popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 9d3d13c55b2614c0_590aee7bdd69b59b.customDestinations-ms~RF526429.TMP
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-ms~RF526429.TMP
Size 7.8KB
Processes 1616 (powershell.exe) 2168 (powershell.exe)
Type data
MD5 3eb6fb80f9dbbc1201de9e762252141b
SHA1 c6d1e6ea5f2fef6f4458695b8ed7586aed429f1c
SHA256 9d3d13c55b2614c0615acea119139123b2a29f2a0daded7edd5146e4614a78e6
CRC32 23B7285A
ssdeep 96:YtuCaGCPDXBqvsqvJCwo9tuCaGCPDXBqvsEHyqvJCwor/tDHXyWlUVul:YtzXo9tzbHnorlTyo
Yara
  • Antivirus - Contains references to security software
  • Generic_Malware_Zero - Generic Malware
VirusTotal Search for analysis
Name bf31b12fa0ba232e_vbc.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\vbc.exe
Size 211.5KB
Processes 1616 (powershell.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 2f66472775a1d52a7aa5c54e4f50160b
SHA1 eead625b691bf14e793eb3b14e21175bef1172e1
SHA256 bf31b12fa0ba232eb07eed27f004f9c34695ecc3eb4a5270b89f8abb519a059b
CRC32 58A2AB61
ssdeep 6144:DgEfD/i1lkemVTt+ASZNaEz2lsS+QwyqquVy:pmet+fNi+0+
Yara
  • PE_Header_Zero - PE File Signature
  • OS_Processor_Check_Zero - OS Processor Check
  • Malicious_Library_Zero - Malicious_Library
  • IsPE32 - (no description)
VirusTotal Search for analysis