popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 70bb08cc5ba22487_8LmTcKDj8jAa.bat
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\8LmTcKDj8jAa.bat
Size 206.0B
Processes 7236 (None) 3456 (cmd.exe)
Type DOS batch file, ASCII text, with CRLF line terminators
MD5 c765141476b326ba628e9de2668f699a
SHA1 784fe777a6c57a781bee78421dca7498953e0923
SHA256 70bb08cc5ba224875c52357a2e6bcc45dc44c214cccad10b6ace0ddc3dc97fae
CRC32 7B18C55C
ssdeep 6:hC47bxrBeLuVFOOr+DE1mQpcLJ23fQvKOZG1mQpcLJ23fGlBq:d5r+uVEOCDEJOLM/OLMOlBq
Yara None matched
VirusTotal Search for analysis
Name f4fd51e6e0684d72_Expense.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Expense.exe
Size 23.5KB
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 b127f3a9da9a84ab311eeff6917b7bd6
SHA1 2d7ab3ad129e2d372e672a236aae5e82ba835626
SHA256 f4fd51e6e0684d722cfacceb9a3abb8e4c449e96dce19b1f8b47fc8b09abf9df
CRC32 BFBF6FEF
ssdeep 384:5vrOSKo2KlUgzlMX4hGGBVUUUqUUUUUUUUUUUUdTvULJ0+IeMQqt/UGK8X+uxLeU:trOZtkXBVUUUqUUUUUUUUUUUUdTvYJE5
Yara
  • Win_Backdoor_AsyncRAT_Zero - Win Backdoor AsyncRAT
  • Win32_Trojan_PWS_Net_1_Zero - Win32 Trojan PWS .NET Azorult
  • PE_Header_Zero - PE File Signature
  • Is_DotNET_EXE - (no description)
  • IsPE32 - (no description)
VirusTotal Search for analysis