popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name a9220271c0eb79e5_d93f411851d7c929.customdestinations-ms
Submit file
Filepath c:\users\test22\appdata\roaming\microsoft\windows\recent\customdestinations\d93f411851d7c929.customdestinations-ms
Size 7.8KB
Processes 2844 (powershell.exe)
Type data
MD5 b0c9ff441742f3847ea27da9dee7f2cd
SHA1 c42a1eb32ba953a0ce5d8635caabf71b5b281495
SHA256 a9220271c0eb79e5750e0d0e62058ecac560e09cdf9e82ef61aeeabada5d48a4
CRC32 0BBCAB1A
ssdeep 96:RutuCOGCPDXBqvsqvJCwo+utuCOGCPDXBqvsEHyqvJCworSP7Hwxf2lUVul:UtvXoxtvbHnorrxQ
Yara
  • Antivirus - Contains references to security software
  • Generic_Malware_Zero - Generic Malware
VirusTotal Search for analysis
Name e3b0c44298fc1c14_ssd.dll
Empty file or file not found
Filepath C:\Users\Public\Documents\ssd.dll
Size 0.0B
Type empty
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
CRC32 00000000
ssdeep 3::
Yara None matched
VirusTotal Search for analysis
Name 62b928ebb76b12f0_fer[1].htm
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\fer[1].htm
Size 10.8KB
Processes 2704 (mshta.exe)
Type data
MD5 a845bed85c4a791c39615f5c00b636de
SHA1 bc68b95f2a2e456cf470c80841550e7d9b03b66e
SHA256 62b928ebb76b12f07ac9532742f41b8076dc3d37e594df7f185d9650d8884365
CRC32 A83FF9C0
ssdeep 192:aYLCkQR1Y25Mc8aB1iDPFgealJ4bkw+8SfpS2ZxNZzEJf8DfKsRklQ:aYGka1YqVDB1ePFg546fpS2OkkC
Yara None matched
VirusTotal Search for analysis
Name 2d0ec15599a7c5e4_zltatffufq.gew
Submit file
Filepath c:\windows\syswow64\qgnnnz\zltatffufq.gew
Size 592.0KB
Processes 2844 (powershell.exe) 3064 (rundll32.exe)
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 88e5ae27a0a74fb003a4cc7adb06bce9
SHA1 c2e150f72e6129b875b5ba6be7e32a75fa5357f3
SHA256 2d0ec15599a7c5e4aba30920b0bcb93eb51426e618bb72245bd394ef474313ae
CRC32 36907FD1
ssdeep 6144:LW/LM7l7777WVzQa1Cl0U1DDeialPTSjT0q//nXdzYYcIkptHMCLb2FN0Va8SAGp:lrHa5TS8gNMYcdptQZxV24k3Ayg
Yara
  • Malicious_Packer_Zero - Malicious Packer
  • PE_Header_Zero - PE File Signature
  • OS_Processor_Check_Zero - OS Processor Check
  • IsPE32 - (no description)
  • Malicious_Library_Zero - Malicious_Library
  • IsDLL - (no description)
  • UPX_Zero - UPX packed file
VirusTotal Search for analysis