popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name cd933deed6ad151d_azzbjwzb.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\azzBJWZB.exe
Size 606.5KB
Processes 2208 (EmmyCrypted.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 d2090d6b03c4c37de4e1e8e615d578b2
SHA1 b18d58d947d4f0ea9a215bed4b279b555c299270
SHA256 cd933deed6ad151dbc88561ea55dc128b464843b481a474b94ab909e0bcef85d
CRC32 D8BC0124
ssdeep 12288:zoLLoS60/K7yh0q6eYyXoYtdwBRl/lZ2hYMR1ssg:zoLA8NXndwU7Yd
Yara
  • Win32_Trojan_PWS_Net_1_Zero - Win32 Trojan PWS .NET Azorult
  • PE_Header_Zero - PE File Signature
  • Is_DotNET_EXE - (no description)
  • Malicious_Packer_Zero - Malicious Packer
  • IsPE32 - (no description)
VirusTotal Search for analysis
Name f42dc5cfcb8e3780_tmp8282.tmp
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\tmp8282.tmp
Size 1.6KB
Processes 2208 (EmmyCrypted.exe)
Type XML 1.0 document, ASCII text, with CRLF line terminators
MD5 de3e34ae89a75be4330e2d36c9e110cd
SHA1 88af77dd361a53c8a448a3ba617b86c87d1eef3e
SHA256 f42dc5cfcb8e3780124cf542ac979714ebe831bdfc8efbf4aa7c8733065f77bd
CRC32 AA0F6C5D
ssdeep 24:2dH4+SEqCH/7IlNMFQ/rlMhEMjnGpwjpIgUYODOLD9RJh7h8gKBItn:cbhf7IlNQQ/rydbz9I3YODOLNdq3c
Yara None matched
VirusTotal Search for analysis