Dropped Files | ZeroBOX

Name	43536adef2ddcc81_softokn3.dll Submit file
Filepath	C:\ProgramData\softokn3.dll
Size	141.5KB
Processes	3044 (osxcjhgfd.exe)
Type	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5	`a2ee53de9167bf0d6c019303b7ca84e5`
SHA1	`2a3c737fa1157e8483815e98b666408a18c0db42`
SHA256	`43536adef2ddcc811c28d35fa6ce3031029a2424ad393989db36169ff2995083`
CRC32	`760685C5`
ssdeep	`3072:UAf6suip+d7FEk/oJz69sFaXeu9CoT2nIVFetBWsqeFwdMIo:p6PbsF4CoT2OeU4SMB`
Yara	IsPE32 - (no description) OS_Processor_Check_Zero - OS Processor Check IsDLL - (no description) UPX_Zero - UPX packed file PE_Header_Zero - PE File Signature
VirusTotal	Search for analysis

Name	16574f51785b0e2f_sqlite3.dll Submit file
Filepath	C:\ProgramData\sqlite3.dll
Size	630.5KB
Processes	3044 (osxcjhgfd.exe)
Type	PE32 executable (DLL) (console) Intel 80386, for MS Windows
MD5	`e477a96c8f2b18d6b5c27bde49c990bf`
SHA1	`e980c9bf41330d1e5bd04556db4646a0210f7409`
SHA256	`16574f51785b0e2fc29c2c61477eb47bb39f714829999511dc8952b43ab17660`
CRC32	`9F30A75E`
ssdeep	`12288:i0zrcH2F3OfwjtWvuFEmhx0Cj37670jwX+E7tFKm0qTYh:iJUOfwh8u9hx0D70NE7tFTYh`
Yara	IsPE32 - (no description) IsDLL - (no description) PE_Header_Zero - PE File Signature
VirusTotal	Search for analysis

Name	a75dfa3f50185888_osxcjhgfd.exe Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\osxcjhgfd.exe
Size	510.5KB
Processes	2052 (asxcjhgfd.exe)
Type	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5	`36d1e716d8da89c2f49be65feaeadca5`
SHA1	`de207b3884076d903b319b6ea613ed2cf994467e`
SHA256	`a75dfa3f50185888ffb86758b2b1c71e32491eed8af52c86ceb975e868551f93`
CRC32	`53C714BE`
ssdeep	`12288:dSvKW8L7f7WWeJ4wne8AdiyvHl/jwDWeeKmyJ4Gl:dSvsWWNhFFvFbwD7`
Yara	Win32_Trojan_PWS_Net_1_Zero - Win32 Trojan PWS .NET Azorult IsPE32 - (no description) Malicious_Packer_Zero - Malicious Packer Generic_Malware_Zero - Generic Malware Is_DotNET_EXE - (no description) PE_Header_Zero - PE File Signature
VirusTotal	Search for analysis