popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 3f7b5ed78f93b3f2_fjmmkdwy1wckw.vbe
Submit file
Filepath C:\refHost\FjMmkDwY1WCKW.vbe
Size 202.0B
Processes 2340 (5334_1636030207_6453.exe)
Type data
MD5 5bdfc52f386d1eaec6c227aad7354474
SHA1 66abb13f4e06966273ee5492a201387c5add9a89
SHA256 3f7b5ed78f93b3f2199701592d9f254e6325ad8b0f4c34a3d226b2fbc97b44a2
CRC32 02863E2F
ssdeep 6:GowqK+NkLzWbHZEG8nZNDd3RL1wQJR8FDoyPCVmzc:GpMCzWL6G4d3XBJ2WSho
Yara None matched
VirusTotal Search for analysis
Name 32a2034fa7b81591_b75386f1303e64d8139363b71e44ac16341adf4e
Submit file
Filepath C:\Users\b75386f1303e64d8139363b71e44ac16341adf4e
Size 132.0B
Processes 2640 (refHostWinruntimemonitor.exe)
Type ASCII text, with no line terminators
MD5 de48631f74d88604b641d936e21cf998
SHA1 d1525ae90989b1fa92ecf4d979cbbb421c6f15ef
SHA256 32a2034fa7b81591c36e5d4129c1d7bbdd1dcd8e4230b5c8225fc0e3bb401db8
CRC32 27FF4060
ssdeep 3:35DfPiLGQF2mDony85hvnJBR6PLXGvmWhQGrideqSC:JbPWF2AoyIJrOKQGr+eqz
Yara None matched
VirusTotal Search for analysis
Name 2dd6b6ca0d3bded8_e8aa3d0a77e909b354881c464e4c4a775ddb75b2
Submit file
Filepath C:\Windows\System32\msident\e8aa3d0a77e909b354881c464e4c4a775ddb75b2
Size 901.0B
Processes 2640 (refHostWinruntimemonitor.exe)
Type ASCII text, with very long lines, with no line terminators
MD5 1fa2d53de5cfc59f9d53f242c304b5d0
SHA1 dd0833a85969e2365ddb7382ad71ca84dfb984d3
SHA256 2dd6b6ca0d3bded86297642b6d43263c1ee9c0b3e554545dd9cf5b934e796990
CRC32 E1838605
ssdeep 24:EidyjYxYbmZffk6jxtgUS10svUmqdPad5MTaAes4sXwgnzQwh3m:FysxYydfXxGroHdPa3BYAgnzQE2
Yara None matched
VirusTotal Search for analysis
Name 5b78f9cf1b1e64e5_b75386f1303e64d8139363b71e44ac16341adf4e
Submit file
Filepath C:\Windows\System32\spwizres\b75386f1303e64d8139363b71e44ac16341adf4e
Size 927.0B
Processes 2640 (refHostWinruntimemonitor.exe)
Type ASCII text, with very long lines, with no line terminators
MD5 dd43fdee92308778e9632b4d4c04f82f
SHA1 55b8d04bc3e9ae6e77f7b9798e8464dd7f40cd94
SHA256 5b78f9cf1b1e64e565dc4883097f272ab7a313202a1398a770b375cdc982c77c
CRC32 2DC75CB6
ssdeep 24:dpBprvNcwpaONaLlrQVea9GxWL2MZey/riB:HvrvZFNaWfL23y/4
Yara None matched
VirusTotal Search for analysis
Name 7aed633d0fbdb996_refhostwinruntimemonitor.exe
Submit file
Filepath C:\refHost\refHostWinruntimemonitor.exe
Size 912.5KB
Processes 2340 (5334_1636030207_6453.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 7ed155fd765c9bbe28fb4e0a480a7c81
SHA1 7a8ac3dcdfaefafed18f30174102e32502181470
SHA256 7aed633d0fbdb996e34fba5d2dd3b1d903051fc3f5fda816d4c9478d4edb60fe
CRC32 35864066
ssdeep 12288:KVAaC3yhupEfoSOPBlqUSazEbMqmZ1FZIjXDk12ms56qn4:sAanrdOl5tYbOba812a+4
Yara
  • PE_Header_Zero - PE File Signature
  • Generic_Malware_Zero - Generic Malware
  • OS_Processor_Check_Zero - OS Processor Check
  • IsPE32 - (no description)
  • Is_DotNET_EXE - (no description)
  • UPX_Zero - UPX packed file
  • Win_Backdoor_AsyncRAT_Zero - Win Backdoor AsyncRAT
  • NPKI_Zero - File included NPKI
VirusTotal Search for analysis
Name 4cedc966265ef8e5_vyvjfcwpswc1uo7dfv.bat
Submit file
Filepath C:\refHost\VyVjFcWpSWC1UO7DFv.bat
Size 41.0B
Processes 2340 (5334_1636030207_6453.exe)
Type ASCII text, with no line terminators
MD5 3d986898ded9225bd6b6a844c9c2b59d
SHA1 c359dbb115ea8ceb119c79dbda017928d13bdd73
SHA256 4cedc966265ef8e5f063287339fa39a37719cc9e2d25355f1422e7ca930c0954
CRC32 A70040D6
ssdeep 3:I5QDbfQUMOJAISXL4i:IOPXOIkki
Yara
  • Antivirus - Contains references to security software
VirusTotal Search for analysis
Name 57389e5a9489cf52_ad905248ae8915310f4f54ea4fdbd093383798d1
Submit file
Filepath C:\refHost\ad905248ae8915310f4f54ea4fdbd093383798d1
Size 986.0B
Processes 2640 (refHostWinruntimemonitor.exe)
Type ASCII text, with very long lines, with no line terminators
MD5 92174b755651df3a6cc504d4541c1949
SHA1 2534fc64d9cb23079c7dac49c98b4b11d00de0dc
SHA256 57389e5a9489cf5286a853c30f0784231cab8d1c73f0fb4297e7e3907d2c76be
CRC32 37F3C8BF
ssdeep 24:NN/8bzSpEzeGUqetxD8LXh5ds/76CUgnmFKUO+v:n8bz5duX4LRvY763gmFKj+v
Yara None matched
VirusTotal Search for analysis
Name e3b0c44298fc1c14___tmp_rar_sfx_access_check_9635734
Empty file or file not found
Filepath C:\refHost\__tmp_rar_sfx_access_check_9635734
Size 0.0B
Type empty
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
CRC32 00000000
ssdeep 3::
Yara None matched
VirusTotal Search for analysis