popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name d0a6ae7c1340113e_micosoft2.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\micosoft2.exe
Size 434.5KB
Processes 8752 (None)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 eff44c116ba1cf666a37bb022cf0368a
SHA1 1056019b7ecde3652dad319b4b03042bb46abc99
SHA256 d0a6ae7c1340113ea5a1c49b49525939fdf86558d02abde81c6b40d9a07b6887
CRC32 D946A1E9
ssdeep 6144:MzwHbgZxjF8klLxI0hSJMIjaUp/26eAwlDqY/RVee7cKuy/Jd5Ae3nLMJ:MzwHbgZxjDIKSKIjzTigyVe83uy1AAY
Yara
  • PE_Header_Zero - PE File Signature
  • Is_DotNET_EXE - (no description)
  • IsPE32 - (no description)
VirusTotal Search for analysis
Name cecd2409ec3c46fe_tmp50AF.tmp.bat
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\tmp50AF.tmp.bat
Size 155.0B
Processes 8752 (None) 4964 (cmd.exe)
Type DOS batch file, ASCII text, with CRLF line terminators
MD5 a9178ba3b23b68bcac4139874e628087
SHA1 ee0ca7f934bfa090255dd10c4ddf5f395460e298
SHA256 cecd2409ec3c46feee5643a3ee64ecea51f21b5489e35cea9b488e79b0103d7c
CRC32 54E07A52
ssdeep 3:mKDDCMNqTtvL5omWxpcL4EaKC5A2NIvmqRDmWxpcL4E2J5xAInTRI6VkjS7ZPy:hWKqTtT6mQpcLJaZ5zNIvmq1mQpcLJ2c
Yara None matched
VirusTotal Search for analysis