popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name d25251fef6ca9e73_tmp31B2.tmp
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\tmp31B2.tmp
Size 1.6KB
Processes 2088 (petrol.exe)
Type XML 1.0 document, ASCII text, with CRLF line terminators
MD5 e71500097ad516d37341a0e6118f84e3
SHA1 1b10df629a39fe41e47beeef074b881e8fc1efc7
SHA256 d25251fef6ca9e73ed69e67cd4b72a198ba05a80edd9da449d63646d4940b097
CRC32 FA5EBBE1
ssdeep 24:2dH4+SEqCH/7IlNMFQ/rlMhEMjnGpwjpIgUYODOLD9RJh7h8gKBUtn:cbhf7IlNQQ/rydbz9I3YODOLNdq3E
Yara None matched
VirusTotal Search for analysis
Name be9589f2adcbadc9_ebzoec.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\EbzOEC.exe
Size 1.2MB
Processes 2088 (petrol.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 700a021908885c05ef227a55452d9ffe
SHA1 2e756ba21a4062e3006c49ec20eadcae51bfbe7d
SHA256 be9589f2adcbadc925774b3b70cbdde42a8955d687ecfdc2018cbe0544e82a88
CRC32 43C0FC06
ssdeep 12288:p8ubK4HtLGEUBXeu0BU5SisIid0kph+QrA2r79gEflEGD/XnyP112PdsfLosmoys:pWCzQ94uK5l4i3BMVYoydArS5D
Yara
  • PE_Header_Zero - PE File Signature
  • Admin_Tool_IN_Zero - Admin Tool Sysinternals
  • Generic_Malware_Zero - Generic Malware
  • Is_DotNET_EXE - (no description)
  • IsPE32 - (no description)
  • Win32_Trojan_PWS_Net_1_Zero - Win32 Trojan PWS .NET Azorult
VirusTotal Search for analysis