popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 14bf28372022bf28_tbtcoinx.dll
Submit file
Filepath C:\Users\test22\indregistreringernes\Misdemeanor\Dronningerunde\Lawyered\Alleve\tbtcoinx.dll
Size 402.0KB
Processes 3012 (SO785000670065_GK3G46943006_PO#BGMRE23028.exe)
Type PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5 9f746bac46ae73d4762ee7ba7ddffcdc
SHA1 b03764f1e228d031742c9ddb88a553c8f829a131
SHA256 14bf28372022bf28495b26c6cb2f2cdac0a8b701a486833c523b5df064e0843b
CRC32 11C4A53B
ssdeep 6144:AMe6nIr8AWe77JH6pAAJyD8kUPLPGY85sfvZm3/IVFB3kWN0r3V38T6sIR:AMe6nIr8RgtUPLPGY85sfv834nQ3W6VR
Yara
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
  • IsDLL - (no description)
  • Malicious_Library_Zero - Malicious_Library
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature
VirusTotal Search for analysis
Name e033cf82c3278442_cauliform.com
Submit file
Filepath C:\Users\test22\indregistreringernes\Cauliform.Com
Size 163.3KB
Processes 3012 (SO785000670065_GK3G46943006_PO#BGMRE23028.exe)
Type dar archive, label "00007a00 5900007d 0001"
MD5 0575f44f39108af1132c0ab34e38c4fc
SHA1 04de9cbea3fa98d00fa8190180d5894116242fbf
SHA256 e033cf82c3278442ef44a8da942d560302061caaa4831239acf925fd6df31358
CRC32 A8A0026E
ssdeep 3072:cxqJc0TNcQ2Xdb6UahZPmRqzB7WgMXFAlNJw8wwxsNwaI20vUcHdnAZWGNr:cxqJzIN4ej71AbTwwxsNwTjUQAIQ
Yara None matched
VirusTotal Search for analysis
Name b7c3fc789287af9c_ficklehearted.chi
Submit file
Filepath C:\Users\test22\indregistreringernes\Ficklehearted.chi
Size 15.9KB
Processes 3012 (SO785000670065_GK3G46943006_PO#BGMRE23028.exe)
Type ASCII text, with very long lines, with no line terminators
MD5 f10b31e84b4ab816214d5edfc4282717
SHA1 d92cd3082c38eeaad5a947eeb3602b817a095a6c
SHA256 b7c3fc789287af9ca0f277cf46438a839f3333b2f8c2107ffa73a5e6ba6a5778
CRC32 F3ADC69C
ssdeep 192:GYdCM59lh40G6pgOagqPKOrGuyRkNzXCOsR0RQ6/pguHTRUtwLgF1Uklo:GYdCMY0FbnCZrN7/yex2trzUkK
Yara
  • Suspicious_Obfuscation_Script_2 - Suspicious obfuscation script (e.g. executable files)
VirusTotal Search for analysis
Name d07afee9199e6cbf_libffi-7.dll
Submit file
Filepath C:\Users\test22\indregistreringernes\libffi-7.dll
Size 29.6KB
Processes 3012 (SO785000670065_GK3G46943006_PO#BGMRE23028.exe)
Type PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
MD5 43c639b6ba8415f94b8fc27a96042650
SHA1 07ed717e5032f2025f759ef484fc25178922768c
SHA256 d07afee9199e6cbf406f7e6a7f9673296bda5244e5ca79a37177226f12801d35
CRC32 F06681C6
ssdeep 384:PC9/Hckzur4W7phM9EsXbD37e9t8TlfJJD+QiUZ5ZqtIsNYF5VYJO0mnwrRCXWxU:q9UkeXMNXbD37e9LUZfqtkLVYJXuWc
Yara
  • IsDLL - (no description)
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature
VirusTotal Search for analysis
Name 548aa8422a228617_sl.txt
Submit file
Filepath C:\Users\test22\indregistreringernes\Misdemeanor\Dronningerunde\Lawyered\Alleve\sl.txt
Size 8.4KB
Processes 3012 (SO785000670065_GK3G46943006_PO#BGMRE23028.exe)
Type UTF-8 Unicode (with BOM) text, with CRLF line terminators
MD5 7004b98d09316e84156b91c54888c9d4
SHA1 39c8681e497dde4ccffa3bf8d15b53627757ece8
SHA256 548aa8422a228617b30fbd448d03c38c3a11d010051a24544cf8ae479314acd8
CRC32 2F7629DA
ssdeep 192:iGCcUhGAoKfrxHa5Qn6dq5OSsZf1G1huHF8fY1oTraGAF7S+pVss0Bu2mXXF6OG:iJhFoKlZZoZ9Gi52rChEmXAOG
Yara None matched
VirusTotal Search for analysis
Name a632d74332b3f08f_system.dll
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\nsj2E50.tmp\System.dll
Size 11.5KB
Processes 3012 (SO785000670065_GK3G46943006_PO#BGMRE23028.exe)
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 75ed96254fbf894e42058062b4b4f0d1
SHA1 996503f1383b49021eb3427bc28d13b5bbd11977
SHA256 a632d74332b3f08f834c732a103dafeb09a540823a2217ca7f49159755e8f1d7
CRC32 BFE90AC5
ssdeep 192:X24sihno0bW+l97H4GB7QDs91kMtwtobTr4u+QHbazMNHT7dmNIEr:m8vJl97JeoxtN/r3z7YV
Yara
  • IsDLL - (no description)
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
VirusTotal Search for analysis
Name 2647746c3f2852df_camera-hardware-disabled-symbolic.symbolic.png
Submit file
Filepath C:\Users\test22\indregistreringernes\camera-hardware-disabled-symbolic.symbolic.png
Size 216.0B
Processes 3012 (SO785000670065_GK3G46943006_PO#BGMRE23028.exe)
Type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
MD5 6f86f050b74e4fc04a1f375e8e2744a9
SHA1 3060a2ba1be38388dc86fb43e3826b1045407551
SHA256 2647746c3f2852df0693865d4ebdc22fd6aae4e725f8ea13c263766c98afb787
CRC32 EB3CC391
ssdeep 6:6v/lhPysbg1s0zIRU4MNfxwp/Dn4fqUz41p:6v/77gfzIm4aqprnRb
Yara
  • PNG_Format_Zero - PNG Format
VirusTotal Search for analysis
Name e3b0c44298fc1c14_nsw2834.tmp
Empty file or file not found
Filepath C:\Users\test22\AppData\Local\Temp\nsw2834.tmp
Size 0.0B
Type empty
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
CRC32 00000000
ssdeep 3::
Yara None matched
VirusTotal Search for analysis
Name 634f35d00b9d8683_star-new-symbolic.svg
Submit file
Filepath C:\Users\test22\indregistreringernes\Misdemeanor\Dronningerunde\Lawyered\Alleve\star-new-symbolic.svg
Size 477.0B
Processes 3012 (SO785000670065_GK3G46943006_PO#BGMRE23028.exe)
Type SVG Scalable Vector Graphics image
MD5 3462840d81dd6b6720f85220aa0c8204
SHA1 36495d96171d85e7bfa7e48ab628c36848022fb2
SHA256 634f35d00b9d868329afee87175473bc400a61c23854fa56c4deef606c72a666
CRC32 9889C376
ssdeep 12:t4CDqwlzOeKguLrl82+R/adinvsQZS246oprGu9A0/:t4CdOJgjVSQnvsgSZ/rGul/
Yara None matched
VirusTotal Search for analysis