popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name b4a5ecd4285c5431_1632528044.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\1632528044.exe
Size 68.5KB
Processes 2100 (r33.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 ae3acfb74780b06e60c44e545597d5d4
SHA1 42498d0ad9b494c2f79a5dbfa199d4c570bf223a
SHA256 b4a5ecd4285c5431b486740ce111211df90486d4ba1fe189e5cbbcd02ec72ed3
CRC32 FAE29029
ssdeep 1536:g3Mz8uRmsoOhHywGaoFyBmGkONWhP05F3:Lw8G31QwG8hs5F3
Yara
  • Malicious_Packer_Zero - Malicious Packer
  • PE_Header_Zero - PE File Signature
  • Malicious_Library_Zero - Malicious_Library
  • Win_Worm_Phorpiex - a worm which spreads via removable drives and network drives.
  • IsPE32 - (no description)
VirusTotal Search for analysis
Name 5f66c5076320297c_cmdcfg.dat
Submit file
Filepath C:\Users\test22\cmdcfg.dat
Size 286.0B
Processes 2100 (r33.exe)
Type data
MD5 d404c8b1a4a0a0dae03762d4a69e83ec
SHA1 7239b2ae09883c7bd936049eef95d6a19ee6e547
SHA256 5f66c5076320297cf38ce16e7fb603463b4b538e3099d1716b648e9d1ed799d5
CRC32 CFCC24EF
ssdeep 6:uo/kPKjzk4ctZSrShSRhbj6iCTUyedob+3azX1cJrxDCBxNHIZ3n:cwI46iCNKqzX1Ir8+xn
Yara None matched
VirusTotal Search for analysis
Name 769f9af6853bfd15_nodescfg.dat
Submit file
Filepath C:\Users\test22\nodescfg.dat
Size 600.0B
Processes 2100 (r33.exe) 1168 (1632528044.exe)
Type data
MD5 a047470a7c81fc358b76627f032add61
SHA1 3c6e5c148b1a8bab6b8d5ff645c77d5ab455d0d9
SHA256 769f9af6853bfd15b0e13390fad020bd920e3f84d0fc37af7d35bfeb854a334e
CRC32 BEF00431
ssdeep 12:ksqZEiCk6QZFopQGX0xpFKOuZYh2cGWIu/pLep5xChrdQ87WyFZIHzMX:ksqZEifZFyH0gXHSdIc56MX
Yara None matched
VirusTotal Search for analysis