popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 3086d914f6b23268_tmp1774.tmp
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\tmp1774.tmp
Size 1.3KB
Processes 2760 (RegSvcs.exe)
Type XML 1.0 document, ASCII text, with CRLF line terminators
MD5 8cad1b41587ced0f1e74396794f31d58
SHA1 11054bf74fcf5e8e412768035e4dae43aa7b710f
SHA256 3086d914f6b23268f8a12cb1a05516cd5465c2577e1d1e449f1b45c8e5e8f83c
CRC32 49853FE8
ssdeep 24:2dH4+S/4oL600QlMhEMjn5pwjVLUYODOLG9RJh7h8gK0mXxtn:cbk4oL600QydbQxIYODOLedq3ZXj
Yara None matched
VirusTotal Search for analysis
Name bab5f3ac146aefd7_rimdvgfhzg.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\RimdVgfHZg.exe
Size 1.3MB
Processes 2504 (3QN~34590987654345-09876544567.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 b48603e4ed26dfa441131ae8c057ee70
SHA1 d79d2a7809877f2f2ff5475874666e6debc73a91
SHA256 bab5f3ac146aefd72799d11b664e2e229d12b3c7c8d4f799c3bee79e6f2b25a9
CRC32 8485E659
ssdeep 12288:gTLlbhXVzBa6Q/2xTVZRqCh7FLXLwb+j9cQwrFvLV11yNXcve34BeeI046Mnq0Ui:g1bhXZw6yA9XUWrwv11sSeXZw6yA9XU
Yara
  • Admin_Tool_IN_Zero - Admin Tool Sysinternals
  • PE_Header_Zero - PE File Signature
  • Generic_Malware_Zero - Generic Malware
  • IsPE32 - (no description)
  • Is_DotNET_EXE - (no description)
VirusTotal Search for analysis
Name 6adf4160a6306f14_run.dat
Submit file
Filepath C:\Users\test22\AppData\Roaming\017BD04F-B3BF-45B6-8167-9E8F41FF87BF\run.dat
Size 8.0B
Processes 2760 (RegSvcs.exe)
Type data
MD5 d2c645614af2d3283cf3a4d5f739677c
SHA1 6865fc9d182d09b9faf8e2f84b0b10a46c7cee42
SHA256 6adf4160a6306f148d472d552896268f1d88d38d4c8636e19b1a24ecf75f8dac
CRC32 208CD08A
ssdeep 3:BRn:n
Yara None matched
VirusTotal Search for analysis
Name bb9181b3935b8681_tmp1821.tmp
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\tmp1821.tmp
Size 1.3KB
Processes 2760 (RegSvcs.exe)
Type XML 1.0 document, ASCII text, with CRLF line terminators
MD5 be81f72fa4dbc827132836ee2af92c96
SHA1 fe5ded04ab4932dea6cf414e9e4428f43da70d03
SHA256 bb9181b3935b8681a71b578f8166883e61380de6181df82d05f14829323fbf0f
CRC32 7AA438E3
ssdeep 24:2dH4+S/4oL600QlMhEMjn5pwjVLUYODOLG9RJh7h8gK0Rb5xtn:cbk4oL600QydbQxIYODOLedq3Sb5j
Yara None matched
VirusTotal Search for analysis
Name d46e34924067eb07_task.dat
Submit file
Filepath C:\Users\test22\AppData\Roaming\017BD04F-B3BF-45B6-8167-9E8F41FF87BF\task.dat
Size 57.0B
Processes 2760 (RegSvcs.exe)
Type ASCII text, with no line terminators
MD5 08e799e8e9b4fda648f2500a40a11933
SHA1 ac76b5e20ded247803448a2f586731ed7d84b9f3
SHA256 d46e34924067eb071d1f031c0bc015f4b711edce64d8ae00f24f29e73ecb71db
CRC32 EEF8DB45
ssdeep 3:oMty8WddSWA1KMNn:oMLW6WA1j
Yara None matched
VirusTotal Search for analysis
Name 7b0e33e9dfcec66c_tmp1409.tmp
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\tmp1409.tmp
Size 1.6KB
Processes 2504 (3QN~34590987654345-09876544567.exe)
Type XML 1.0 document, ASCII text, with CRLF line terminators
MD5 91bb69352e804f9a9fd3e0e6e4be6213
SHA1 9a6ee65e6e8ac1e1308b21e35a8ae3ec801248e9
SHA256 7b0e33e9dfcec66ccfe7ecd95ba57cc3b1b5c4cdd6addecc10b98d8b4e5835c7
CRC32 89371C89
ssdeep 24:2dH4+SEqCH/7IlNMFQ/rlMhEMjnGpwjpIgUYODOLD9RJh7h8gKBodtn:cbhf7IlNQQ/rydbz9I3YODOLNdq3S
Yara None matched
VirusTotal Search for analysis