popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 5f7eb7cc3478aea3_mad.zip
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\mad.zip
Size 365.3KB
Processes 2232 (umbr.exe)
Type Zip archive data, at least v2.0 to extract
MD5 2dd394b649d386e88e6d6da28be926d5
SHA1 7d54a90856954c4b2c32514a58f9508727243be4
SHA256 5f7eb7cc3478aea3ae9f539e8d1a86aa36e188f468f8dc0ddd596571ac82008e
CRC32 3A016191
ssdeep 6144:nswHvUg96JxHRqyjyFXs7flb4rf+ZFkDyAL2GQs7wiVHjj5LE2bUBH74L/3c:jF6JxH4jFclCmjmyZrFOjj62Ksjc
Yara None matched
VirusTotal Search for analysis
Name 20b7efd1ac48cda5_run.exe
Submit file
Filepath C:\Users\Public\run.exe
Size 432.3KB
Processes 2232 (umbr.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 5ab6825cfced362802d1f3dd28e904bd
SHA1 3128acba6dcf3522321a40ea372e6031d5f8d7ef
SHA256 20b7efd1ac48cda513c6f08f92ef4c820cfdcf9676b0726edce8e07564723997
CRC32 F7A56D8D
ssdeep 6144:1gfEZoueRyjUFXs7flbarf+dFkDyAL24Qs72HWgOyJefwOGlHY8ZJ7bE8:1gfUoHFclkmvmyZhpPJevGBY8ZJ7w8
Yara
  • IsPE32 - (no description)
  • PE_Header_Zero - PE File Signature
  • Generic_Malware_Zero - Generic Malware
  • Is_DotNET_EXE - (no description)
  • Win_Backdoor_AsyncRAT_Zero - Win Backdoor AsyncRAT
VirusTotal Search for analysis