popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name b639140c43bcb58b_wkjjrdsslmh.tz
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\wkjjrdsslmh.tz
Size 124.0KB
Processes 2068 (qqqqq.exe)
Type data
MD5 54c6a6b406015d94f31f3c1cca62efdd
SHA1 c183140dc7ffdf8e3798a697e3259b0290632681
SHA256 b639140c43bcb58b66f2b745aee7d66032a6115943e5c307193ccc78fbd50274
CRC32 E3AD70C8
ssdeep 3072:dIg2AVuKB2EPh+vAbaEME97yPBaX7oubd1IQqolCvesEmvP88K7dN:dI2Vu6ZPhqEMEMaou3IQqolC28vk8KP
Yara None matched
VirusTotal Search for analysis
Name b2fa66c8535d72d4_baqbsaydvp.t
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\baqbsaydvp.t
Size 5.6KB
Processes 2068 (qqqqq.exe)
Type data
MD5 3c45b2862d495e989d4580aef08841ea
SHA1 bc319682252c89ab0f352b59cf7af45a081824cb
SHA256 b2fa66c8535d72d4f1134d9c8bdd7f483eeed325d67338821ecf97ea2ff463a0
CRC32 A77F2BE9
ssdeep 96:Farc6oY6g/DrYuQk2XO5oSwQGFpZFdgvZ+U2iLGFNZK7zmzuZP+ed:FarcR6YhX1S1GFpZngvZ+U2dFrdzSN
Yara None matched
VirusTotal Search for analysis
Name 6b86b273ff34fce1_6D6F4D.lck
Submit file
Filepath C:\Users\test22\AppData\Roaming\41D896\6D6F4D.lck
Size 1.0B
Processes 2256 (pbizpmec.exe)
Type very short file (no magic)
MD5 c4ca4238a0b923820dcc509a6f75849b
SHA1 356a192b7913b04c54574d18c28d46e6395428ab
SHA256 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
CRC32 83DCEFB7
ssdeep 3:U:U
Yara None matched
VirusTotal Search for analysis
Name e3b0c44298fc1c14_nsaBED6.tmp
Empty file or file not found
Filepath C:\Users\test22\AppData\Local\Temp\nsaBED6.tmp
Size 0.0B
Type empty
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
CRC32 00000000
ssdeep 3::
Yara None matched
VirusTotal Search for analysis
Name 55b1bfb2836140f7_6d6f4d.exe
Submit file
Filepath c:\users\test22\appdata\roaming\41d896\6d6f4d.exe
Size 74.0KB
Processes 2068 (qqqqq.exe) 2256 (pbizpmec.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 a258e2f79497710f73675324b13ef40e
SHA1 fb0bad0e0e8bc630240a8e92cd1af54f96608188
SHA256 55b1bfb2836140f7373957c67594228ceb5728dfbeedeb1393a99c7e9d6cf9ad
CRC32 322A5963
ssdeep 768:617omFXzGOhRMJF5sTyxuObqALUPOqImNtMrG3xbYVwHEFE6wRTqiXbtjQM/Jn8T:bcjGbFGyxuwLXqRxvkIZQSFb90MEsxL
Yara
  • IsPE32 - (no description)
  • OS_Processor_Check_Zero - OS Processor Check
  • Malicious_Library_Zero - Malicious_Library
  • UPX_Zero - UPX packed file
  • PE_Header_Zero - PE File Signature
VirusTotal Search for analysis
Name 302727eca397d97f_6d6f4d.hdb
Submit file
Filepath C:\Users\test22\AppData\Roaming\41D896\6D6F4D.hdb
Size 4.0B
Processes 2256 (pbizpmec.exe)
Type ISO-8859 text, with no line terminators
MD5 e32a6ca2d8b137049a26644c2a05ab85
SHA1 8be8b5a49dd36013f049002d7c9bb19511f81d0e
SHA256 302727eca397d97fa99f0cb359cac1ee6b952ce876131bc1c9cc0de5fa792a45
CRC32 2F7C4CB9
ssdeep 3:gn:gn
Yara None matched
VirusTotal Search for analysis