popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name cf11d6b3c18d4c02_d93f411851d7c929.customDestinations-ms~RF1bfde8a.TMP
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d93f411851d7c929.customDestinations-ms~RF1bfde8a.TMP
Size 7.8KB
Processes 1304 (powershell.exe) 1632 (powershell.exe)
Type data
MD5 f2f5505600e2895c007b3ff3cfe3d4aa
SHA1 f0235a3c8056872d55eeef803d1bc33bac37a753
SHA256 cf11d6b3c18d4c02466b670bcb0394ac49382e6a87ad58d2561f2660922b586c
CRC32 9AF5ED3C
ssdeep 96:EtuCojGCPDXBqvsqvJCwoJtuCojGCPDXBqvsEHyqvJCworc7HwxGlUVul:Etu6XoJtu6bHnorXxY
Yara
  • Antivirus - Contains references to security software
  • Generic_Malware_Zero - Generic Malware
VirusTotal Search for analysis
Name 046976da5783b042_fsdgde.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\Fsdgde.exe
Size 2.1MB
Processes 2032 (powershell.exe)
Type PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
MD5 342ef4f2941187bdc7f66d148be0ff75
SHA1 7ff601a24c42ec01ef62c097927688a431c5aa76
SHA256 046976da5783b0425976084bc16ababee1094e98a1f0648fc10c91dcf49bc395
CRC32 B397B7D7
ssdeep 49152:4HXeSvsEQ2JZpmwDIqg45PHXsjKkms5Z3z3Yu0E2tElJHhU9VWOZH+aM:4jvsW/lDZ5P3sju63p2tERU9VT
Yara
  • Malicious_Packer_Zero - Malicious Packer
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature
  • Malicious_Library_Zero - Malicious_Library
VirusTotal Search for analysis
Name c5c1c355c0e253df_gfhfg.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\gfhfg.exe
Size 1.9MB
Processes 2564 (powershell.exe)
Type PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
MD5 fa409741e16094bb8bc373d7b46742cd
SHA1 e082dd13c52fe7fb65fac801d2588e0c9153d9cc
SHA256 c5c1c355c0e253df7b6a49d296c00663cc9692328dd236ab4f43fafc2ec70ec8
CRC32 808EE278
ssdeep 49152:47HPtc7WxLiwBM+/hO7ufPUWvcf5p/ZjlicJ6fuJ+Kjt1ph:eHPa7elm+/hTMlv/2cJ624Wt17
Yara
  • Malicious_Packer_Zero - Malicious Packer
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature
  • Malicious_Library_Zero - Malicious_Library
VirusTotal Search for analysis