popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 44f1b18b56d04430_notepad.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\Notepad.EXE
Size 509.0KB
Processes 2272 (Notepad.EXE)
Type PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
MD5 f072f3491834b7d05e0ae01c78de778e
SHA1 df7af89c94755a0ad2dbb6efb96d7da79862b538
SHA256 44f1b18b56d044305d0c9b0e3c1a900a41e5860e840cfd37ed15ff365e5f457f
CRC32 E6743A70
ssdeep 12288:wS4Zm9Ds8wEeJjtJUYP9dKETGhRz7Axk:wSMOEEeJRJUYP9dKEir3
Yara
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature
  • Generic_Malware_Zero - Generic Malware
VirusTotal Search for analysis
Name b92317945bbb4f07_notepad.vbs
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Notepad.vbs
Size 103.0B
Processes 2272 (Notepad.EXE)
Type ASCII text, with CRLF line terminators
MD5 b78dc91f14106cdd80d0b306b23650c6
SHA1 03aba75186229157cdba6963bf0e9a3e165ac2e2
SHA256 b92317945bbb4f07543685bffbcb706477f928eb8b00a1d6323b7c76295e7d33
CRC32 5FDCF8DD
ssdeep 3:9ctAX9GTooH/n0eFH5OmWxpcL4EaKC5einZn:9ctAtGTx/lFHImQpcLJaZ5eCZn
Yara None matched
VirusTotal Search for analysis
Name e09b4b2ffbca61fb_bnawvwjop.vbs
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\bnawvwjop.vbs
Size 92.0B
Processes 2272 (Notepad.EXE)
Type ASCII text, with no line terminators
MD5 4b13abd262e6f452b680b7c404285a32
SHA1 a5b55774c48678a82ab377a7d23a00ec6a174dea
SHA256 e09b4b2ffbca61fbfaa017d9a6c7c60ec4242bfc468bf2f58887e79c97966eff
CRC32 761FF383
ssdeep 3:FER/n0eFHgSSJJF2uV1HeGAFddGeWLCXkxM:FER/lFHsCu/eGgdEY3
Yara None matched
VirusTotal Search for analysis
Name dd811235eebc317b_590aee7bdd69b59b.customDestinations-ms~RFde0a87.TMP
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-ms~RFde0a87.TMP
Size 7.8KB
Processes 2620 (powershell.exe) 2196 (powershell.exe)
Type data
MD5 53022532ed8f602580ffdaed44444fd4
SHA1 093d7dacd3e846d7a7f5ecf532f3afc63bac658c
SHA256 dd811235eebc317b385893288ddec88c0ff80fb222072397a7faa65ee1effbb8
CRC32 05FC75D1
ssdeep 96:RutuCOGCPDXBqvsqvJCwo+utuCOGCPDXBqvsEHyqvJCworDPtDHXyf2lUVul:UtvXoxtvbHnorxTyQ
Yara
  • Antivirus - Contains references to security software
  • Generic_Malware_Zero - Generic Malware
VirusTotal Search for analysis