popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name f5cb9476e4b5576b_db.dat
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\db.dat
Size 557.9KB
Processes 2184 (lgz.exe)
Type data
MD5 ee5d452cc4ee71e1f544582bf6fca143
SHA1 a193952075b2b4a83759098754e814a931b8ba90
SHA256 f5cb9476e4b5576bb94eae1d278093b6470b0238226d4c05ec8c76747d57cbfe
CRC32 373F01CF
ssdeep 12288:QUd0UAQgTkZYxdNLCj2ICMBYCTKTZmF5zRn5cdE:QUddADm/jGsOTZmF5zRGW
Yara None matched
VirusTotal Search for analysis
Name baa3acf778b3bcf4_lgz.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\lgz.exe
Size 328.0KB
Processes 1984 (2701.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 bbaa394e6b0ecb7808722986b90d290c
SHA1 682e835d7ea19c9aa3d464436d673e5c89ab2bb6
SHA256 baa3acf778b3bcf4b7be932384799e8c95a5dc56c0faea8cbf7a33195ab47e73
CRC32 73058F90
ssdeep 6144:evSBanJK/5kPas8N0HEAAf1vbViarAWbd33WEPT:evjas8uHEAAtvBpk3EPT
Yara
  • UPX_Zero - UPX packed file
  • Malicious_Library_Zero - Malicious_Library
  • OS_Processor_Check_Zero - OS Processor Check
  • Malicious_Packer_Zero - Malicious Packer
  • IsPE32 - (no description)
  • PE_Header_Zero - PE File Signature
  • Win32_Trojan_Emotet_1_Zero - Win32 Trojan Emotet
VirusTotal Search for analysis
Name 9435eadc0cb68543_ss31.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\ss31.exe
Size 818.0KB
Processes 1984 (2701.exe)
Type PE32+ executable (GUI) x86-64, for MS Windows
MD5 23f2831e8e49ff1666542b258ec8601e
SHA1 b5b77744075febb880c1a2bb3cd6f3fd10dcd4e2
SHA256 9435eadc0cb68543b72577a4b5770cb1630fb17df031a900741729c44e46ed29
CRC32 FE12CA18
ssdeep 6144:x5UguSWlTtbveMH2QRObpNSEmV5cvWeKwDWusJkUpCvpniMWJlHQhynq3W4qOmc/:x5JGFveBQETwyjdJiGEEgSo5Xw
Yara
  • UPX_Zero - UPX packed file
  • Malicious_Library_Zero - Malicious_Library
  • Generic_Malware_Zero - Generic Malware
  • Win32_Trojan_Gen_2_0904B0_Zero - Win32 Trojan Gen
  • Win32_Trojan_Gen_1_0904B0_Zero - Win32 Trojan Emotet
  • IsPE64 - (no description)
  • Malicious_Packer_Zero - Malicious Packer
  • PE_Header_Zero - PE File Signature
VirusTotal Search for analysis
Name 24a53033a2e89acf_db.dll
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\db.dll
Size 52.0KB
Processes 2184 (lgz.exe)
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 1b20e998d058e813dfc515867d31124f
SHA1 c9dc9c42a748af18ae1a8c882b90a2b9e3313e6f
SHA256 24a53033a2e89acf65f6a5e60d35cb223585817032635e81bf31264eb7dabd00
CRC32 05945495
ssdeep 384:XehpWSsdMRgTh4QPt0RaYaGCp9FclU2sSadM7yjR+Lcuczw0RoR/5rdy7olDJfUw:ipW6+grtlU2v7yGLwwouflpZ2tVtkTF
Yara
  • Malicious_Library_Zero - Malicious_Library
  • Win32_Trojan_Gen_2_0904B0_Zero - Win32 Trojan Gen
  • IsDLL - (no description)
  • IsPE32 - (no description)
  • PE_Header_Zero - PE File Signature
VirusTotal Search for analysis