popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name bd138dd703d8414c_tmpEE50.tmp
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\tmpEE50.tmp
Size 1.6KB
Processes 1944 (.lsass.exe)
Type XML 1.0 document, ASCII text, with CRLF line terminators
MD5 80299c4e96d126196baea7e0aa6ac4ac
SHA1 3bbbd7cab582300794341f05a88a5f697f28b09d
SHA256 bd138dd703d8414ccb6f1765cf2f304f9f30da81067ae19870904ac529005fac
CRC32 4F821FFC
ssdeep 24:2dH4+SEqCH/7IlNMFQ/rlMhEMjnGpwjpIgUYODOLD9RJh7h8gKBtutn:cbhf7IlNQQ/rydbz9I3YODOLNdq3Y
Yara None matched
VirusTotal Search for analysis
Name f66cc04ceebc1bc6_gddgykkjnpo.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\GDdGykkjnPO.exe
Size 1.1MB
Processes 1944 (.lsass.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 6d76b11c350623bb258c91e084915ede
SHA1 b5ffe2e8674a6be0f4c345ffbc045ae7a2acbc30
SHA256 f66cc04ceebc1bc6084983064372bbfb7f0c5c80f36a911cbc78ff2250cf9667
CRC32 78DA866B
ssdeep 24576:XcbhXZw6yA9XUFA3VIO3PHgXZw6yA9XU:Mbvw09XE2z/Hqw09X
Yara
  • Admin_Tool_IN_Zero - Admin Tool Sysinternals
  • PE_Header_Zero - PE File Signature
  • Generic_Malware_Zero - Generic Malware
  • IsPE32 - (no description)
  • Is_DotNET_EXE - (no description)
VirusTotal Search for analysis