popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name a9220271c0eb79e5_d93f411851d7c929.customdestinations-ms
Submit file
Filepath c:\users\test22\appdata\roaming\microsoft\windows\recent\customdestinations\d93f411851d7c929.customdestinations-ms
Size 7.8KB
Processes 2756 (powershell.exe)
Type data
MD5 b0c9ff441742f3847ea27da9dee7f2cd
SHA1 c42a1eb32ba953a0ce5d8635caabf71b5b281495
SHA256 a9220271c0eb79e5750e0d0e62058ecac560e09cdf9e82ef61aeeabada5d48a4
CRC32 0BBCAB1A
ssdeep 96:RutuCOGCPDXBqvsqvJCwo+utuCOGCPDXBqvsEHyqvJCworSP7Hwxf2lUVul:UtvXoxtvbHnorrxQ
Yara
  • Antivirus - Contains references to security software
  • Generic_Malware_Zero - Generic Malware
VirusTotal Search for analysis
Name 143930550e03b13f_task.dat
Submit file
Filepath C:\Users\test22\AppData\Roaming\017BD04F-B3BF-45B6-8167-9E8F41FF87BF\task.dat
Size 90.0B
Processes 2816 (SWIFT COPY EXPORTO51052 IMG00239876 SCANNED DOC_PDF.exe)
Type ASCII text, with no line terminators
MD5 77fe778b7158a98388ec2de32b743144
SHA1 9e7956f0f08de71a645316cc7e9397d12ec96b69
SHA256 143930550e03b13f1fdb0704ce8c2511374653e495dd40778c352d20fc18213e
CRC32 2828352E
ssdeep 3:oNmWxpcL4E2J5xAInqi4yxxqXSIMqAdA:oNmQpcLJ23fqhyXq5Mq4A
Yara None matched
VirusTotal Search for analysis
Name 51065a655408899e_tmp8E60.tmp
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\tmp8E60.tmp
Size 1.6KB
Processes 2420 (SWIFT COPY EXPORTO51052 IMG00239876 SCANNED DOC_PDF.exe)
Type XML 1.0 document, ASCII text, with CRLF line terminators
MD5 ab27120c16f7b0668d64555b9818d42a
SHA1 be621462ba10e1950bdc88e3f1aeb0c012cec6c5
SHA256 51065a655408899efa2ec29d24434d9e6bc5865c2d97427ae96fe9dc54311ff3
CRC32 864B8C4E
ssdeep 24:2dH4+SEqCH/7IlNMFQ/rlMhEMjnGpwjpIgUYODOLD9RJh7h8gKBLv0tn:cbhf7IlNQQ/rydbz9I3YODOLNdq34
Yara None matched
VirusTotal Search for analysis
Name bb9181b3935b8681_tmp914F.tmp
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\tmp914F.tmp
Size 1.3KB
Processes 2816 (SWIFT COPY EXPORTO51052 IMG00239876 SCANNED DOC_PDF.exe)
Type XML 1.0 document, ASCII text, with CRLF line terminators
MD5 be81f72fa4dbc827132836ee2af92c96
SHA1 fe5ded04ab4932dea6cf414e9e4428f43da70d03
SHA256 bb9181b3935b8681a71b578f8166883e61380de6181df82d05f14829323fbf0f
CRC32 7AA438E3
ssdeep 24:2dH4+S/4oL600QlMhEMjn5pwjVLUYODOLG9RJh7h8gK0Rb5xtn:cbk4oL600QydbQxIYODOLedq3Sb5j
Yara None matched
VirusTotal Search for analysis
Name fc8c5908138eae2a_tmp9054.tmp
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\tmp9054.tmp
Size 1.3KB
Processes 2816 (SWIFT COPY EXPORTO51052 IMG00239876 SCANNED DOC_PDF.exe)
Type XML 1.0 document, ASCII text, with CRLF line terminators
MD5 d237cca28007878fb03e7dee5afefd56
SHA1 892f278c5f32fa48fc22dd8fbe1465c09a7b03da
SHA256 fc8c5908138eae2ac96453149a4f784bca43f8262643754f12d1450754bf74b7
CRC32 BABF1996
ssdeep 24:2dH4+S/4oL600QlMhEMjn5pwjVLUYODOLG9RJh7h8gK0Zaxtn:cbk4oL600QydbQxIYODOLedq3Yaj
Yara None matched
VirusTotal Search for analysis
Name 9e6037c55a4ce6dc_run.dat
Submit file
Filepath C:\Users\test22\AppData\Roaming\017BD04F-B3BF-45B6-8167-9E8F41FF87BF\run.dat
Size 8.0B
Processes 2816 (SWIFT COPY EXPORTO51052 IMG00239876 SCANNED DOC_PDF.exe)
Type Non-ISO extended-ASCII text, with no line terminators
MD5 929d4277ca7d92362f461bf8b113bd9d
SHA1 bef732c82c74db95e163530b03dcaad3c8442aa6
SHA256 9e6037c55a4ce6dc908f6d0361480b10357676c65d75d577c699612c60d9e64a
CRC32 C01B7E1E
ssdeep 3:eHutn:eHin
Yara None matched
VirusTotal Search for analysis