Dropped Files | ZeroBOX

Name	7dcaa48da5af10e1_mnmkcj.yo Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\mnmkcj.yo
Size	5.4KB
Processes	2556 (nulight2.1.exe)
Type	data
MD5	`1790768843b6fa277cfed7cd3e0ba38d`
SHA1	`235c712a4eabf1bd9cddafb4c785c0dd0639f349`
SHA256	`7dcaa48da5af10e119474032c5dd8a6394fd2d1ae980131898dec4148992e042`
CRC32	`4B59ACC9`
ssdeep	`96:hZg45P5g5WFNKLL6GqbySZ8D+0rP5CK3OJEQEuwhHt32iFuRmrm6oAKg:hJ54WFNYSZaTLgJ3VwhHN2yuRmrzLP`
Yara	None matched
VirusTotal	Search for analysis

Name	61bbe76f7e3f5670_gfcdq.exe Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\gfcdq.exe
Size	141.5KB
Processes	2556 (nulight2.1.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`d45b6af8e50b8e9fc588b738f535d6d4`
SHA1	`f51637cca846c1c93f2d92fb7d7c5c60cb92386f`
SHA256	`61bbe76f7e3f567034aa861be8b52ecea886244a5c3cf4945927fd7b07e438d4`
CRC32	`C1112879`
ssdeep	`3072:cefUuEnh0rtkwdlBQJxI8+G1Vj/4jGmBllK:cLuEnODwxv7oHK`
Yara	IsPE32 - (no description) OS_Processor_Check_Zero - OS Processor Check Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	6c110cd3aed65fda_axladwross.r Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\axladwross.r
Size	274.0KB
Processes	2556 (nulight2.1.exe)
Type	data
MD5	`e04391c24f9427a85b403e71e9c11f16`
SHA1	`7c25cfd4a9719d8b2aaf0f185e63e309ea6a4c01`
SHA256	`6c110cd3aed65fda61565108efa53d7999b55098998f50490ccecf1f837c856a`
CRC32	`8AB11494`
ssdeep	`6144:iEM7DQcqIICZf0aJ4nzIyfXMH9fbpZL0+az4mSUyQqQQjq01g1vul0:y7/ICEzIyfcH9fbT0+azf11V/1ml0`
Yara	None matched
VirusTotal	Search for analysis

Name	e3b0c44298fc1c14_nspEFBF.tmp Empty file or file not found
Filepath	C:\Users\test22\AppData\Local\Temp\nspEFBF.tmp
Size	0.0B
Type	empty
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
CRC32	`00000000`
ssdeep	`3::`
Yara	None matched
VirusTotal	Search for analysis