Dropped Files | ZeroBOX

Name	e3b0c44298fc1c14___tmp_rar_sfx_access_check_9675390 Empty file or file not found
Filepath	C:\Users\test22\AppData\Local\Temp\RarSFX0\__tmp_rar_sfx_access_check_9675390
Size	0.0B
Type	empty
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
CRC32	`00000000`
ssdeep	`3::`
Yara	None matched
VirusTotal	Search for analysis

Name	5418cc1d0b03d727_1.cmd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\RarSFX0\1.cmd
Size	36.0B
Processes	3020 (zakrep.exe)
Type	ASCII text, with CRLF line terminators
MD5	`de5476932a427ae159465dc72f1b9e11`
SHA1	`bbf15ed947eefbb44d46caf4e417c53f5eb41eb2`
SHA256	`5418cc1d0b03d7273d22d0ec9478ac733d21f01c27ae002b442a7cd27b77db6f`
CRC32	`354B5D47`
ssdeep	`3:m6FHXTH2FXuDA:m6lH2BuDA`
Yara	None matched
VirusTotal	Search for analysis

Name	662ed2584ccb3620_service.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\RarSFX0\service.dll
Size	3.2MB
Processes	3020 (zakrep.exe)
Type	PE32+ executable (DLL) (console) x86-64, for MS Windows
MD5	`8e4e44b0cdee6b81e29122e7a2cc4973`
SHA1	`49fa7dea230d4fc9110624851a5ba539895e8999`
SHA256	`662ed2584ccb362011674341bee3df74906243178266359413f5ee3596d97b35`
CRC32	`47EA8B4C`
ssdeep	`49152:sIU6in5VwASOvGtlqm2rcX8Tj72102b2le3GBUn0DExPHT7YWEB24+p5v3ToLP7d:D+K38TfdwToLWd2YP`
Yara	OS_Processor_Check_Zero - OS Processor Check Malicious_Library_Zero - Malicious_Library IsDLL - (no description) PE_Header_Zero - PE File Signature IsPE64 - (no description) Malicious_Packer_Zero - Malicious Packer UPX_Zero - UPX packed file
VirusTotal	Search for analysis