Dropped Files | ZeroBOX

Name	13ce132c49ab6673_clip64.dll Submit file
Filepath	C:\Users\test22\AppData\Roaming\006700e5a2ab05\clip64.dll
Size	89.0KB
Processes	2156 (oneetx.exe)
Type	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5	`ee69aeae2f96208fc3b11dfb70e07161`
SHA1	`5f877b7ca02c4d476f2641bcee9ef5f3a4ab3cf6`
SHA256	`13ce132c49ab6673a4da35eb9ff11d71f1451ad1351417e99cf41db8d2f474d9`
CRC32	`250FCF6B`
ssdeep	`1536:bo4NPCKLbqoYkbpplW9YoUsxXzbcouNhj2ZszsWuKcdJUlhaB89p:boUCWbBNpplToUs1uNhj25LJUzaB89p`
Yara	UPX_Zero - UPX packed file Malicious_Library_Zero - Malicious_Library OS_Processor_Check_Zero - OS Processor Check IsDLL - (no description) IsPE32 - (no description) Admin_Tool_IN_Zero - Admin Tool Sysinternals PE_Header_Zero - PE File Signature
VirusTotal	Search for analysis

Name	340c8464c2007ce3_cred64.dll Submit file
Filepath	C:\Users\test22\AppData\Roaming\006700e5a2ab05\cred64.dll
Size	162.0B
Processes	2156 (oneetx.exe)
Type	HTML document, ASCII text, with CRLF line terminators
MD5	`1b7c22a214949975556626d7217e9a39`
SHA1	`d01c97e2944166ed23e47e4a62ff471ab8fa031f`
SHA256	`340c8464c2007ce3f80682e15dfafa4180b641d53c14201b929906b7b0284d87`
CRC32	`CC58D737`
ssdeep	`3:qVoB3tURObOb0qHXboAcMBXqWrKb0GklIVLLPROZ/eIwcWWGu:q43tIkObRHXiMIWObtklI5LPROeIpfGu`
Yara	None matched
VirusTotal	Search for analysis

Name	dea01b17d6e06c3b_oneetx.exe Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\595f021478\oneetx.exe
Size	229.0KB
Processes	3028 (lr967563.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`ee1f5f0e1168ce5938997c932b4dcd27`
SHA1	`b8c0928da3a41d579c19f44b9e1fef6014d06452`
SHA256	`dea01b17d6e06c3bdf6f5387faa77a788ce9726a3110db90294b2e207b3d51ed`
CRC32	`B366BD51`
ssdeep	`6144:AKVNIG75NpcElElt/DgK1yuFShFB22D+:95KE6LguFS7B4`
Yara	UPX_Zero - UPX packed file Malicious_Library_Zero - Malicious_Library OS_Processor_Check_Zero - OS Processor Check Malicious_Packer_Zero - Malicious Packer IsPE32 - (no description) PE_Header_Zero - PE File Signature
VirusTotal	Search for analysis