popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 5068c0915651bb87_nimam.g
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\nimam.g
Size 140.2KB
Processes 2552 (now.exe)
Type data
MD5 513a683b640f5031361f161e39a92c37
SHA1 9056e0833c17b9c17e988dc910c8f8d06217d31a
SHA256 5068c0915651bb87e048c6e44f0010fd69cdf433efada93bad6b4d010eeaabe8
CRC32 8109A36C
ssdeep 3072:XnfVxGRi4lI23EolgdZYFtdnZfgATlvT3GyAd3bnAX9ZyGw9aGyfS4B:XfVzan03LY7dnZrTlLO3jAXjzsCtB
Yara None matched
VirusTotal Search for analysis
Name 4c5aafde9ec37119_oxttdmmirr.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\ajff\oxttdmmirr.exe
Size 191.7KB
Processes 2552 (now.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
MD5 a740cb29c91bcad28266378943b0dc01
SHA1 048ddfd229c2b05a3a54191fb5608eec7344ba8c
SHA256 4c5aafde9ec3711992c73ffeabb62dbbc2f9cd2b0d398ba7783d7890f0704af0
CRC32 1780FDEC
ssdeep 3072:HfY/TU9fE9PEtuqbbi2jhnrE0kWFNwrzRwlzM8Pmw1bPhYNonE3znZJRjAFfXmKs:/Ya6ibpjuLWFKXRQzLOw0NonYJxCbopb
Yara
  • UPX_Zero - UPX packed file
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • NSIS_Installer - Null Soft Installer
  • IsPE32 - (no description)
VirusTotal Search for analysis
Name ab016c22984e705a_mxjnqrhnq.ds
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\mxjnqrhnq.ds
Size 7.7KB
Processes 2552 (now.exe)
Type data
MD5 cca7a82187ae11c2032c9c26b7b6880d
SHA1 397065c75a485bde041a606336daba1000582701
SHA256 ab016c22984e705a13157137e29c5afa36cec01bcc0425c4d9e9f60893a6b650
CRC32 3E4D6947
ssdeep 192:LWTtJD/vGJbz1z8T5abho60dpoFCO95aPxPunnwbcGj4qbMV9:KTtJLQb5z8T5abu6caFCODixPVl/bMV9
Yara None matched
VirusTotal Search for analysis
Name d42717e7214be80d_ysoqxc.dll
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\nscEE98.tmp\ysoqxc.dll
Size 22.5KB
Processes 2552 (now.exe)
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 d435ec30c198efbd7e361904d4c6dd72
SHA1 8bfda173adc5d523357594c7583f6d4cee3decd5
SHA256 d42717e7214be80d06a3d048a9bcf1ef3f8e29ee00daae246ef87ae6615ba66d
CRC32 5FB21EB7
ssdeep 192:eNaLkIAXmcxPhQc+Q8t4+gaECeZJaJewLRsutxFBXgGW8fEvMCALnN7kNt/E/ghz:maGlmEWsuPXjW8fPNQfEfoDCCtZBM23
Yara
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
  • IsDLL - (no description)
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
VirusTotal Search for analysis
Name e3b0c44298fc1c14_nsmEE38.tmp
Empty file or file not found
Filepath C:\Users\test22\AppData\Local\Temp\nsmEE38.tmp
Size 0.0B
Type empty
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
CRC32 00000000
ssdeep 3::
Yara None matched
VirusTotal Search for analysis