popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 8c8ff682257b82fd_tmpE9BD.tmp
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\tmpE9BD.tmp
Size 1.6KB
Processes 2388 (ac.exe)
Type XML 1.0 document, ASCII text, with CRLF line terminators
MD5 35e852ae435c6c1066d1c2ecd61a51d1
SHA1 ad45c1f37b37102582d0c7ec07bd161c8c89eef9
SHA256 8c8ff682257b82fd9ef8c2388cc96cc988c903c219f62b00e11b7572c5157867
CRC32 171990A2
ssdeep 24:2dH4+SEqCH/7IlNMFQ/rlMhEMjnGpwjpIgUYODOLD9RJh7h8gKBPP2ttn:cbhf7IlNQQ/rydbz9I3YODOLNdq3hPA
Yara None matched
VirusTotal Search for analysis
Name d42beb6c20833eae_cfgjshmvtzxckv.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\cfgjShmvTZXcKv.exe
Size 515.0KB
Processes 2388 (ac.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 6a61a028d6282029c5899a3ffcc84e60
SHA1 2b4cc8dc5d1993eb2851755e4b41325d204815d6
SHA256 d42beb6c20833eaed3d603706c03ae2a620f95a4a2fe0eea239636c97575ca24
CRC32 B5AAF977
ssdeep 6144:i6BCkiGNuqQ9WtRle2/W57d8L8LKW+0oS60/K7dSBhndZ5j+ss7ZufvVF45owFNg:iZqZoLLoS60/K7yh0xFNf0eUF0IJmCP
Yara
  • Win32_Trojan_PWS_Net_1_Zero - Win32 Trojan PWS .NET Azorult
  • Is_DotNET_EXE - (no description)
  • Malicious_Packer_Zero - Malicious Packer
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
VirusTotal Search for analysis