popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 828f0819e547b8b6_UvlaqtdaO.bat
Submit file
Filepath C:\Users\test22\UvlaqtdaO.bat
Size 384.0B
Processes 2312 (rc.exe)
Type ASCII text, with CRLF line terminators
MD5 9d129b87ea5d68b76a8a6f098ee239bb
SHA1 e23837a4d7cc3235b8d876c9a61ad26468a026b0
SHA256 828f0819e547b8b60afa2a6124bee209a87a18be0680006d3ac1bfeafe6c1b4f
CRC32 049EA187
ssdeep 6:tPUx2cL4VspmLp2cLyBtOx2cLMhGKFIs2cL9s2cLZbpmLKaXSLp6N2cLAP2cL4nD:tPh6mM3BtZvGeWwXSdm/S93tOf
Yara None matched
VirusTotal Search for analysis
Name c264b40c7308aad3_uxtheme.dll
Submit file
Filepath C:\Windows \System32\uxtheme.dll
Size 108.2KB
Type PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5 64854e08792b761b973556cdf1522f26
SHA1 851cd539768c26b407e3ba8cc75d87ed1dd8423d
SHA256 c264b40c7308aad3df416c750c64a5fb80540095ac725002686dd25c4dbf2b17
CRC32 653410DC
ssdeep 1536:/Bx0lrQIB38yTXt13msYq5jDravD+YgWCl7MbiR4R04T6gb:5xOrrx13lravD+YgoR04+gb
Yara
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
VirusTotal Search for analysis
Name 37c59c8398279916_KDECO.bat
Submit file
Filepath C:\Windows \System32\KDECO.bat
Size 155.0B
Type ASCII text, with no line terminators
MD5 213c60adf1c9ef88dc3c9b2d579959d2
SHA1 e4d2ad7b22b1a8b5b1f7a702b303c7364b0ee021
SHA256 37c59c8398279916cfce45f8c5e3431058248f5e3bef4d9f5c0f44a7d564f82e
CRC32 42292F53
ssdeep 3:LjT5LJJFIf9oM3KN6QNb3DM9bWQqA5SkrF2VCceGAFddGeWLCXlRA3+OR:rz81R3KnMMQ75ieGgdEYlRA/R
Yara None matched
VirusTotal Search for analysis
Name 5e6ed524c955fb1e_PasswordOnWakeSettingFlyout.exe
Submit file
Filepath C:\Windows \System32\PasswordOnWakeSettingFlyout.exe
Size 44.9KB
Type PE32+ executable (GUI) x86-64, for MS Windows
MD5 591a98c65f624c52882c2b238d6cd4c4
SHA1 c960d08c19d777069cf265dcc281807fbd8502d7
SHA256 5e6ed524c955fb1ea3e24f132987143da3ec81db5041a0edcfa7bf3ac790eb06
CRC32 5CEBDF70
ssdeep 768:fUprgu54VApRI3YhHmGAJhdnORk9JY8ANw+McZp0vH6RCQy+CsCMZWV0Kr6wD1PR:E548RI3YmJdT9JY1ecZG/6RCQyDqZetZ
Yara
  • Malicious_Packer_Zero - Malicious Packer
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature
  • Generic_Malware_Zero - Generic Malware
  • Win32_Trojan_Gen_2_0904B0_Zero - Win32 Trojan Gen
  • Malicious_Library_Zero - Malicious_Library
  • UPX_Zero - UPX packed file
  • Win32_Trojan_Gen_1_0904B0_Zero - Win32 Trojan Emotet
VirusTotal Search for analysis
Name e2dd1a6e1271813f_adtqalvu.url
Submit file
Filepath C:\Users\test22\adtqalvU.url
Size 78.0B
Processes 2312 (rc.exe)
Type MS Windows 95 Internet shortcut text (URL=<file:"C:\\Users\\test22\\Uvlaqtda.exe">), ASCII text, with CRLF line terminators
MD5 aa1103e7c7c7d7dd36171c8b44e64a24
SHA1 05096eb9ab0aeeeba33dee8ec1beaca7cc7eb0ee
SHA256 e2dd1a6e1271813ff60b55125e80ee1454c54552f2f1c2c57677faa5bced9e74
CRC32 C903D16F
ssdeep 3:HRAbABGQYmTWAX+PzRXpcJs4ASsGKd5s:HRYFVmTWDbRXpcOSsb5s
Yara None matched
VirusTotal Search for analysis
Name 12d3a4efa6646b3e_null
Submit file
Filepath C:\Users\test22\Null
Size 4.0B
Processes 2312 (rc.exe)
Type ASCII text, with CRLF line terminators
MD5 d8db4ecfe0a6eb9079d52f98b92028fe
SHA1 6865d9312d70e383b3cd0ec9d5dc096964ee74b0
SHA256 12d3a4efa6646b3ece4782f70033b9785bf0d167b553c43e22579b031cea5c4d
CRC32 09F2499B
ssdeep 3:Iv:Iv
Yara None matched
VirusTotal Search for analysis
Name 966838fe8f080aca_Uvlaqtdat.bat
Submit file
Filepath C:\Users\test22\Uvlaqtdat.bat
Size 47.0B
Processes 2312 (rc.exe)
Type ASCII text, with no line terminators
MD5 9ed1f639109784a20d186551c4336d01
SHA1 5a84caf5776151aa8c3bbff01a1382ce3bc1f5ad
SHA256 966838fe8f080aca38fe3d7b87109dbc7b656369d0ff7c1afa7ef98db09e06f5
CRC32 8548F9FE
ssdeep 3:LjTnmWxpm26OR:rnmQpm2rR
Yara None matched
VirusTotal Search for analysis