popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name be95bccc949fa88b_win.exe
Submit file
Filepath C:\Program Files\Windows NT\win.exe
Size 32.0KB
Processes 2672 (smss.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 0d34a5f97ae366a48c3c47017004d1bc
SHA1 fc5be63cbc1af64ef23f853eb9598361bf025aba
SHA256 be95bccc949fa88be42961ff957d0012faea53f51b71bf75d88044945b78b932
CRC32 90F174B7
ssdeep 384:uTkWKqDfSFnhadpwhmC+GIYVgg1l+JHnjbIla6U4t9yN1x4dT:uNjLOnhaQhKBgiJHIl04KzGdT
Yara
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
  • Malicious_Packer_Zero - Malicious Packer
  • IsPE32 - (no description)
  • PE_Header_Zero - PE File Signature
  • Antivirus - Contains references to security software
  • Malicious_Library_Zero - Malicious_Library
VirusTotal Search for analysis
Name cc4ac477d151b0f2_TemporaryFile
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\7263406\TemporaryFile\TemporaryFile
Size 1.2KB
Type Little-endian UTF-16 Unicode text, with CRLF, CR line terminators
MD5 05ea375cdd537c28b36b46e8eac63ff9
SHA1 dc0f5fc471e8f4ecb9353caf93238fd837853ab8
SHA256 cc4ac477d151b0f21260adfc10a91070b8a6279eddd81e80d077148dcab4fa3c
CRC32 142DD88A
ssdeep 24:QChVTepUjYCuna5D6Ufe7SnL2uD2FWaHI370RJepUjclHdytRFdy4:tKpqY1na52ed6WaHI370RApqUHduFdZ
Yara None matched
VirusTotal Search for analysis
Name 68f138cb55fdaef6_TemporaryFile
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\7263109\TemporaryFile\TemporaryFile
Size 27.7KB
Type PE32+ executable (native) x86-64, for MS Windows
MD5 3357c324de7bf59e305fa9032ba590d9
SHA1 9653e8156ea34cc2917ad7d988ec8bb00d3d53ac
SHA256 68f138cb55fdaef61b6897af7a9643ec98ab27a3b32679472256e5c14747e8e6
CRC32 D4B49183
ssdeep 384:+NDGQbeOX82FclB5N2rGgvdcpeOX8j6RB5N20P:+N7KOs2uBj6vdrOsj6RBjz
Yara
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature
VirusTotal Search for analysis
Name cd96e18da320ba4a_TemporaryFile
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\7263406\TemporaryFile\TemporaryFile
Size 281.6KB
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 665d90fc3264e6f0b3a2b2e4fc715caf
SHA1 268b5aef1f700c4a27c33678b614601261e71616
SHA256 cd96e18da320ba4ac313d3a189776d7defbea7098cf53156b1e4b680eb9e4c68
CRC32 06B4B74C
ssdeep 6144:Ipb0nofW70cc6rX8aZAG7p4q5LmSVNR/XnzBvqi3TFRL9QolQ:Ipb/fk5iGVbgshDBvqijFvRlQ
Yara
  • IsPE32 - (no description)
  • PE_Header_Zero - PE File Signature
VirusTotal Search for analysis
Name abd4afd71b3c2bd3_srvany.exe
Submit file
Filepath C:\Windows\srvany.exe
Size 8.0KB
Processes 2556 (B.exe)
Type PE32 executable (console) Intel 80386, for MS Windows
MD5 4635935fc972c582632bf45c26bfcb0e
SHA1 7c5329229042535fe56e74f1f246c6da8cea3be8
SHA256 abd4afd71b3c2bd3f741bbe3cec52c4fa63ac78d353101d2e7dc4de2725d1ca1
CRC32 0578991A
ssdeep 96:8ldfxd/yKaP64DMI1XT3kaiyMlH38ZldnXFADkYLyAFdfcdTbGu00C:mSP64DMI1DkHMZ36kYLxFdfcdnGu00C
Yara
  • IsPE32 - (no description)
  • PE_Header_Zero - PE File Signature
VirusTotal Search for analysis
Name 747618a8c380249e_smss.exe
Submit file
Filepath C:\Program Files\Windows NT\smss.exe
Size 295.7KB
Processes 2556 (B.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 95c5281f68d37a162fcd1b679fdaff5e
SHA1 aaf0aa94ae3917f81c7f0b731827df142481d8ff
SHA256 747618a8c380249ee66e65ece0c48cc71d19cfeaa2bf7850a93b80f980556d60
CRC32 C56FC497
ssdeep 6144:R9GfgEwSdJ4P3ZBeNIX8ikIEjFoEiWnIGhOG517kR4n7i/XpQZyKHvw22yEc:RQ4+d6PJBqIIZlnIXIAWSXCyKHY22rc
Yara
  • IsPE32 - (no description)
  • PE_Header_Zero - PE File Signature
VirusTotal Search for analysis