popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name e3b0c44298fc1c14_ope62E9.tmp
Empty file or file not found
Filepath C:\Users\test22\AppData\Local\Temp\ope62E9.tmp
Size 0.0B
Type empty
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
CRC32 00000000
ssdeep 3::
Yara None matched
VirusTotal Search for analysis
Name 0d7cee0c13374181_prevent windows from sleeping.vbs
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\Prevent windows from sleeping.vbs
Size 153.0B
Processes 1116 (Netwire_prevent.exe)
Type ASCII text, with CRLF line terminators
MD5 2862ffb5ea32ff114bebe41576441b02
SHA1 d9e78d276186e5ca049724796494489e228ff431
SHA256 0d7cee0c13374181a23e8f605b32f2969c9c490b83c7891318f26bd17777fd7c
CRC32 2932EA8B
ssdeep 3:ZyK2NHFaPcYonhDNIALlW/JqxToVMWFNVknQAVHkO:ZG9++hyAhW/JuTcp/kNHJ
Yara None matched
VirusTotal Search for analysis
Name ceb2adbac8d39137_01-11-2021
Submit file
Filepath C:\Users\test22\AppData\Roaming\Logs\01-11-2021
Size 103.0B
Processes 1444 (nwire733.exe)
Type data
MD5 ae1542964680591d12c360c8e0358d54
SHA1 a0459be4ee2df7af37193bd973f614ea4a4e38cf
SHA256 ceb2adbac8d391370c7eb9e8328bb8460801f88f838b1a1b5cba2bcbf885cd06
CRC32 5FB49E4D
ssdeep 3:0Z5Tv43B4PcZEF7U9+F7U9+F7U9+FL:0Z5GBCPF7UIF7UIF7UIFL
Yara None matched
VirusTotal Search for analysis
Name 7a43319c54992f8a_nwire733.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\nwire733.exe
Size 160.5KB
Processes 1116 (Netwire_prevent.exe)
Type PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
MD5 bd69fa31c7ef693b2087026ff56be528
SHA1 e4e7339c6930103511107e8bf9e200850d2227c6
SHA256 7a43319c54992f8a04c06fa89c2dd0d67ebd3813c4ab1b47ccadebef819961ec
CRC32 41FB9F42
ssdeep 3072:jOzPcXa+ND32eioGHlz8rnAE0HCXh0edLv1YMjMqqDvFf:jOTcK+NrRioGHlz8rz0i/1zQqqDvFf
Yara
  • NetWire_RAT_Zero - NetWire RAT
  • PE_Header_Zero - PE File Signature
  • OS_Processor_Check_Zero - OS Processor Check
  • IsPE32 - (no description)
  • Malicious_Library_Zero - Malicious_Library
  • UPX_Zero - UPX packed file
VirusTotal Search for analysis