Dropped Files | ZeroBOX

Name	a45317c374d54e32_jfiag3g_gg.exe Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\jfiag3g_gg.exe
Size	184.0KB
Processes	1016 (jooyu.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed
MD5	`7fee8223d6e4f82d6cd115a28f0b6d58`
SHA1	`1b89c25f25253df23426bd9ff6c9208f1202f58b`
SHA256	`a45317c374d54e322153afd73f0e90f1486638d77b7fd85746d091071bbecd59`
CRC32	`A2E6C04C`
ssdeep	`3072:Wqpy/Qpjny+xdr+xG1IJQqv5Os/8+lD0y40rIyTZGnq7gUT+uX2uR:M/Ejn0ai5j/8+lDtTZGnql6n`
Yara	PE_Header_Zero - PE File Signature IsPE32 - (no description) Win32_Trojan_Emotet_2_Zero - Win32 Trojan Emotet
VirusTotal	Search for analysis

Name	8b581869bf8944a8_jfiag3g_gg.exe Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\jfiag3g_gg.exe
Size	61.5KB
Processes	1016 (jooyu.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed
MD5	`a6279ec92ff948760ce53bba817d6a77`
SHA1	`5345505e12f9e4c6d569a226d50e71b5a572dce2`
SHA256	`8b581869bf8944a8e0aa169adea2a4afe47434123da477132880aff6a5032181`
CRC32	`4FB6B99A`
ssdeep	`1536:kFqVH99TlY1Gsae6hiQ0OghNUenX7snouy8/JVz5:79TlY1Gsae6hKhNUaX7sout/JJ5`
Yara	PE_Header_Zero - PE File Signature IsPE32 - (no description)
VirusTotal	Search for analysis

Name	fe9e28ff0b652e22_fj4ghga23_fsa.txt Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\fj4ghga23_fsa.txt
Size	31.0B
Processes	1772 (jfiag3g_gg.exe) 1016 (jooyu.exe)
Type	Netscape cookie, ASCII text, with CRLF line terminators
MD5	`b7161c0845a64ff6d7345b67ff97f3b0`
SHA1	`d223f855da541fe8e4c1d5c50cb26da0a1deb5fc`
SHA256	`fe9e28ff0b652e22a124b0a05382bc1ac48cbd9c7c76ca647b0c9f8542888f66`
CRC32	`03997E72`
ssdeep	`3:SIWG8Advn:SIB8uv`
Yara	None matched
VirusTotal	Search for analysis