popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 2ae857e692d89f4b_yttuawje.dat
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\YTtuAwJe.dat
Size 1.0MB
Processes 2260 (powershell.exe)
Type PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
MD5 4f191766722263b8ce47111636d2f4c9
SHA1 c73b01f2d3fe1097dd3b9b7a24fba07422c420ea
SHA256 2ae857e692d89f4bca1305e7ef3bf3c727abb4f3347153fe041448a69b493c12
CRC32 5A4B011B
ssdeep 12288:vS7oCiYqlAOsxk8wf5HUymcfWCGult+27u8XoZZaudCaBSPZC1XZrTKQrDbl/:+oCsnEkHxmUpGult+27joZJIyXRKYDR/
Yara
  • IsPE64 - (no description)
  • Generic_Malware_Zero - Generic Malware
  • IsDLL - (no description)
  • UPX_Zero - UPX packed file
  • Malicious_Packer_Zero - Malicious Packer
  • PE_Header_Zero - PE File Signature
VirusTotal Search for analysis
Name ea5c46c989d46367_d93f411851d7c929.customdestinations-ms
Submit file
Filepath c:\users\test22\appdata\roaming\microsoft\windows\recent\customdestinations\d93f411851d7c929.customdestinations-ms
Size 7.8KB
Processes 2260 (powershell.exe)
Type data
MD5 faed47fd8f345d57eccff8b99d3f21fa
SHA1 2bb129fe2938e8cfb49b29e00b4e426cc4682ced
SHA256 ea5c46c989d463676db524b6f528ec8db44629be6bb801b8c54e487754f11102
CRC32 5EB47B78
ssdeep 96:YtuCuGCPDXBqvsqvJCwo9tuCuGCPDXBqvsEHyqvJCworo7HwxWlUVul:YtPXo9tPbHnorTxo
Yara
  • Antivirus - Contains references to security software
VirusTotal Search for analysis