popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name f825dd89181e7435_d93f411851d7c929.customDestinations-ms~RF2359e37.TMP
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d93f411851d7c929.customDestinations-ms~RF2359e37.TMP
Size 7.8KB
Processes 4864 (powershell.exe) 4372 (powershell.exe)
Type data
MD5 61d3b003e73f968491bb9de05318fcbd
SHA1 abb40732bf72a072c5b176449fdb8f1c56383e03
SHA256 f825dd89181e743525684aff8d99cc6d78046e461147c33b6f7a182b98c58ea9
CRC32 76116DE9
ssdeep 96:wtuCiGCPDXBqvsqvJCwoNtuCiGCPDXBqvsEHyqvJCworc7HwxGlUVul:wt7XoNt7bHnorXxY
Yara
  • Antivirus - Contains references to security software
VirusTotal Search for analysis
Name 33d7fa2a8936cc50_evdwacbtpw.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\eVDwACBtpW.exe
Size 32.5KB
Processes 4372 (powershell.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 0d1334075336455a13a36fd909417556
SHA1 4f1937f0eeeb697ef992547701295134fde65c20
SHA256 33d7fa2a8936cc5064b63592b77f87c02fcdc1396395ae2316e3a7c783523ad9
CRC32 4E695692
ssdeep 768:FrqQ7AmV3rjBkyo1b2kP8K9RWZmUAiPatwTxS+IASDO39UYlyaQtZZl:F33kKZZxP3FS3AXDuT
Yara
  • PE_Header_Zero - PE File Signature Zero
  • IsPE32 - (no description)
  • IsWindowsGUI - (no description)
  • IsPacked - Entropy Check
  • ImportTableIsBad - ImportTable Check
  • FASM - http://flatassembler.net
VirusTotal Search for analysis