popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 74c439a7188cc0dc_run64.txt
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\run64.txt
Size 32.0B
Processes 804 (httpd.exe)
Type ASCII text, with no line terminators
MD5 9697dadf177bbfab67e09ad229bb7b65
SHA1 0739ff55ec2d199572899f44021d73a24000d879
SHA256 74c439a7188cc0dc34b32b79728775dbbde240234f0adc315ae21679835699f9
CRC32 91DD0916
ssdeep 3:jemQj4CrPCRqhb:j5Q8gPfb
Yara None matched
VirusTotal Search for analysis
Name 809e6103be38daf1_redis-server.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\redis-server.exe
Size 7.1MB
Processes 804 (httpd.exe)
Type PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
MD5 28fed6fd70691d410de60a57d590b549
SHA1 6ffa84bf67f1ae096c3ee0c70978ae1a36871538
SHA256 809e6103be38daf10dc04c9fbe476f0187a7558133361b83917982fbe24d3ade
CRC32 07C81262
ssdeep 98304:9/3vTXGjTPr9H3GYEIrcMGmMEGdbI8C2LUDI5T1sIMftBzYthfW8aB2+dXjpviF/:9Pr4KFMzG/FSViXsdLKSDai
Yara
  • PE_Header_Zero - PE File Signature
  • IsPE64 - (no description)
  • Generic_Malware_Zero - Generic Malware
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
  • Malicious_Library_Zero - Malicious_Library
  • Malicious_Packer_Zero - Malicious Packer
VirusTotal Search for analysis
Name 685ccc95c86fbd7d_urlmon.dll
Submit file
Filepath C:\Windows\System32\urlmon.dll
Size 1.3MB
Type PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5 4cbf1bbf5006930545749faa6e759dde
SHA1 9e588d281131cd47cebf747383adf2875105ad8a
SHA256 685ccc95c86fbd7d540d27985975518d4eecca5f2f1ee57cac9d53b48a6f27d1
CRC32 E0E2E113
ssdeep 24576:SRsUqZZwQTr158Gl5bSsyzTcpOAe012bMDtmBLRn0SpHs5H0:SRsVZDgGl1SsyPc4Al1SLJ0sM5H
Yara
  • PE_Header_Zero - PE File Signature
  • IsPE64 - (no description)
  • UPX_Zero - UPX packed file
  • Win32_Trojan_Emotet_2_Zero - Win32 Trojan Emotet
  • Win32_Trojan_Gen_2_0904B0_Zero - Win32 Trojan Gen
  • IsDLL - (no description)
  • Malicious_Library_Zero - Malicious_Library
  • Malicious_Packer_Zero - Malicious Packer
  • Win32_Trojan_Gen_1_0904B0_Zero - Win32 Trojan Emotet
VirusTotal Search for analysis
Name 35929ec8c6ffad64_url64.txt
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\url64.txt
Size 52.0B
Processes 804 (httpd.exe)
Type ASCII text, with no line terminators
MD5 76a150f8dc323a5750b5d475e9b6a3b7
SHA1 974e8217ac1a3175c8354cbc8376d0fd1f5269c4
SHA256 35929ec8c6ffad642a678f76bc10988bbb0d0ca4789d377e36b3c6323884fa72
CRC32 EE63C085
ssdeep 3:05jHqLzP1P7OV/RJn:qKHJSVRJn
Yara None matched
VirusTotal Search for analysis