Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

Dropped Files | ZeroBOX

Name	45019feacbc0f134_njscxhqmv.exe Submit file
Filepath	C:\Users\test22\AppData\Roaming\ravfbktpyie\njscxhqmv.exe
Size	192.7KB
Processes	1904 (ojawar2.1.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
MD5	`6b43c223d7bf1db3d6287decf2504719`
SHA1	`81e9458c039fdb06f9fa365f3578ffcdfe7a4761`
SHA256	`45019feacbc0f134ab73298cacbd7283fed41bb664fd9336759b29bd249adb5c`
CRC32	`974412C6`
ssdeep	`3072:2fY/TU9fE9PEtuDb9w0Tf9g9Cg5tHlQGoksOZaFxnNwl3PJjttdjW/8ZKt6ak9:gYa6B9w079g9X3H1ysa/n05djIZ6L9`
Yara	UPX_Zero - UPX packed file Malicious_Library_Zero - Malicious_Library NSIS_Installer - Null Soft Installer PE_Header_Zero - PE File Signature IsPE32 - (no description)
VirusTotal	Search for analysis

Name	8bb82e5a2611521f_qgqenzmdjto.ine Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\qgqenzmdjto.ine
Size	118.3KB
Processes	1904 (ojawar2.1.exe)
Type	data
MD5	`803618d75ec67ef40d0768d47133397b`
SHA1	`16dcfa29b33068936a3338f7558923083d190917`
SHA256	`8bb82e5a2611521f1a36284db35a47f1c21b17fcff9e4a5bd42550e0d383ac38`
CRC32	`A0B00218`
ssdeep	`3072:OSVU7QTqcTAX7D3ajQhKtsIUWrLGA3yXjyVNn5hfz0Ic2n:OSVWQucTa7D3KTlUwfyXer5RYIci`
Yara	None matched
VirusTotal	Search for analysis

Name	4d6e75d7a8dcfe9d_eckbrzhv.xq Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\eckbrzhv.xq
Size	7.7KB
Processes	1904 (ojawar2.1.exe)
Type	data
MD5	`1b6321b339c1ec836dc98c202dbf0105`
SHA1	`40dc7875a195deded4653635f75f344add9811dc`
SHA256	`4d6e75d7a8dcfe9d54c1b5eb15e9bc2c98fb5a4bfe3ae1eb526b990712ec41cb`
CRC32	`3338D631`
ssdeep	`192:NeETCDfAGM3+GepCvLIjFCY9DwaxZappyaQEUZRa5cLbO:NemCjZJGepCvLKQY9DVZKpya4/aqL6`
Yara	None matched
VirusTotal	Search for analysis

Name	99a52f92cb1270b4_svyoyx.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\nslBEA9.tmp\svyoyx.dll
Size	39.5KB
Processes	1904 (ojawar2.1.exe)
Type	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5	`4a2aadf3e5c3e429367927472470b190`
SHA1	`18595a26c93dbefe1af4bf385fab3a10dd6ade95`
SHA256	`99a52f92cb1270b45d77c789577700099ef0f2c344ea928278b904865cd33bf1`
CRC32	`E0ABAF20`
ssdeep	`768:Wk1bpkEYxN31K/+27fTGT4E4TOeVEuFPQYcvvFRyU:WkZwAfqT4Epe5gFR7`
Yara	IsDLL - (no description) Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsPE32 - (no description)
VirusTotal	Search for analysis

Name	e3b0c44298fc1c14_nswBE98.tmp Empty file or file not found
Filepath	C:\Users\test22\AppData\Local\Temp\nswBE98.tmp
Size	0.0B
Type	empty
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
CRC32	`00000000`
ssdeep	`3::`
Yara	None matched
VirusTotal	Search for analysis