Dropped Files | ZeroBOX

Name	897294786c1f4504_ss41.exe Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\ss41.exe
Size	333.0KB
Processes	2564 (undoo.exe)
Type	PE32+ executable (GUI) x86-64, for MS Windows
MD5	`f6483c480aabb6fa6a13f12fa39fdec5`
SHA1	`80866d5f1a4b9dbc33ba863bb63d6ba9517bf8e1`
SHA256	`897294786c1f4504936ebee9d82b42ed4ad3ac41a8ce6a21c57adca309233362`
CRC32	`8E7C0AD8`
ssdeep	`6144:6F18RIT6Ram4StJ3rXDW49KJ7SkD4DiaODgKYleQ4hfP:6wdpXDzo3DMmP`
Yara	UPX_Zero - UPX packed file Malicious_Library_Zero - Malicious_Library IsPE64 - (no description) PE_Header_Zero - PE File Signature
VirusTotal	Search for analysis

Name	4458a9df5275bedd_oneetx.exe Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\207aa4515d\oneetx.exe
Size	198.0KB
Processes	2756 (newplayer.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`f0033521f40c06dec473854c7d98fa8b`
SHA1	`28dadfe642a0c308e1f744b0d87a6d22dd6cd55a`
SHA256	`4458a9df5275bedd921127f4ff9dc63d4ac107f2e89cf46969e96f4c43d9f93e`
CRC32	`FC78977C`
ssdeep	`3072:7+3Z999+G2SeLaTkactpzQx6jvYESNtGkau5gf7oX7Uy+wXnfnPjt:7+H9wieuk1BQMjqNUtu5gToBv`
Yara	UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check Malicious_Library_Zero - Malicious_Library Malicious_Packer_Zero - Malicious Packer IsPE32 - (no description) PE_Header_Zero - PE File Signature
VirusTotal	Search for analysis

Name	a0bbc6932c38716c_35abf1e3.exe Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\35abf1e3.exe
Size	230.5KB
Processes	2564 (undoo.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`6ec093368eeb9e9e7c3275bb433a4e24`
SHA1	`1d426d981222ec95097bee800b553338aa025e1d`
SHA256	`a0bbc6932c38716c0203d91d7ea8f12088b9b43a1f184674dae924b3d7a317bc`
CRC32	`909690A8`
ssdeep	`3072:L+KDwnRSefWn6dLK6tzDWqpXmlfE10Vqinxl6UL85U+VSeRJSF:qKDwMYdrRTXUc0VZnl0RJi`
Yara	Malicious_Library_Zero - Malicious_Library IsPE32 - (no description) PE_Header_Zero - PE File Signature
VirusTotal	Search for analysis