Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

Dropped Files | ZeroBOX

Name	58053ffbbfbfd918_qcgzumib.cre Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\qcgzumib.cre
Size	118.1KB
Processes	2056 (macrigan2.1.exe)
Type	data
MD5	`dafd097f7caec6d1840b0e64c59967b2`
SHA1	`09a70155fab7ac3efc6abfb2ab84c69cd6516f3b`
SHA256	`58053ffbbfbfd91863a1afbf7c11a51258c14b3c172faaffdba54a322685e5d6`
CRC32	`78D339C5`
ssdeep	`1536:PD7X11GFxGipBaw917GVGddVAjwWNxk1lkpiaXQJBVLxzQDsABGIYwDd0cCjtxNK:77jGFxppUK7AEWfk1lkp7KVtKrBldoR8`
Yara	None matched
VirusTotal	Search for analysis

Name	37f7013f02d3f257_yaybccuz.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\nskC11A.tmp\yaybccuz.dll
Size	104.5KB
Processes	2056 (macrigan2.1.exe)
Type	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5	`1ae523497be11c3d1bf27532733d7d4a`
SHA1	`84fe6e87fe3765fdba155f19dd4bfa14cc019bc5`
SHA256	`37f7013f02d3f257bec64c462e1df4a0c2c2e037f08770fa6f4d060f3e931b94`
CRC32	`F1E9FE9A`
ssdeep	`1536:nWHCQJBdtmToYN0s3Asw6ttlg76w2RAk28Jid7UUfq0Q11jfmVYGiAMc5:qZs3Akt6aJiKUfa2YiMc5`
Yara	Malicious_Library_Zero - Malicious_Library IsDLL - (no description) PE_Header_Zero - PE File Signature IsPE32 - (no description)
VirusTotal	Search for analysis

Name	e3b0c44298fc1c14_nsfC0F9.tmp Empty file or file not found
Filepath	C:\Users\test22\AppData\Local\Temp\nsfC0F9.tmp
Size	0.0B
Type	empty
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
CRC32	`00000000`
ssdeep	`3::`
Yara	None matched
VirusTotal	Search for analysis

Name	07dd531c1198ecf7_irbwgpl.exe Submit file
Filepath	C:\Users\test22\AppData\Roaming\kktpyhdm\irbwgpl.exe
Size	210.3KB
Processes	2056 (macrigan2.1.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
MD5	`c5f9705e5682c03412ec7ca32e22c17c`
SHA1	`4d9a5b318e609512ee049f37b89cbcc52d93ad8c`
SHA256	`07dd531c1198ecf78a9d85e26db1f642de2c06d7234f46f97941afbd28bb742f`
CRC32	`C18A527D`
ssdeep	`3072:6fY/TU9fE9PEtu0bzFrdlCvsJQ+NAPyY50ynTp4ExUmMnheVhgZR2dihmTV9J189:MYa6YzZdlC0G+UsIRxU8vbiC1/f8n9`
Yara	UPX_Zero - UPX packed file Malicious_Library_Zero - Malicious_Library NSIS_Installer - Null Soft Installer PE_Header_Zero - PE File Signature IsPE32 - (no description)
VirusTotal	Search for analysis

Name	baef043eedd86edf_cgsov.lj Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\cgsov.lj
Size	7.6KB
Processes	2056 (macrigan2.1.exe)
Type	data
MD5	`b54828eb4175a5bbba397fc479e7be17`
SHA1	`fc538951ec5890f63e6449692f63829c08e93540`
SHA256	`baef043eedd86edfc754f3fc4100728d2fe4f728cb9dad8265053936fc4dc9c3`
CRC32	`DFD3EBC0`
ssdeep	`192:2LsBtKXtqXeo18fXihX3qKaqL57hVgV3PPYiRVU2ZYGCsmI:/BtK9q78fUX33hhCPxFbC7I`
Yara	None matched
VirusTotal	Search for analysis