popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 7cffa97a59d14552_tmomuqx0.txt
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Cookies\TMOMUQX0.txt
Size 99.0B
Processes 2396 (EXCEL.EXE)
Type ASCII text
MD5 d091212eeda5bb7f7f7c6c42e776435d
SHA1 50b5158d458998d3829ab8db3c076ea2d2abe2c5
SHA256 7cffa97a59d145521538ae4e842d4a879a18c1c2a5694cdb533821b47684ca56
CRC32 CC834F77
ssdeep 3:akDHvgjCshid3MQ2L2hX6cBCQnSVX0:akDPJ7aXLO0YSVk
Yara None matched
VirusTotal Search for analysis
Name 493f0a8c0e06eaa6_qrmzlhkfmktctc.xqw
Submit file
Filepath c:\windows\syswow64\cvvgrvwgvlwvwa\qrmzlhkfmktctc.xqw
Size 848.0KB
Processes 2396 (EXCEL.EXE) 2720 (regsvr32.exe)
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 629f27c6044ab9df8708a32f83ec1a44
SHA1 64454ec32062089a580b983e69532ae7c348191c
SHA256 493f0a8c0e06eaa673713860c98ad1460119f32f7f2a2faaf2d71c2cedf53387
CRC32 F0E1ABEA
ssdeep 12288:OBOHvWMwoyDdgp4W5dhdu1sRcw18b3UHv8qDznxN6t:OX/RgaW5dhZ8oHvbzn6
Yara
  • IsPE32 - (no description)
  • OS_Processor_Check_Zero - OS Processor Check
  • UPX_Zero - UPX packed file
  • IsDLL - (no description)
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
VirusTotal Search for analysis