Dropped Files | ZeroBOX

Name	841fc466a01841b0_bz.exe Submit file
Filepath	C:\Users\Public\Videos\bz.exe
Size	26.3KB
Processes	1688 (curl.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`f97dd898670874b524df23d89dc6a12f`
SHA1	`98b76fd8b13e66e73215fc6f1f3b1d510d0d504d`
SHA256	`841fc466a01841b07d66a4e99f2695592f9fc02c7bd24e5f3d74259a345d5110`
CRC32	`B440DCE0`
ssdeep	`384:/T1sZrG2iPQWRErIYib+W42KKxPxh8E9VF0Ny5dF:/BsZa2mf+UYib+WnxPxWEj`
Yara	PE_Header_Zero - PE File Signature Antivirus - Contains references to security software IsPE32 - (no description)
VirusTotal	Search for analysis

Name	918f09129def9a87_play.exe Submit file
Filepath	C:\Users\Public\Videos\Play.exe
Size	261.0KB
Processes	2244 (bz.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`dbac27d5cd59776c37c8647980259fbb`
SHA1	`81684544284fc77f2297f39fdfb004f835c7f55e`
SHA256	`918f09129def9a8720ce512b77e77161e01d76849f0c9b21ee127be1e6202ec4`
CRC32	`EC9ECACF`
ssdeep	`6144:/FE3i2rmViqjnp41UPLaxuZ2/V3UeyxORlFWGnP6MxT:/FiipqGasMkdylvnd`
Yara	UPX_Zero - UPX packed file Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature Admin_Tool_IN_Zero - Admin Tool Sysinternals IsPE32 - (no description) Generic_Malware_Zero - Generic Malware
VirusTotal	Search for analysis

Name	a9b1dc8eaa5fcd00_d93f411851d7c929.customdestinations-ms Submit file
Filepath	c:\users\test22\appdata\roaming\microsoft\windows\recent\customdestinations\d93f411851d7c929.customdestinations-ms
Size	7.8KB
Processes	1844 (powershell.exe)
Type	data
MD5	`c1d8708bab1e838a2deda26d58bb8d42`
SHA1	`95d39e75a804752961c139bb6c0b67f84f685035`
SHA256	`a9b1dc8eaa5fcd0034694cf9742ae915a5932142a1477c3ab6fada45d98750b2`
CRC32	`E71AF2A2`
ssdeep	`96:QtuC6GCPDXBqvsqvJCwoFtuC6GCPDXBqvsEHyqvJCworFS7HwxWlUVul:QtbXoFtbbHnor/xo`
Yara	Antivirus - Contains references to security software Generic_Malware_Zero - Generic Malware
VirusTotal	Search for analysis