popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 9756af6473399c39_tmpE12C.tmp
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\tmpE12C.tmp
Size 1.6KB
Processes 3588 (cfnUcZXwRagCXAt.exe)
Type XML 1.0 document, ASCII text, with CRLF line terminators
MD5 103da8cd64db09c20cf96d85320d8b83
SHA1 7902c8767f5d0849aad7d790627a65f29b4926e9
SHA256 9756af6473399c39e35ea955967624b0d187a0d455817019e2dfd8d956fc98a3
CRC32 DEAD3DEA
ssdeep 24:2dH4+SEqCH/7IlNMFQ/rlMhEMjnGpwjpIgUYODOLD9RJh7h8gKBj7Btn:cbhf7IlNQQ/rydbz9I3YODOLNdq3V
Yara None matched
VirusTotal Search for analysis
Name 54c006caa7214069_nzxlltlnpanl.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\NzXLLtlNpAnl.exe
Size 867.0KB
Processes 3588 (cfnUcZXwRagCXAt.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 9f0f1c608623dee55cee4ef2c4e3e385
SHA1 7f9bc21560f65f8d726161d5e5a25f8f0f746825
SHA256 54c006caa7214069b6aa64480cc84d562cae814c7e63516efa8eec7e6ebb3c30
CRC32 DF980B2C
ssdeep 12288:uihn3M5Is8CzNXN7V0DOETpoEHmULIdgb0Pvvwc9/JTJEgPiclV+2IQ:R3MOyd7QKEG+oRo6TeylAFQ
Yara
  • Win_Backdoor_AsyncRAT_Zero - Win Backdoor AsyncRAT
  • PE_Header_Zero - PE File Signature Zero
  • OS_Processor_Check_Zero - OS Processor Check Signature Zero
  • Win32_Trojan_PWS_Azorult_Net_1_Zero - Win32 Trojan PWS .NET Azorult
  • IsPE32 - (no description)
  • IsNET_EXE - (no description)
  • IsWindowsGUI - (no description)
  • IsPacked - Entropy Check
VirusTotal Search for analysis