Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

Dropped Files | ZeroBOX

Name	a1625a22d5286ec9_rtouejuajl.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\nshF00F.tmp\rtouejuajl.dll
Size	4.5KB
Processes	2560 (newamka2.1.exe)
Type	PE32 executable (DLL) (console) Intel 80386, for MS Windows
MD5	`2b5479b8d1df2abda24529bdf747183b`
SHA1	`4d394924556508d4e276f98d7ee580f073bf5ef1`
SHA256	`a1625a22d5286ec95e217c9a2995366225238bbc66a81b7634ee9c8b13c22933`
CRC32	`AB929ACE`
ssdeep	`48:qZV9aUKzeMi/es9Zyff0fwW/EbaMg0JOoqg51oAw90gb:szl9cfMfwp+JwdTW0`
Yara	UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check IsDLL - (no description) PE_Header_Zero - PE File Signature IsPE32 - (no description)
VirusTotal	Search for analysis

Name	9f41d460d531febf_faqvla.g Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\faqvla.g
Size	118.4KB
Processes	2560 (newamka2.1.exe)
Type	data
MD5	`67fe0ec397dac4571d8cc5a4fc9408fd`
SHA1	`fcfad03a2fcdbe5854cd7124d9369f580997093a`
SHA256	`9f41d460d531febf25a2e4095d82387b8700debf870ae82387f1a27af2256684`
CRC32	`937F96A2`
ssdeep	`3072:yLxUewimRAobgNFKf24vJysBir5fgzHJqX2MCNJ0lK6Anf:yr/NOrv7//fQte`
Yara	None matched
VirusTotal	Search for analysis

Name	e3b0c44298fc1c14_nsrEFAF.tmp Empty file or file not found
Filepath	C:\Users\test22\AppData\Local\Temp\nsrEFAF.tmp
Size	0.0B
Type	empty
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
CRC32	`00000000`
ssdeep	`3::`
Yara	None matched
VirusTotal	Search for analysis

Name	ddcb13f6db4575ad_rbkgpyueajs.exe Submit file
Filepath	C:\Users\test22\AppData\Roaming\jscxhqmv\rbkgpyueajs.exe
Size	163.6KB
Processes	2560 (newamka2.1.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
MD5	`21ffcbf147759f82745f07bfdb0662f4`
SHA1	`a5cf594634d1984592589c2335d4bf468319f997`
SHA256	`ddcb13f6db4575ad1983794aa82529e5c21ce34823c0270801f8ab9543b1ffba`
CRC32	`E03AE9E9`
ssdeep	`3072:cfY/TU9fE9PEtu+b+MXjULoSsr8cikLhzifVKCuzNGPL+xi0iCMy5GqG:KYa6a+M4Mh5iwmOHtLdG`
Yara	UPX_Zero - UPX packed file Malicious_Library_Zero - Malicious_Library NSIS_Installer - Null Soft Installer PE_Header_Zero - PE File Signature IsPE32 - (no description)
VirusTotal	Search for analysis

Name	b71e229e8cd6128b_qrria.h Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\qrria.h
Size	7.8KB
Processes	2560 (newamka2.1.exe)
Type	data
MD5	`93e90eb585c479ea5329fc5831de7df1`
SHA1	`e8dd94c3c0206d5083654ab3deea72f040e0c633`
SHA256	`b71e229e8cd6128b8ff18772f1c3062a6bdd4205bcbb2dc687511c96e90292e0`
CRC32	`4628FC56`
ssdeep	`192:2LsBtKXtqXeo18foj83qZUoktugaxfzLG+liU:/BtK9q78fg83IdPxfzVliU`
Yara	None matched
VirusTotal	Search for analysis