popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 58a8d9aabea2b306_run.dat
Submit file
Filepath C:\Users\test22\AppData\Roaming\017BD04F-B3BF-45B6-8167-9E8F41FF87BF\run.dat
Size 8.0B
Processes 1748 (22.exe)
Type data
MD5 cdfc93b69bf0eaa22427d20670d71429
SHA1 5ecd407434177adcda3c94b7b369f727bb0bf15d
SHA256 58a8d9aabea2b306186945da8a42c1c3b52c6bebe77afe496f0c8cd55bef2b58
CRC32 6824AD39
ssdeep 3:+48tn:H8tn
Yara None matched
VirusTotal Search for analysis
Name 9ff4917c65c52ef2_uxsvcglieomezp.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\UXSVcgliEomEzp.exe
Size 1.0MB
Processes 2532 (22.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 84a289e78940e188a5d3cd76c99b609e
SHA1 6bcdf1509b9b940faae06d504e453ce6d37a667a
SHA256 9ff4917c65c52ef2b511131ccbeec9338e2ac863e302ffbbda12c0553570672f
CRC32 B43CEEA4
ssdeep 12288:Teoy/9Ol9nbmNc0HQPE7E5NuJCVqQJBifN5T3NWOnmppHHMEqnl3QE3d8uUcB+DH:ToklZbmE5NuQVqyBQ5Tg7c0+i
Yara
  • Win_Backdoor_AsyncRAT_Zero - Win Backdoor AsyncRAT
  • Win32_Trojan_PWS_Net_1_Zero - Win32 Trojan PWS .NET Azorult
  • Is_DotNET_EXE - (no description)
  • PE_Header_Zero - PE File Signature
  • Malicious_Packer_Zero - Malicious Packer
  • IsPE32 - (no description)
VirusTotal Search for analysis
Name 10a5412c5cae88cb_tmp6387.tmp
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\tmp6387.tmp
Size 1.6KB
Processes 2532 (22.exe)
Type XML 1.0 document, ASCII text, with CRLF line terminators
MD5 e0339fe1887920a1e8564aabb34c7548
SHA1 2bbcb40834ab1d9a4d1dc1dafd4c3ec61639dcc1
SHA256 10a5412c5cae88cb57a4ff6e9ad1757c7fcf9c5d41f1012d1ed453580612a41d
CRC32 E0BB37C5
ssdeep 24:2dH4+SEqCH/7IlNMFQ/rlMhEMjnGpwjpIgUYODOLD9RJh7h8gKBsgtn:cbhf7IlNQQ/rydbz9I3YODOLNdq3G2
Yara None matched
VirusTotal Search for analysis