popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name c6d07eab679f2308_setup.bat
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\7z63AF8A10\Files\setup.bat
Size 39.0B
Processes 2576 (Acx_w01.exe)
Type DOS batch file, ASCII text, with CRLF line terminators
MD5 86fbd561582a9d5ecf1eb52bc54ec42e
SHA1 128f6280f7a957dae031b74972d7a4f91b31001d
SHA256 c6d07eab679f23083846eedf9c032e4593f058be9a87b4869eaa84881fef24ad
CRC32 143DF017
ssdeep 3:mKDDEJM8zv9KW:hQCdW
Yara None matched
VirusTotal Search for analysis
Name 25d2643a712fa2c4_amox.dll
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\7z63AF8A10\Files\Amox.dll
Size 2.5MB
Processes 2576 (Acx_w01.exe)
Type PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5 bec0c29ce35e1d47491b8ea23ea897b6
SHA1 c4489b01bd47c7cb00f4824b7538f0a0b8244e64
SHA256 25d2643a712fa2c43a9051c2c5c3f0d8a4f217b8894c33031fe3d4b09a07a0bc
CRC32 13F7B18E
ssdeep 24576:x1IAZlGH5dDU54JswIJ4M0M5ntFZVJUpk9kELws+lG/gpZSCj7U+N9H5+qNUf+EB:xm9vo5tjqwhj+lG/EZ/9jiPhUaT
Yara
  • Malicious_Library_Zero - Malicious_Library
  • IsDLL - (no description)
  • IsPE64 - (no description)
  • Malicious_Packer_Zero - Malicious Packer
  • PE_Header_Zero - PE File Signature
VirusTotal Search for analysis
Name 44e8aa0601fffe82_590aee7bdd69b59b.customDestinations-ms~RF1a68b43.TMP
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-ms~RF1a68b43.TMP
Size 7.8KB
Processes 2864 (powershell.exe) 2972 (powershell.exe)
Type data
MD5 ee6cfd78f72f03663db2a7df0c696dd7
SHA1 56126e81a5f6577f8e24a890185d0c9eb600fa02
SHA256 44e8aa0601fffe82c494bbc7d7280aa3bc5e90effe2aee2d716d5716e1d6b568
CRC32 F27137C4
ssdeep 96:EtuCcBGCPDXBqvsqvJCwoRtuCcBGCPDXBqvsEHyqvJCworu4tDHXyGlUVul:EtCgXoRtCgbHnorBTyY
Yara
  • Generic_Malware_Zero - Generic Malware
  • Antivirus - Contains references to security software
VirusTotal Search for analysis