popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name fb7fe94958804f62_tmp138E.tmp.bat
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\tmp138E.tmp.bat
Size 153.0B
Processes 1680 (sBJ42BUkUv.exe) 2736 (cmd.exe)
Type DOS batch file, ASCII text, with CRLF line terminators
MD5 86c44dc24b7d889611c60c446c80c2e2
SHA1 1c474587b1ee2e66fc08c3317bc0ef5b01bf85ee
SHA256 fb7fe94958804f62db7fb7984555a46418b4c1f8d754982778b913ee21999028
CRC32 CB388D44
ssdeep 3:mKDDCMNqTtvL5omWxpcL4EaKC5ZACSmqRDmWxpcL4E2J5xAInTRI+WilWHVZPy:hWKqTtT6mQpcLJaZ5Omq1mQpcLJ23fT9
Yara None matched
VirusTotal Search for analysis
Name 3a255c0024916f19_590aee7bdd69b59b.customdestinations-ms
Submit file
Filepath c:\users\test22\appdata\roaming\microsoft\windows\recent\customdestinations\590aee7bdd69b59b.customdestinations-ms
Size 7.8KB
Processes 1508 (powershell.exe)
Type data
MD5 6fd29def73b2779e0ae71c4eecd304f7
SHA1 4ba660e4db856e04eb93a01c59ee764259ec55e7
SHA256 3a255c0024916f19c5b3f5d4aa5cde453cc5d90b0784a15f0456e57e71a764b6
CRC32 1F966CD8
ssdeep 96:ctuCeGCPDXBqvsqvJCwo5tuCeGCPDXBqvsEHyqvJCworDPtDHXyf2lUVul:ctvXo5tvbHnorxTyQ
Yara
  • Generic_Malware_Zero - Generic Malware
  • Antivirus - Contains references to security software
VirusTotal Search for analysis
Name 2d9a9143fcb477dd_svchost.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\svchost.exe
Size 1.7MB
Processes 1680 (sBJ42BUkUv.exe)
Type PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
MD5 af16c9b8a8ca0b632d9ca91a8411ec57
SHA1 3ff4dba7057fbbebc909ec741858f93ca5ae27a3
SHA256 2d9a9143fcb477dd37249f8d0f10ab0a7c5a509eecd5e69772ff8d319d75fcac
CRC32 4BFA5CA6
ssdeep 24576:7gqpOwj5zzFh/DpqcrxNpcbUIiIGT9WDka9:7g2Bj5z7/DpXrxNpfT9Wj
Yara
  • Malicious_Library_Zero - Malicious_Library
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature
VirusTotal Search for analysis
Name 440883cd9d6a76db_иисус.sys
Submit file
Size 35.4KB
Type PE32+ executable (DLL) (native) x86-64, for MS Windows
MD5 97e3a44ec4ae58c8cc38eefc613e950e
SHA1 bc47e15537fa7c32dfefd23168d7e1741f8477ed
SHA256 440883cd9d6a76db5e53517d0ec7fe13d5a50d2f6a7f91ecfc863bc3490e4f5c
CRC32 E765A9F1
ssdeep 768:tKCM0IWRhm8LiES4cT4iZ923OMqUD6Q4KICJw4:t7/Vhzb3pL4GJw4
Yara
  • Generic_Malware_Zero - Generic Malware
  • IsDLL - (no description)
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature
VirusTotal Search for analysis