popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name e3b0c44298fc1c14_nsk655A.tmp
Empty file or file not found
Filepath C:\Users\test22\AppData\Local\Temp\nsk655A.tmp
Size 0.0B
Type empty
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
CRC32 00000000
ssdeep 3::
Yara None matched
VirusTotal Search for analysis
Name 2e75196a6836b1fa_abdobe.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\Abdobe.exe
Size 324.8KB
Processes 2076 (None)
Type PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
MD5 1a5224cc3ca9a34e6d04f0c12bd5eaa8
SHA1 50032af324492fa6b542d41fd83ee3e1f77db4f0
SHA256 2e75196a6836b1fa3145e7d92f61c4ae246097c7c1b006316ec9236d5a820251
CRC32 12798FA3
ssdeep 6144:F8LxBsxx6UOzWYz8EIeoWLiJkmlHUR4Or/qnfUXkc/LOzWVciPJIpk:/xx6UOzXz8ET+Jk8aq9kqzKBx
Yara
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • Malicious_Library_Zero - Malicious_Library
  • NSIS_Installer - Null Soft Installer
VirusTotal Search for analysis
Name f26d74b7a81cb128_tmp18BC.tmp.bat
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\tmp18BC.tmp.bat
Size 152.0B
Processes 2076 (None) 1420 (cmd.exe)
Type DOS batch file, ASCII text, with CRLF line terminators
MD5 81a4171801eb3eeabbd6e1cf3601a107
SHA1 a557529e6463cc4a9f8135acd597bac4ebf01c58
SHA256 f26d74b7a81cb1285cf4ed374bbeebc601f3006130f1fe7a6aab57c0af487879
CRC32 4BC2E501
ssdeep 3:mKDDCMNqTtvL5omWxpcL4EaKC5uKHPdLvmqRDmWxpcL4E2J5xAInTRI+dAo5ZPy:hWKqTtT6mQpcLJaZ5FHPdLvmq1mQpcLH
Yara None matched
VirusTotal Search for analysis
Name e3f9ec4d654eb164_ztrd3sxhe1wy
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\ztrd3sxhe1wy
Size 283.5KB
Processes 2216 (vbc.exe) 872 (Abdobe.exe)
Type DOS executable (COM)
MD5 85a15eca3a5949063f620eb2d92f5e8c
SHA1 372d83a97f686e2d8415b708dbb6152f73d8be30
SHA256 e3f9ec4d654eb164f1879031b12a85acbfd365f94a5d5e872733e259c59a494c
CRC32 CA0AC0D0
ssdeep 6144:B/PhZdv4LhuMdkjOopVU3Yd/Lk12H0q4OrUqYfUXkccLOzWVwiPJZ:9ZbwLhuMGjDpJd/o12HSqSVqzwBZ
Yara None matched
VirusTotal Search for analysis
Name 61df3b0088d03eca_xtvfbj.dll
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\nsl2772.tmp\xtvfbj.dll
Size 19.0KB
Processes 872 (Abdobe.exe)
Type PE32 executable (DLL) (console) Intel 80386, for MS Windows
MD5 8cd610702a172508d51563d1966bb089
SHA1 41d86bea24aed9077773b34657b634860161ea14
SHA256 61df3b0088d03eca36204f932fc001f4c0bfb5190ed50aafc3a2d56304285aa6
CRC32 B45133A6
ssdeep 384:up1CtTf+Z9m7mC3gn6RDan/La9SPH3Km+KjCETynvdDh:gClG2la/LaW2KjCayF
Yara
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • IsDLL - (no description)
VirusTotal Search for analysis