popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 37882a4a0aaf84e2_c5e504606bceb80648bcecb9e1bfe1ee.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\c5e504606bceb80648bcecb9e1bfe1ee.exe
Size 3.0MB
Processes 1608 (oy.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 0dad0861840cb73b4cefce3dcce28fa5
SHA1 760f36ab9cdb2cba9db76f8e392da6bc0ed5bd5b
SHA256 37882a4a0aaf84e2f3c063de493fedbf2233c31c7bd146c79059dd1ae914e2f4
CRC32 C71A602B
ssdeep 49152:3P+LLajA0Rtg0xD9enMqcKAEVcnidEl4ZquTONy1kH6oVVvkof5XMdXpqzHZa:3Guzg0VYXPVRKl4ZqpvVVvhfGFpe5a
Yara
  • PE_Header_Zero - PE File Signature
  • Generic_Malware_Zero - Generic Malware
  • Is_DotNET_EXE - (no description)
  • IsPE32 - (no description)
  • themida_packer - themida packer
VirusTotal Search for analysis
Name 72922d4d9a86ea94_info.txt
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\info.txt
Size 196.0B
Processes 1608 (oy.exe)
Type ASCII text, with no line terminators
MD5 168c097b92055dfcb4cdb277090c1d9d
SHA1 b11c24e2cf54f4ec2b3c9dfe9732dbba5ca00ee0
SHA256 72922d4d9a86ea94969025e5d82587ae4fdee62506085ff257e0831d4e9c5b21
CRC32 9325E13B
ssdeep 6:aVX/+wCF2R5j1X00gUrT8DH+X3TVGW6q+lQCHJoUrCn:F3I5x3LrT2+VGWr+lQwmUrCn
Yara None matched
VirusTotal Search for analysis
Name 2f67d80978a183af_bin.txt
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\bin.txt
Size 46.0B
Processes 1608 (oy.exe) 2248 (bin.exe)
Type ASCII text, with no line terminators
MD5 4219388a3f85807201758954a9ecadb4
SHA1 927248e6607810d4f38c70fe9b50b68efef661a0
SHA256 2f67d80978a183afadd3a481568d75bb60f4cea179a638a6b628854946441051
CRC32 444EE0F2
ssdeep 3:N1KKK/qsRa57KODNELKWT:CKsxKfiLKs
Yara None matched
VirusTotal Search for analysis
Name 5fb6d78a005855a7_bin.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\bin.exe
Size 44.0KB
Processes 1608 (oy.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 a31b2af1ec483b292571ee5ae2a7f1e4
SHA1 38103d01af73ca2a94c571cd442704fd2bbeb6ec
SHA256 5fb6d78a005855a735c538d79004ccaf042622431fdba5047539f1a6e05f704e
CRC32 269341A3
ssdeep 768:nu4e8lqAJiM7HKVUPbIt1qV4Z2XPuXzCQfO:nu4H0AJr76UTiNZ2f4CQm
Yara
  • PE_Header_Zero - PE File Signature
  • Admin_Tool_IN_Zero - Admin Tool Sysinternals
  • Generic_Malware_Zero - Generic Malware
  • OS_Processor_Check_Zero - OS Processor Check
  • Is_DotNET_EXE - (no description)
  • IsPE32 - (no description)
  • Win_Backdoor_AsyncRAT_Zero - Win Backdoor AsyncRAT
  • Win32_Trojan_PWS_Net_1_Zero - Win32 Trojan PWS .NET Azorult
VirusTotal Search for analysis
Name e5c7931e871678ae_Cookies
Submit file
Filepath C:\Users\test22\AppData\Local\Google\Chrome\User Data\Default\Cookies
Size 36.0KB
Type SQLite 3.x database, last written using SQLite version 3033000
MD5 8e36f9cfbb4e98a1ea4cb31b1dfd18ba
SHA1 271e10b8bb5623e6552f2be568b01ae93b3e5a3a
SHA256 e5c7931e871678ae9bf44ed496a03ba8524a3d7600a44b29a60847ddda90eb86
CRC32 C73EAD8F
ssdeep 24:TLea0RlPbXaFpEO5bNmISHdL6UwcOxvyUU3Z:TYLOpEO5J/KdGU1EyU2Z
Yara None matched
VirusTotal Search for analysis