popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 5478f23d8a67ec7f_crsi.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\crsi.exe
Size 225.0KB
Processes 2656 (None)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 d5bbe92d4a8b9014708e0aa325158e2b
SHA1 7dd6b0e60dbcc9207b5ef18daee9790f14c525d4
SHA256 5478f23d8a67ec7f18ee3ebcfefe3d86d89543c6f323b3de5f7696fdd7697cf4
CRC32 B6DF5115
ssdeep 6144:VeUOuccUzNkM0MU1QPvoj4DFBHLWEUuJJmfUGs70p8I:UUlcjJkrX1QPv/DbrWE5JlGs70pZ
Yara
  • UPX_Zero - UPX packed file
  • ConfuserEx_Zero - Confuser .NET
  • Is_DotNET_EXE - (no description)
  • Win_Backdoor_AsyncRAT_Zero - Win Backdoor AsyncRAT
  • IsPE32 - (no description)
  • PE_Header_Zero - PE File Signature
VirusTotal Search for analysis
Name 6526d6d5408ee456_tmp9A85.tmp.bat
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\tmp9A85.tmp.bat
Size 150.0B
Processes 2656 (None) 908 (cmd.exe)
Type DOS batch file, ASCII text, with CRLF line terminators
MD5 f86b8c9b714c0de455be2444d441b588
SHA1 f2c1adcfe13e5d7a97b774f04c98c9a8599e15c9
SHA256 6526d6d5408ee456c441f75344c7066aeef12c2eb789d9ff395994819c46cfe8
CRC32 3D822AFF
ssdeep 3:mKDDCMNqTtvL5omWxpcL4EaKC5zMJymqRDmWxpcL4E2J5xAInTRI2FGZPy:hWKqTtT6mQpcLJaZ5zYymq1mQpcLJ23b
Yara None matched
VirusTotal Search for analysis