popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 2391b26d23fe9524_xtmklsmftnsk6tlb[1].exe
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\XtmkLSmftnsk6TlB[1].exe
Size 1.2MB
Processes 1396 (iexplore.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 b4e2699346ce3d5f87374a32403e3464
SHA1 ed97a18ac2a1d64d624fcc808594be239fb06206
SHA256 2391b26d23fe9524618b01def4f0d37775efb9dee1d06c7c3927adcd810da40b
CRC32 EEB0C93A
ssdeep 24576:YxMPUnab/wxnxDirBaY7u61XEXr1Tj1vN3IvIfTAhi3P5FooG:03xnxOrBF7u65y1nYcAhi3ro
Yara
  • Win_Backdoor_AsyncRAT_Zero - Win Backdoor AsyncRAT
  • Win32_Trojan_PWS_Net_1_Zero - Win32 Trojan PWS .NET Azorult
  • PE_Header_Zero - PE File Signature
  • Admin_Tool_IN_Zero - Admin Tool Sysinternals
  • Is_DotNET_EXE - (no description)
  • OS_Processor_Check_Zero - OS Processor Check
  • IsPE32 - (no description)
  • Malicious_Library_Zero - Malicious_Library
VirusTotal Search for analysis
Name efc1df804a4ee572_recoverystore.{8df9dbb9-ca8d-11eb-bde1-94de278c3274}.dat
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{8DF9DBB9-CA8D-11EB-BDE1-94DE278C3274}.dat
Size 5.0KB
Processes 1756 (iexplore.exe)
Type Composite Document File V2 Document, Cannot read section info
MD5 14e390b21a2caa22faccbc567b5a1b06
SHA1 14440262c8049963d8c1a457c9a33e923e097adc
SHA256 efc1df804a4ee57272cf13261604998acf97b029981047c1666661830e39e981
CRC32 76F02060
ssdeep 12:rlfF2VrEg5+IaCrI0CI7eF25WTrEgmZ+IaCrI0CIc8GmRVOeMiqI771NlTqbaxxD:rqV5/f5WTG5/k85jBM+NlWyuNlWy
Yara
  • Microsoft_Office_File_Zero - Microsoft Office File
VirusTotal Search for analysis
Name f01fa9cf1795fb5a_{8df9dbba-ca8d-11eb-bde1-94de278c3274}.dat
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{8DF9DBBA-CA8D-11EB-BDE1-94DE278C3274}.dat
Size 4.5KB
Processes 1756 (iexplore.exe)
Type Composite Document File V2 Document, Cannot read section info
MD5 1c8a4d8c8c576a9f75518c56ead57484
SHA1 737979992fdb9f908f438dd8a7aaba82f2b2a857
SHA256 f01fa9cf1795fb5a64c6553cc9ed38c34db0c29c5280edf09a872069fcb11556
CRC32 104F0A9D
ssdeep 12:rlxAFK1ZrEgm8GL7KFgDrEgm8Gn7qsLNl26abax1NlsfRbax0EKB:rNzG8kG8KLNlIoNl4nE
Yara
  • Microsoft_Office_File_Zero - Microsoft Office File
VirusTotal Search for analysis