popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 23b4a2881bfff512_6433.bat
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\6421.tmp\6432.tmp\6433.bat
Size 26.1KB
Processes 1972 (NexusRAT.exe)
Type ASCII text, with very long lines, with CRLF line terminators
MD5 e695e1c7d2c70b68765cbd8ebeceecfe
SHA1 8576e92a3be1baeae6366ae9df45cf93a0c02258
SHA256 23b4a2881bfff5128ac1c9bf297a50dfd768030e36f20ce39456405ead6e5a43
CRC32 36F5CD64
ssdeep 384:8XW0P2NfQew2YPtL2TmeGq+oPSyGYA2ezmLW:8m0P2NfQetatSNCYA2e3
Yara None matched
VirusTotal Search for analysis
Name 7eb70257593da06f_ansss.txt
Submit file
Filepath C:\Users\Public\Documents\ansss.txt
Size 2.0B
Processes 2564 (powershell.exe) 2252 (cmd.exe)
Type ASCII text, with CRLF line terminators
MD5 81051bcc2cf1bedf378224b0a93e2877
SHA1 ba8ab5a0280b953aa97435ff8946cbcbb2755a27
SHA256 7eb70257593da06f682a3ddda54a9d260d4fc514f645237f5ca74b08f8da61a6
CRC32 14A285AC
ssdeep 3:y:y
Yara None matched
VirusTotal Search for analysis
Name f4d28cf0f12006f9_590aee7bdd69b59b.customDestinations-ms~RF18982c5.TMP
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-ms~RF18982c5.TMP
Size 7.8KB
Processes 3028 (powershell.exe) 2564 (powershell.exe)
Type data
MD5 b770148dd160455bac8fe186a882733d
SHA1 f41e6e10cf42b4aa831f43abfb27c031bf0f3d4a
SHA256 f4d28cf0f12006f93de9b6181d36369c8d85b6021f830ea407d76585cbda8b1e
CRC32 94B533F7
ssdeep 96:EtuCojGCPDXBqvsqvJCwoJtuCojGCPDXBqvsEHyqvJCwor3tDHXyGlUVul:Etu6XoJtu6bHnordTyY
Yara
  • Antivirus - Contains references to security software
  • Generic_Malware_Zero - Generic Malware
VirusTotal Search for analysis
Name e3b0c44298fc1c14_6421.tmp
Empty file or file not found
Filepath C:\Users\test22\AppData\Local\Temp\6421.tmp
Size 0.0B
Type empty
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
CRC32 00000000
ssdeep 3::
Yara None matched
VirusTotal Search for analysis