotal Search for analysis
Name aa7cc2b5c280b784_d93f411851d7c929.customdestinations-ms
Submit file
Filepath c:\users\test22\appdata\roaming\microsoft\windows\recent\customdestinations\d93f411851d7c929.customdestinations-ms
Size 7.8KB
Processes 6096 (powershell.exe)
Type data
MD5 04a67c3ad20c6f838c78b0c9f8e8c990
SHA1 bfe6c82bfdbd5cf8a1c1ab14b94386701b4ee834
SHA256 aa7cc2b5c280b7849479071d312daf69252d8ed319a7285bdd991857cba7a631
CRC32 83A4F62D
ssdeep 96:7tuCiGCPDXBqvsqvJCwoetuCiGCPDXBqvsEHyqvJCworc7HwxGlUVul:7t7Xoet7bHnorXxY
Yara
  • Antivirus - Contains references to security software
VirusTotal Search for analysis
Name 1ac6a05f2fe3b95d_programs.bat
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\programs.bat
Size 141.0B
Processes 8768 (scan.exe)
Type ASCII text, with no line terminators
MD5 aafe63c0e3a10ecd523de79d0c2f2400
SHA1 b6aa19f83e8bb50461369bf51360d7ff736ccf18
SHA256 1ac6a05f2fe3b95dd31f9bbdab33222a155f3e2311f42852d993fadd0bea3f48
CRC32 2A9FF243
ssdeep 3:QwZ2vOUrKaM6eNGRjDmWxpcL4EaKC5SufyM1K/RFofD6tRQLRWLyLRHgn:QElPhxumQpcLJaZ5SuH1MUmt2FWLyS
Yara None matched
VirusTotal Search for analysis
Name 65138897f467adf9_programs.batXstart
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\programs.bat:start
Size 59.0B
Processes 8768 (scan.exe)
Type ASCII text, with no line terminators
MD5 579e29cec6bde04c5c074d8311d6b884
SHA1 2fdfd4c6b8eb43a4c6f4c0d3998e4a5364221dff
SHA256 65138897f467adf9fe20594326d724d2cd5b437d9aacf5f83721af340f70ce3c
CRC32 B2EA4990
ssdeep 3:eGAjGJwbZkREfcjMGERMQhM:ZuGJwi8cwGj
Yara None matched
VirusTotal Search for analysis
Name 4cc2f239f8838c6e_uDGacmH.tmp
Submit file
Filepath C:\Users\test22\AppData\Roaming\uDGacmH.tmp
Size 40.0KB
Type SQLite 3.x database, last written using SQLite version 3033000
MD5 2a51cf5f096c5924c7f47732d12e7c92
SHA1 6fcb446f6e2af378bb6aae032d58fbf939c98826
SHA256 4cc2f239f8838c6ec8297440c1455f09491854bcc3ac644fbcb53fe42dfb6ee2
CRC32 E70F8913
ssdeep 48:O3k+YzHF/8LKBwUf9KfWfkMUEilGc7xBM6vu3f+fmyJqhU:kSe7mlcwilGc7Ha3f+u
Yara None matched
VirusTotal Search for analysis
Name fb54dc1e345193db_rdpwrap.ini
Submit file
Filepath C:\Program Files\Microsoft DN1\rdpwrap.ini
Size 217.2KB
Processes 8768 (scan.exe)
Type ASCII text, with CRLF line terminators
MD5 c5ca0f44f8913eb6055eba91dace5b48
SHA1 1318135ef55431dac0654de3989446703e7be252
SHA256 fb54dc1e345193dbe8aaadc8dc4cd68c6321c7701f5f732d6eea3605e1b11b7b
CRC32 7B1483A4
ssdeep 768:uEUfZFsTR0poD+X8f/qG65wgP100JJRWDCUlnKxbBHq1I517t/0A5ff4n+mmyIfd:uyIfgteoLwoIvxZ3779Zsoug
Yara None matched
VirusTotal Search for analysis
Name e3b0c44298fc1c14_rfxvmt.dll
Empty file or file not found
Filepath C:\Windows\System32\rfxvmt.dll
Size 0.0B
Processes 8768 (scan.exe)
Type empty
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
CRC32 00000000
ssdeep 3::
Yara None matched
VirusTotal Search for analysis
Name 12b3c77f660d66c5_iHbEb.k.tmp
Submit file
Filepath C:\Users\test22\AppData\Roaming\iHbEb.k.tmp
Size 86.5KB
Type UTF-8 Unicode text, with very long lines, with no line terminators
MD5 87ef5025c70d86c0899a4093e6f9a06b
SHA1 ff1fb0801ea158c6d8dcf9dfa77de8ca687f84a1
SHA256 12b3c77f660d66c553ac8fb84369b1d75969005882381e46ee5448549ce1ba3f
CRC32 69D8DE6F
ssdeep 1536:chIoz+vs0tKqq+9uMIdSWdQT7ayMxbbWxpxjU3Nci0N0GDIEW/a1Yiur:OIoz+00sg7dna/xbwU36i4IEW/J
Yara None matched
VirusTotal Search for analysis