popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 1f15fc45e78f3f21_63A6.bat
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\63A4.tmp\63A5.tmp\63A6.bat
Size 42.8KB
Processes 1116 (kill$.exe)
Type UTF-8 Unicode text, with very long lines, with CRLF line terminators
MD5 a544e73f85b4d363577426099a872c71
SHA1 0de68ec2f8ac725df429b646451bda9dfaf6d6c2
SHA256 1f15fc45e78f3f21664c95e4673d1185ce68fea6725576326d2bd03d7c79b7d4
CRC32 87D64D97
ssdeep 768:RYBruSbQn0KUbjcx6qnzLZnH6g9QU405NumOZ2gR9Y:IKUbjcAqnzLZnHBj4kNuVZ2gRe
Yara
  • Antivirus - Contains references to security software
  • anti_vm_detect - Possibly employs anti-virtualization techniques
VirusTotal Search for analysis
Name 225aee453b9568ad_kill$.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\kill$.exe
Size 162.5KB
Type PE32+ executable (GUI) x86-64, for MS Windows
MD5 6b351a94a1b2da234cd920dfbf7499af
SHA1 57de9d9b5450747d66d43b16985004c85566af3a
SHA256 225aee453b9568adc4ebb27ce98fd80feabf144356196aa1139f08f4fe10eadc
CRC32 F5F22D4F
ssdeep 3072:N2sMWkzbJh1qZ9QW69hd1MMdxPe9N9uA0hu9TBfcXW2bOlDGhek/:0bJhs7QW69hd1MMdxPe9N9uA0hu9TBrG
Yara
  • UPX_Zero - UPX packed file
  • IsPE64 - (no description)
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
VirusTotal Search for analysis
Name e3b0c44298fc1c14_63A4.tmp
Empty file or file not found
Filepath C:\Users\test22\AppData\Local\Temp\63A4.tmp
Size 0.0B
Type empty
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
CRC32 00000000
ssdeep 3::
Yara None matched
VirusTotal Search for analysis