Dropped Files | ZeroBOX

Name	e3b0c44298fc1c14_nsvDF15.tmp Empty file or file not found
Filepath	C:\Users\test22\AppData\Local\Temp\nsvDF15.tmp
Size	0.0B
Type	empty
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
CRC32	`00000000`
ssdeep	`3::`
Yara	None matched
VirusTotal	Search for analysis

Name	cca1d4337464cc21_xnuko.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\nsfDF54.tmp\xnuko.dll
Size	98.0KB
Processes	2780 (loader1.exe)
Type	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5	`dda7936c29fa1605cf2b7842e44dca9e`
SHA1	`3ad26cd2f728e27e0eba841d5adad32c9647f142`
SHA256	`cca1d4337464cc219cfff985f3b88771aab3f4deb2669047a6b0ce24726999e7`
CRC32	`18FECAA9`
ssdeep	`1536:YpDh46s2nsu0o80M2NDuTF/ZUZqrv2DYRRsWjcdfdggeK:YpDhy2gcNaT9xvkYRefh`
Yara	PE_Header_Zero - PE File Signature OS_Processor_Check_Zero - OS Processor Check IsPE32 - (no description) IsDLL - (no description) Malicious_Library_Zero - Malicious_Library UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	2b4e108b02a5d05c_800vtmm6uy9 Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\800vtmm6uy9
Size	213.2KB
Processes	2780 (loader1.exe)
Type	data
MD5	`7e91e5af4a581661a4a970ea85ed9d80`
SHA1	`eaddfee393e2e1566f9b4ff786431626562be62b`
SHA256	`2b4e108b02a5d05c99b67b0732ce32405a8cce34533a9e751c8e3b3cf783e419`
CRC32	`B4D7636B`
ssdeep	`3072:FzLBzO4hG2ygiALwjrlCqkZIIkMwtqtWDiaPwKB9e9ywkbn77tzYcDIF42WaLQh2:FcOGZgXZoqtWru2bn7BUcDsrGYmDiBJN`
Yara	None matched
VirusTotal	Search for analysis