popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 44e8aa0601fffe82_590aee7bdd69b59b.customDestinations-ms~RF4aa9f3.TMP
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-ms~RF4aa9f3.TMP
Size 7.8KB
Processes 2724 (powershell.exe) 2940 (powershell.exe)
Type data
MD5 ee6cfd78f72f03663db2a7df0c696dd7
SHA1 56126e81a5f6577f8e24a890185d0c9eb600fa02
SHA256 44e8aa0601fffe82c494bbc7d7280aa3bc5e90effe2aee2d716d5716e1d6b568
CRC32 F27137C4
ssdeep 96:EtuCcBGCPDXBqvsqvJCwoRtuCcBGCPDXBqvsEHyqvJCworu4tDHXyGlUVul:EtCgXoRtCgbHnorBTyY
Yara
  • Antivirus - Contains references to security software
  • Generic_Malware_Zero - Generic Malware
VirusTotal Search for analysis
Name e8d915e577acd6b1_man.bat
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\man.bat
Size 985.8KB
Processes 2552 (bonder.exe)
Type ASCII text, with very long lines, with CRLF line terminators
MD5 ddc7301d7dc9cc864196c1f2702c3b6f
SHA1 d9f5e4ea5eddf049a781d42034078ed9f687cb73
SHA256 e8d915e577acd6b125f25f7b46e20f6d4e261080d8e1790d6a221e8efb5f23b2
CRC32 51106A82
ssdeep 24576:zjY1i8tl8OvSM3/LXCURsHsLBiE4bEkqw:odv3S0B41
Yara
  • anti_vm_detect - Possibly employs anti-virtualization techniques
  • Antivirus - Contains references to security software
VirusTotal Search for analysis