Dropped Files | ZeroBOX

Name	29ae7b30ed8394c5_AdvancedRun.exe Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\341bb6a1-a324-4931-acc4-094bd6bf34fc\AdvancedRun.exe
Size	88.9KB
Processes	1948 (cssrss1.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`17fc12902f4769af3a9271eb4e2dacce`
SHA1	`9a4a1581cc3971579574f837e110f3bd6d529dab`
SHA256	`29ae7b30ed8394c509c561f6117ea671ec412da50d435099756bbb257fafb10b`
CRC32	`CC276C7F`
ssdeep	`1536:JW3osrWjET3tYIrrRepnbZ6ObGk2nLY2jR+utQUN+WXim:HjjET9nX0pnUOik2nXjR+utQK+g3`
Yara	ASPack_Zero - ASPack packed file Malicious_Packer_Zero - Malicious Packer PE_Header_Zero - PE File Signature UPX_Zero - UPX packed file IsPE32 - (no description) Malicious_Library_Zero - Malicious_Library
VirusTotal	Search for analysis

Name	27426aa52448e564_test.bat Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\341bb6a1-a324-4931-acc4-094bd6bf34fc\test.bat
Size	8.2KB
Processes	1948 (cssrss1.exe)
Type	ASCII text, with very long lines, with CRLF line terminators
MD5	`b2a5ef7d334bdf866113c6f4f9036aae`
SHA1	`f9027f2827b35840487efd04e818121b5a8541e0`
SHA256	`27426aa52448e564b5b9dff2dbe62037992ada8336a8e36560cee7a94930c45e`
CRC32	`790F1326`
ssdeep	`192:XjtIefE/Qv3puaQo8BElNisgwgxOTkre0P/XApNDQSO8wQJYbZhgEAFcH8N:xIef2Qh8BuNivdisOyj6YboVF3N`
Yara	None matched
VirusTotal	Search for analysis

Name	49c4a85bce2fb8cb_d93f411851d7c929.customDestinations-ms~RF642072.TMP Submit file
Filepath	C:\Users\test22\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d93f411851d7c929.customDestinations-ms~RF642072.TMP
Size	7.8KB
Processes	248 (powershell.exe) 2652 (powershell.exe)
Type	data
MD5	`4eba3b6a4f05a26106a2d772c79da044`
SHA1	`45ae375ea2f305e4409aabc22803cd1471f0983e`
SHA256	`49c4a85bce2fb8cb6db4279591d0966cbd2fb84bc43f252ee5ad14d3d615b2b5`
CRC32	`2DF7F691`
ssdeep	`96:YtuCaGCPDXBqvsqvJCwo9tuCaGCPDXBqvsEHyqvJCworM7HwxWlUVul:YtzXo9tzbHnornxo`
Yara	Antivirus - Contains references to security software Generic_Malware_Zero - Generic Malware
VirusTotal	Search for analysis