popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 7d0fe0b083139ef5_fa2c2c07f4d56a862adf
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\FA2C2C07F4D56A862ADF
Size 200.0B
Processes 2072 (123456.exe)
Type ASCII text, with CRLF line terminators
MD5 dec909a28044dec4118682714bb52af8
SHA1 4131b5d2648137de9774f645f53e54ec8b6b5e4c
SHA256 7d0fe0b083139ef50c857ddb3b385f8503c3d18492b87a8b9681e36924d189fa
CRC32 B5E9202C
ssdeep 3:XttktgkC6wwRRpo2tNd3CWqMjYvw6c2jip0RkzRRtktgkC6wwRRpo2tNd3vEz6DK:dhwrpoENE06c20hwrpoENFUcY
Yara None matched
VirusTotal Search for analysis
Name 0dc04493c888eb38_windowspowershell.exe
Submit file
Filepath C:\Users\test22\AppData\Local\WindowsPowerShell ver3.45\WindowsPowerShell.exe
Size 128.0MB
Processes 2072 (123456.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 d0294dec6703470cef3bd20f7f5b7e53
SHA1 e1b949aa65600d6cc4240ff1df4a99dc64e080d8
SHA256 e7b7a4249d1c96fa2c6d0323feed381000b741034ddfa6b2bb9e193bc3b39782
CRC32 E141939D
ssdeep 3145728:B6oYMNeyUNTSu2kVQbqipoGCJlP/grz8tQkMnjrrMJ7yVgl:BOMN4b2OPJR/y8tJkMNyVgl
Yara
  • Malicious_Packer_Zero - Malicious Packer
  • PE_Header_Zero - PE File Signature
  • Generic_Malware_Zero - Generic Malware
  • OS_Processor_Check_Zero - OS Processor Check
  • Is_DotNET_EXE - (no description)
  • Win_Backdoor_AsyncRAT_Zero - Win Backdoor AsyncRAT
  • IsPE32 - (no description)
  • Win32_Trojan_PWS_Net_1_Zero - Win32 Trojan PWS .NET Azorult
VirusTotal Search for analysis