popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 13ff1d9aee82f15e_bg.bmp
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\C06C.tmp\bg.bmp
Size 3.0MB
Processes 1540 (freebobux.bin.exe)
Type PC bitmap, Windows 3.x format, 1366 x 768 x 24
MD5 2229bdea09783e544015db10917ea91c
SHA1 9d8fd01f98f6de2f2889bc441847f25146190660
SHA256 13ff1d9aee82f15e4df8621c0b68ca31844bea8a0a5e5b194dfeabac7a646521
CRC32 770E329D
ssdeep 12288:xCdEghhbRsBDHzqdIqD8XrxMWJcQ8O4Po/833+/3kf7mf1YWlnl:dv00Mo/
Yara
  • bmp_file_format - bmp file format
VirusTotal Search for analysis
Name 9d99aa3263624e3a_freebobux.bat
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\C06C.tmp\freebobux.bat
Size 176.0B
Processes 1540 (freebobux.bin.exe)
Type DOS batch file, ASCII text, with CRLF line terminators
MD5 202d76eb2952aeb2e241c13defe48045
SHA1 34e26a3407288c7ea63bd1cd305c27b06b163386
SHA256 9d99aa3263624e3a9434af76bac620f71598c082b35504de738d1c04af079fab
CRC32 CD4BFEEE
ssdeep 3:mKDDbk41vdhHCLIhyGzgcH1vUVFG3AkHCLITGLKHXDBk+VyXMWFWCZmlWKJin:h84DhHpfgcHaWAkHpT8SXdYMWsCZmlBi
Yara None matched
VirusTotal Search for analysis
Name 13b4ec59785a1b36_CLWCP.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\C06C.tmp\CLWCP.exe
Size 505.0KB
Processes 1540 (freebobux.bin.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 e62ee6f1efc85cb36d62ab779db6e4ec
SHA1 da07ec94cf2cb2b430e15bd0c5084996a47ee649
SHA256 13b4ec59785a1b367efb691a3d5c86eb5aaf1ca0062521c4782e1baac6633f8a
CRC32 F24C981A
ssdeep 12288:kDupRTrjf1nJp2NLtVu4jPau4p+lE3dWq:SExrj1DAt84DaTU4dW
Yara
  • UPX_Zero - UPX packed file
  • mzp_file_format - MZP(Delphi) file format
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
VirusTotal Search for analysis
Name e3b0c44298fc1c14_C06C.tmp
Empty file or file not found
Filepath C:\Users\test22\AppData\Local\Temp\C06C.tmp
Size 0.0B
Type empty
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
CRC32 00000000
ssdeep 3::
Yara None matched
VirusTotal Search for analysis