popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name d93a4e7c2af26ebc_d6a4079ed6c5c8a41c8e
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\D6A4079ED6C5C8A41C8E
Size 176.0B
Processes 2564 (Dran.exe)
Type ASCII text, with CRLF line terminators
MD5 e86906ca2da2959c512af566539750e6
SHA1 89c3a355d1a4b9fadec17eec1f81e4ecbcc32983
SHA256 d93a4e7c2af26ebc67bde1490a28f642f351c41813258599f849211e5d29349f
CRC32 32EC86CA
ssdeep 3:XttktgkC6wwRRpo2tcy6appv1w1gRRrttktgkC6wwRRpo2tNd3Gxp3y:dhwrpoEjX9w1gbthwrpoENUp3y
Yara None matched
VirusTotal Search for analysis
Name 58b21a40c1864608_.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\ ver6.64\.exe
Size 128.0MB
Processes 2564 (Dran.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 3d6fe5e4722d37e962040adc5d6cc874
SHA1 d4524f3b9327579645f8449223a826a0e9eaae76
SHA256 68fa4e3e7053705935d3a7e6501cea729ce8ecb51b6306c1284f375969fab472
CRC32 66A82066
ssdeep 3145728:gYityIGKVajnSYEKOlzo6empd4WPu0YNXzOTq:1I18SM2zo6zuOufgq
Yara
  • PE_Header_Zero - PE File Signature
  • Admin_Tool_IN_Zero - Admin Tool Sysinternals
  • Generic_Malware_Zero - Generic Malware
  • Is_DotNET_EXE - (no description)
  • IsPE32 - (no description)
  • Win_Backdoor_AsyncRAT_Zero - Win Backdoor AsyncRAT
  • Win32_Trojan_PWS_Net_1_Zero - Win32 Trojan PWS .NET Azorult
VirusTotal Search for analysis