popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 0b8607fdf72f3e65_cookies.sqlite
Submit file
Filepath C:\Users\test22\AppData\Roaming\k5ymxkek.i3r\Firefox\Profiles\qxo5wa6x.default-release\cookies.sqlite
Size 96.0KB
Type SQLite 3.x database, user version 12, last written using SQLite version 3038003
MD5 d367ddfda80fdcf578726bc3b0bc3e3c
SHA1 23fcd5e4e0e5e296bee7e5224a8404ecd92cf671
SHA256 0b8607fdf72f3e651a2a8b0ac7be171b4cb44909d76bb8d6c47393b8ea3d84a0
CRC32 842B3569
ssdeep 12:DQAwfWk73Fmdmc/OPVJXfPNn43etRRfYR5O8atLqxeYaNcDakMG/lO:DQAwff32mNVpP965Ra8KN0MG/lO
Yara None matched
VirusTotal Search for analysis
Name c3e68aa20ea8c598_xrpwbyjw.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\xrpwbyjw.exe
Size 108.0KB
Processes 2552 (sarkof2.1.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 39b747f689eff71e4d23769e065cf171
SHA1 856ad164e2bce89a2045114bd237e28a4a928df3
SHA256 c3e68aa20ea8c5987a7d77413fbd1f2898fc2994b5b89392c872ae1b45a8f7b2
CRC32 DCCD9E01
ssdeep 3072:ilwr43E5vCEG0BnrE2R4E4jDRpn2wc+IJTAW0NqNCmCX:ilf0m0F4NEwcjqX
Yara
  • UPX_Zero - UPX packed file
  • Malicious_Library_Zero - Malicious_Library
  • OS_Processor_Check_Zero - OS Processor Check
  • IsPE32 - (no description)
  • PE_Header_Zero - PE File Signature
VirusTotal Search for analysis
Name 512e4e95427a8c66_Cookies
Submit file
Filepath C:\Users\test22\AppData\Roaming\k5ymxkek.i3r\Chrome\Default\Cookies
Size 36.0KB
Type SQLite 3.x database, last written using SQLite version 3021000
MD5 f4c540f52d5c08d24a79805eda1d7abf
SHA1 22be46826df7693f58736adb232ab2da790f2571
SHA256 512e4e95427a8c66b2993b27bb23d99cdab2ebd6e9e8937c7f6a39ed8c6a5b94
CRC32 95C9FB3A
ssdeep 24:TLmg/5UcJOyTGVZTPaFpEvg3obNmCFk6Uwcc85fB34444z:T5/ecVTgPOpEveoJZFrU1cQB34444z
Yara None matched
VirusTotal Search for analysis
Name e3b0c44298fc1c14_nswEF90.tmp
Empty file or file not found
Filepath C:\Users\test22\AppData\Local\Temp\nswEF90.tmp
Size 0.0B
Type empty
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
CRC32 00000000
ssdeep 3::
Yara None matched
VirusTotal Search for analysis
Name 09615fb8e0508303_qgqdbq.ta
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\qgqdbq.ta
Size 265.1KB
Processes 2552 (sarkof2.1.exe)
Type data
MD5 cc16dee744910d79c6fe87e2d4f3b068
SHA1 3d218b9857963744445131cfb4b76514a2d7a33b
SHA256 09615fb8e05083033e12cbca5f122b6387bd4d9fd19ff9e4e30dde3f1138c6c4
CRC32 73CEC39E
ssdeep 6144:sI1kn+It5aucgGcNgbICe9tezQGHHwzpzTI9sWwhip:sI1knTaucgGbICe9tezQ+QlQ9sWw0p
Yara None matched
VirusTotal Search for analysis
Name a12fd5db00d663ca_eicuurae.zl
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\eicuurae.zl
Size 7.9KB
Processes 2552 (sarkof2.1.exe)
Type data
MD5 4631e637e5a07ea487e58ab0680396df
SHA1 de19da116866657e4e482d69b46d84b172f21e33
SHA256 a12fd5db00d663cafe666b79080559f4ba70ce9419fe59f6b816ecbc585204b4
CRC32 67887369
ssdeep 192:darcitQvArWiPv4Ab9JpYBp6FFylIEkv6HLtNI7ypzV:uCYrNPv4ydPFAlID6ZNI7q
Yara None matched
VirusTotal Search for analysis