Dropped Files | ZeroBOX

Name	8b3a8268efe41220_pcad1.exe Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\pcad1.exe
Size	540.0KB
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`c7af1f6747d5c61e97d556dec9aec85c`
SHA1	`949a30cc29ebf345ffbb988118bb6eae50769759`
SHA256	`8b3a8268efe41220e294e6cad1055c46041d11c59ba37672709401aaefe5ae47`
CRC32	`9C73451D`
ssdeep	`12288:S2vcfzbyNUJO5FNg6QQCnoZeHn12N2+/tr4Kn2Ghn4:SxXyNU4gACosHed/tdn2GR`
Yara	PE_Header_Zero - PE File Signature Antivirus - Contains references to security software OS_Processor_Check_Zero - OS Processor Check IsPE32 - (no description)
VirusTotal	Search for analysis

Name	1acf2b34efa6e64e_mkill.bat Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\mkill.bat
Size	200.0B
Processes	1836 (pcad1.exe) 556 (cmd.exe)
Type	ASCII text, with CRLF, CR line terminators
MD5	`3c75d70d6fcbe2becaa214670c983fe9`
SHA1	`c4095c9fb06ff8babf0a8b02ea68c0d5534be6db`
SHA256	`1acf2b34efa6e64e51983499ebf02cd729c1b3901bca59eb863eb773c71908f2`
CRC32	`2396C3C7`
ssdeep	`6:mR8mQpcLJ23fZA8AdUmQpcLJ23fZAY0Qx358:mRCOLMmRIOLMmYNw`
Yara	None matched
VirusTotal	Search for analysis