popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name d3e066918487a968_浏览.png
Submit file
Size 2.1KB
Type PNG image data, 52 x 96, 8-bit/color RGBA, non-interlaced
MD5 efbf7728fbefd9eefe94497a10825f74
SHA1 97198645e7cd723ccfd2af5094fc9a9c75b94eaa
SHA256 d3e066918487a9689ea298580beb17882029e89c3bd355fb5cf47585afb5d762
CRC32 9E83D8BD
ssdeep 48:3wJIpO1CvqSMxb29PReY/EDXZK9LQXbKzbCAV189rmk9:35g1CyLxy9JNs7wuDAVidj
Yara
  • PNG_Format_Zero - PNG Format
VirusTotal Search for analysis
Name 25b579bb63145038_uninst.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\FastCode\Uninst.exe
Size 1.7MB
Processes 2416 (faba50s4e01t22barcode.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 753ad2984226c60deb6324f63ebb06a4
SHA1 28fdb31322bcf42946056216769af023c41965ca
SHA256 25b579bb63145038236a89d28c95a8618be583929a5454f5ac4aea60be7f8f68
CRC32 7B227E8C
ssdeep 49152:yxKLyWDEdFuVzEhSX4myjO3EBLCRJUp2FGa1TcNRX+Jshqbje:nzfXgj8E8XtFGeJsT
Yara
  • UPX_Zero - UPX packed file
  • PE_Header_Zero - PE File Signature
  • OS_Processor_Check_Zero - OS Processor Check
  • Malicious_Library_Zero - Malicious_Library
  • IsPE32 - (no description)
  • NPKI_Zero - File included NPKI
VirusTotal Search for analysis
Name 92c8c7b43d4ef21b_32.png
Submit file
Filepath C:\Users\test22\AppData\Roaming\FastCode\img\32.png
Size 835.0B
Processes 2416 (faba50s4e01t22barcode.exe)
Type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
MD5 b6e399f11dd4ebc4e7cd8f0068d8f370
SHA1 ca6a64d87bc2e217bd772e11a986e593a8f48886
SHA256 92c8c7b43d4ef21b229cd492aa53be5ad28005ca79e85f5166e75f9116b760cb
CRC32 C149DEB7
ssdeep 12:6v/7iMXr1dd0Z4voI3xDT0NAL279h5xrmUM8rBh2pJSGj3MsimNncpky60Mcg/Ub:sHdiARwNyQhhNh2pJSGjn5NncQOiG
Yara
  • PNG_Format_Zero - PNG Format
VirusTotal Search for analysis
Name 03afdddaea356d01_深色.png
Submit file
Size 317.0B
Type PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced
MD5 82b5a53caf4ee4e7bd209495a095f82c
SHA1 193c8cba9586b08b06e4831ede9935876c5f9ad2
SHA256 03afdddaea356d017b89829729778e82f589a1e5441b198212440b17034afba0
CRC32 F088FF44
ssdeep 6:6v/lhPIcfjnDspehdmoUVLHP7+TstFHqISevLblxJIqs56WxYF5SzBxyrSSp:6v/7DU038Lv7+8VLblPIqs53VzBxyrr
Yara
  • PNG_Format_Zero - PNG Format
VirusTotal Search for analysis
Name 3dce092568cb4282_title.png
Submit file
Filepath C:\Users\test22\AppData\Roaming\FastCode\img\title.png
Size 1.1KB
Processes 2416 (faba50s4e01t22barcode.exe)
Type PNG image data, 170 x 30, 8-bit/color RGB, non-interlaced
MD5 4b6e543f728f4a977b6c08232a7bcc16
SHA1 b9dc1a90848174e420c8f6ffda11032ac7bddbe4
SHA256 3dce092568cb4282ff3487dc87f8a76c94763184597c2ffb9d5909d68038ca52
CRC32 D2A73BC9
ssdeep 24:QEL8X75ejkrDu2wkz7iMf+ZX6Y2y16wVn1w8+12ntccqIR:B8X9ejkrC2RzuM5Fy16aJ+12tcc3R
Yara
  • PNG_Format_Zero - PNG Format
VirusTotal Search for analysis
Name 293c635c977844c8_fastcode.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\FastCode\FastCode.exe
Size 2.4MB
Processes 2416 (faba50s4e01t22barcode.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 c98d6277d096d24b1a58c2d602acce6c
SHA1 7cc2d5bf4ce5a5e94f7b53cbefa185cf970732b2
SHA256 293c635c977844c82dc45f8b940cac2d51af1db746fcda19316dc266fa87f754
CRC32 D2DC5483
ssdeep 24576:dUiGnssDK1M2WtRdYKDwG0Kb34U3XFsv2dBSSxizbc677KWxO0QAg+IT/NwacROn:KiMDYobVPdoSxizbAWxOLVT/tUsvvL
Yara
  • ASPack_Zero - ASPack packed file
  • Malicious_Packer_Zero - Malicious Packer
  • UPX_Zero - UPX packed file
  • Admin_Tool_IN_Zero - Admin Tool Sysinternals
  • PE_Header_Zero - PE File Signature
  • OS_Processor_Check_Zero - OS Processor Check
  • Malicious_Library_Zero - Malicious_Library
  • IsPE32 - (no description)
VirusTotal Search for analysis
Name 94e992d025fc88de_白.png
Submit file
Size 235.0B
Type PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced
MD5 47e4e4569d845f06c0605a47dee6f53d
SHA1 26a8c28a4ed1bae338b70e49d92068773ad9d748
SHA256 94e992d025fc88de5d451e403b04dde9e5ce6f76d794ef7aa739c9df809aa735
CRC32 73F55A4A
ssdeep 6:6v/lhPIcfjnDspQ4YZlxeFVOTKnnsOEH1hmvnsb1GVetljp:6v/7DUa+c6U1KnsZGA7
Yara
  • PNG_Format_Zero - PNG Format
VirusTotal Search for analysis
Name 175c3afabcc43103_fastcode_update.dll
Submit file
Filepath C:\Users\test22\AppData\Roaming\FastCode\FastCode_update.dll
Size 714.2KB
Processes 2416 (faba50s4e01t22barcode.exe)
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 1b05c8c716fd8c1728d812387e9330ac
SHA1 694cfd67f49ba537f7f263320c9a3d8564e71a50
SHA256 175c3afabcc431032813d677f051d54f79411af7b560b51e18e02bfa8ba8b361
CRC32 CB80266C
ssdeep 12288:LxpXrfFWpyqwA1rQZ1YYZlpLmQaVImP2idhIJBEqNTascJjBsDu1:LxVrtWJtQzzlpLmR2idhIJBZTa7JjR1
Yara
  • UPX_Zero - UPX packed file
  • PE_Header_Zero - PE File Signature
  • Generic_Malware_Zero - Generic Malware
  • OS_Processor_Check_Zero - OS Processor Check
  • IsDLL - (no description)
  • Malicious_Library_Zero - Malicious_Library
  • IsPE32 - (no description)
VirusTotal Search for analysis
Name b18e07073b248cb7_返回.png
Submit file
Size 2.8KB
Type PNG image data, 110 x 160, 8-bit/color RGBA, non-interlaced
MD5 76aa9aa9fb1cc1658b54a234da3be15b
SHA1 02c59cbba95d1971a7004da158d2a452e269459f
SHA256 b18e07073b248cb7fae27ad6c11a73a5f73ea57edc467bcfdd9b4d4a2859588c
CRC32 55370E31
ssdeep 48:l3xr/ELteQIkeGBOuIwMjuOCzGnmVILes+uiL/jP03X9zV7HiMohCBpEM2uY8GtC:l1YNeGVFuC6mVA6lL/cX9lCM6uYrih
Yara
  • PNG_Format_Zero - PNG Format
VirusTotal Search for analysis
Name e5a0d3d3dae8c5c7_完成.png
Submit file
Size 3.3KB
Type PNG image data, 150 x 200, 8-bit/color RGBA, non-interlaced
MD5 02ba3eccdcaa7a99d64fa9e9f1b757c5
SHA1 e862271490887cebb3c4d06e35fc30426a824394
SHA256 e5a0d3d3dae8c5c7e2920f7cbc5d7dd5c62bcd0d6693c8ffbfd5aef73d2764e0
CRC32 0F35227F
ssdeep 96:FYWtkw1k5drNhMyZaPluRBUS4leDfoga7:FYqY10Plmug0r
Yara
  • PNG_Format_Zero - PNG Format
VirusTotal Search for analysis
Name 0cd04e5e75d05adc_白2.png
Submit file
Size 1.1KB
Type PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced
MD5 8b77d815241fb8596986698fdc19effe
SHA1 8026578b270b9a5e439b46ba84979bfdfc811928
SHA256 0cd04e5e75d05adcf36fcb390ebe70dd6fe95dfd0ea42b157b24a6fc60f98161
CRC32 19BA6113
ssdeep 24:+f1hxWwjx82lY2T3dVoYJFhyJ3Vh0FuGQs+3wpnh0/:+t6Nn2xCY7gJ3b4uF3wph2
Yara
  • PNG_Format_Zero - PNG Format
VirusTotal Search for analysis
Name cd4b66a03749a76e_kuaima.ico
Submit file
Filepath C:\Users\test22\AppData\Roaming\FastCode\skin\kuaima.ico
Size 133.4KB
Processes 2416 (faba50s4e01t22barcode.exe)
Type MS Windows icon resource - 5 icons, 128x128, 32 bits/pixel, 96x96, 32 bits/pixel
MD5 2ac5aa2af8265a1522a211781e1b1845
SHA1 07bba51df2f459fc72816102dee5ce1729bcccf4
SHA256 cd4b66a03749a76e3c0203228651ea4c9864c2eb6f33f1f3dcba6dc40ac20111
CRC32 797B257C
ssdeep 384:v0L8dYfrtltTTJTLnrl9pnHtNtXF5VR117LNfZrjlVh5TT9vZgHaLGNp9Yvie0o3:LI1lexKJj3VCU9+i3wjy0T9j6nUs9b2s
Yara None matched
VirusTotal Search for analysis
Name f464f23653b02357_打开.png
Submit file
Size 2.8KB
Type PNG image data, 150 x 200, 8-bit/color RGBA, non-interlaced
MD5 08a44361acb487ad43461ab721c29c01
SHA1 a56f0c8ea004d8fea2fa7e5c3b3538e88b491c39
SHA256 f464f23653b0235782ac94e8ddd5b7df2c64a978f8403940f588be499c666bbb
CRC32 E1CA4A51
ssdeep 48:OKicg4pE06tRY0Z83Xz9I7jlvvrZG3y0riLIZOIomNsIqag55VsFA73e60rKUH:OKCRdG3XqnBWnPZOIoYdqa45VN50fH
Yara
  • PNG_Format_Zero - PNG Format
VirusTotal Search for analysis
Name f37b66fe7f7aa34e_setup.ini
Submit file
Filepath C:\Users\test22\AppData\Roaming\FastCode\setup.ini
Size 32.0B
Processes 2416 (faba50s4e01t22barcode.exe)
Type ASCII text, with CRLF line terminators
MD5 a677b5df7639296db651112ab169e7ea
SHA1 e66dd28a5ba4db84c1ac5d8e0ddc6018a8e1225b
SHA256 f37b66fe7f7aa34e078c3a0bc073eb5427bea9dfab559c130d84a823ac519d97
CRC32 A553D10D
ssdeep 3:+CYWIZQxJM:+dQU
Yara None matched
VirusTotal Search for analysis
Name b93ab49d430b0516_customer.ini
Submit file
Filepath C:\Users\test22\AppData\Roaming\FastCode\config\customer.ini
Size 6.0B
Processes 2416 (faba50s4e01t22barcode.exe)
Type ASCII text, with no line terminators
MD5 12b62b2aeaaa6d359a6454e714becf4a
SHA1 ce51b8ddad99cd8a9af716476709b45c3326347e
SHA256 b93ab49d430b051625c659e387cff3e0bab14fd3b4f0124943ddeee7452ba65b
CRC32 D9FC06AC
ssdeep 3:von:von
Yara None matched
VirusTotal Search for analysis