popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 1ca35de88f52b7d8_fontwinnetdhcpfontref.exe
Submit file
Filepath C:\fontWinnetDhcp\fontWinnetDhcpfontref.exe
Size 1.1MB
Processes 2420 (cmd.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 82a88fc2bafcddffa7880a89392f2fdc
SHA1 ce645e0786caff592ee8b70b31081575def34462
SHA256 1ca35de88f52b7d82f1ecbcf5a51f51ddb0fbc152e4444f93ac4e3cecf28b627
CRC32 3FFC707D
ssdeep 24576:nljB+gXeLBMCjGCgPIKaRG7XBey/nz+JeIB+4:nxB9uLpkA0j+kIA
Yara
  • IsPE32 - (no description)
  • PE_Header_Zero - PE File Signature
  • OS_Processor_Check_Zero - OS Processor Check
  • Generic_Malware_Zero - Generic Malware
  • Is_DotNET_EXE - (no description)
  • UPX_Zero - UPX packed file
  • Win_Backdoor_AsyncRAT_Zero - Win Backdoor AsyncRAT
VirusTotal Search for analysis
Name 2f51cd22bf97120a_kam3e.bat
Submit file
Filepath C:\fontWinnetDhcp\Kam3E.bat
Size 45.0B
Processes 2420 (cmd.exe)
Type ASCII text, with no line terminators
MD5 6c83417de80888b16a68d448795e8884
SHA1 fc02fbbab90e405556bd61f351fb332546a1842c
SHA256 2f51cd22bf97120ad12cd818870ab2c6f4f9980c321235dcfafe32996cae7d7b
CRC32 D8645CFB
ssdeep 3:I5WtL0h3jL0hJLRXu:II5YnYFRXu
Yara None matched
VirusTotal Search for analysis
Name e3b0c44298fc1c14___tmp_rar_sfx_access_check_15655890
Empty file or file not found
Filepath C:\fontWinnetDhcp\__tmp_rar_sfx_access_check_15655890
Size 0.0B
Type empty
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
CRC32 00000000
ssdeep 3::
Yara None matched
VirusTotal Search for analysis
Name 1a05f72c29b417d2_6203df4a6bafc7c328ee7f6f8ca0a8a838a8a1b9
Submit file
Filepath C:\Sandbox\test22\6203df4a6bafc7c328ee7f6f8ca0a8a838a8a1b9
Size 80.0B
Processes 2736 (fontWinnetDhcpfontref.exe)
Type ASCII text, with no line terminators
MD5 af8c2edadf5f000fd8b666a62e951c35
SHA1 e0ef6465f6bfacdf6c6c09601ecea6b780c32889
SHA256 1a05f72c29b417d248db40d7baeb3a3c95cdf2726da117e1739a894837341951
CRC32 DB2A3E78
ssdeep 3:KwwTwBwvlweITKzzLLxcPrSWA:KwrwvlweITY1sBA
Yara None matched
VirusTotal Search for analysis
Name a9aeb4f03debfb47_exmikg.vbe
Submit file
Filepath C:\fontWinnetDhcp\exmIkg.vbe
Size 196.0B
Processes 2420 (cmd.exe)
Type data
MD5 938a5b9acadcf3145c8498688b4d4750
SHA1 dc037b0a90e57a6f61b5d1a7c3b090b0466be691
SHA256 a9aeb4f03debfb47986f1c4a88ea9d060035c258f313ff67a827f31ea5b380b1
CRC32 0FF3264F
ssdeep 6:GivwqK+NkLzWbHY08nZNDd3RL1wQJRfWyFJsxYWs:Gi2MCzWLY04d3XBJEvxu
Yara None matched
VirusTotal Search for analysis
Name 0f9ba8aec5086748_617403385cfa5793a54cc4029c1bf0ecc358174e
Submit file
Filepath C:\ProgramData\Microsoft Help\617403385cfa5793a54cc4029c1bf0ecc358174e
Size 120.0B
Processes 2736 (fontWinnetDhcpfontref.exe)
Type ASCII text, with no line terminators
MD5 fcbc619d2484c50754c89940694ccde4
SHA1 b54119e62af208ce3ee6fcc93ca6b1314f1948e9
SHA256 0f9ba8aec5086748792bdfa008d01638b6e721cff1ebc9a7300ec775b4a8f004
CRC32 F4CD9F7A
ssdeep 3:458R3CqOuwVXtYJNOiKQzpTJWwJB7GozWtmVp:45a5KV9KO5QpJf7jF
Yara None matched
VirusTotal Search for analysis
Name 58deb2caf40a74c6_7a0fd90576e08807bde2cc57bcf9854bbce05fe3
Submit file
Filepath C:\Windows\fveupdate\7a0fd90576e08807bde2cc57bcf9854bbce05fe3
Size 214.0B
Processes 2736 (fontWinnetDhcpfontref.exe)
Type ASCII text, with no line terminators
MD5 e0c758264cfabecd8e236c3b3315b5b4
SHA1 14e5fdb9eea61eea0c776912cf48213f06e3b5fd
SHA256 58deb2caf40a74c67b95109b101f19b443fa72d2ae842536d12588cc5ab5960c
CRC32 59750E62
ssdeep 3:RChWddgogZq8o3QG/1BIeh+c1oLLMUyBc369AjkqgmGswVmUz9ccEXgicBkUpWr8:k0uq8ogr5c1kLoqcANwVj3EwNkzYm1Vw
Yara None matched
VirusTotal Search for analysis