popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 0e083607e9f43586_vbc.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\vbc.exe
Size 61.5KB
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 ee71c964ff63d2d1316667f79656e01a
SHA1 011b78f20c2f693fada0beff5223bcf74d96d27b
SHA256 0e083607e9f435860981d2de43a7c03ff3d1dd9ef5f85731ffd5fccc86efb410
CRC32 47023B3B
ssdeep 1536:TgX9NKwuDUaQl+kzdC9GiZQWSwi/fUpS/fX/MNY:TyQwuis1Jy///f/Mm
Yara
  • IsPE32 - (no description)
  • Win_Backdoor_AsyncRAT_Zero - Win Backdoor AsyncRAT
  • Is_DotNET_EXE - (no description)
  • PE_Header_Zero - PE File Signature
VirusTotal Search for analysis
Name 043b6ec54651c475_d93f411851d7c929.customDestinations-ms~RF1017993.TMP
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d93f411851d7c929.customDestinations-ms~RF1017993.TMP
Size 7.8KB
Processes 2244 (powershell.exe) 2600 (powershell.exe)
Type data
MD5 a0fc8d4a2cf5a30130abeb6712fc7885
SHA1 b403b5b84863e5a3177175138c83ffb567b40e79
SHA256 043b6ec54651c475994d2865254b1b30862a2f3bd32593661c043fd2f48f9c7e
CRC32 449D5C65
ssdeep 96:ktuC+GCPDXBqvsqvJCwo5tuC+GCPDXBqvsEHyqvJCwor07HwxWlUVul:ktvXo5tvbHnorvxo
Yara
  • Generic_Malware_Zero - Generic Malware
  • Antivirus - Contains references to security software
VirusTotal Search for analysis