popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name a2ce3a0fa7d2a833_e0f5c59f9fa661f6f4c50b87fef3a15a
Submit file
Filepath C:\Users\test22\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E0F5C59F9FA661F6F4C50B87FEF3A15A
Size 893.0B
Processes 2560 (sqlcmd.exe) 2704 (powershell.exe)
Type data
MD5 d4ae187b4574036c2d76b6df8a8c1a30
SHA1 b06f409fa14bab33cbaf4a37811b8740b624d9e5
SHA256 a2ce3a0fa7d2a833d1801e01ec48e35b70d84f3467cc9f8fab370386e13879c7
CRC32 1C31685D
ssdeep 24:hBntmDvKUQQDvKUr7C5fpqp8gPvXHmXvponXux:3ntmD5QQD5XC5RqHHXmXvp++x
Yara None matched
VirusTotal Search for analysis
Name 87884144ff48d4fb_sqlcmd.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\sqlcmd.exe
Size 196.0KB
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 fc4462b1448b7db9f905be31b1bb288d
SHA1 815b3bc354ff384c7a51e1fd76d411b4ed589c9c
SHA256 87884144ff48d4fb0b4dc7d7677369524be8042dd195a1080fddba1dda290821
CRC32 108F4306
ssdeep 3072:3M7l92L2002YwWly6kAeGj7wYp3wwXmx9y7WAMWkQh0khzlqsy7Ft6:c7l9/K9TAMk+sy736
Yara
  • UPX_Zero - UPX packed file
  • Malicious_Library_Zero - Malicious_Library
  • OS_Processor_Check_Zero - OS Processor Check
  • Malicious_Packer_Zero - Malicious Packer
  • IsPE32 - (no description)
  • PE_Header_Zero - PE File Signature
VirusTotal Search for analysis
Name 44e8aa0601fffe82_590aee7bdd69b59b.customdestinations-ms
Submit file
Filepath c:\users\test22\appdata\roaming\microsoft\windows\recent\customdestinations\590aee7bdd69b59b.customdestinations-ms
Size 7.8KB
Processes 2704 (powershell.exe)
Type data
MD5 ee6cfd78f72f03663db2a7df0c696dd7
SHA1 56126e81a5f6577f8e24a890185d0c9eb600fa02
SHA256 44e8aa0601fffe82c494bbc7d7280aa3bc5e90effe2aee2d716d5716e1d6b568
CRC32 F27137C4
ssdeep 96:EtuCcBGCPDXBqvsqvJCwoRtuCcBGCPDXBqvsEHyqvJCworu4tDHXyGlUVul:EtCgXoRtCgbHnorBTyY
Yara
  • Generic_Malware_Zero - Generic Malware
  • Antivirus - Contains references to security software
VirusTotal Search for analysis
Name 19e8228a1d63da4d_e0f5c59f9fa661f6f4c50b87fef3a15a
Submit file
Filepath C:\Users\test22\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E0F5C59F9FA661F6F4C50B87FEF3A15A
Size 252.0B
Processes 2560 (sqlcmd.exe) 2704 (powershell.exe)
Type data
MD5 2019fd7adcec6929d2e0f8c5947c2c79
SHA1 7fab0ff1fa8a35e0aae1c42e61356f189f9cabe9
SHA256 19e8228a1d63da4d897c5a44a1241d0da6c1118897fbbc7248753567983f163f
CRC32 38B77F4E
ssdeep 3:kkFklCM/tfllXlE/Bi9llPlzRkwWBARLNDU+ZMlKlBkvclcMlVHblB15RNU2UPlN:kK4/YiZliBAIdQZV742MN
Yara None matched
VirusTotal Search for analysis