popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 50ca5b262e54127a_acommander.lnk
Submit file
Filepath C:\Users\test22\Desktop\ACommander.lnk
Size 959.0B
Processes 2568 (install-alevrola.exe)
Type MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive, ctime=Wed Apr 28 07:54:28 2010, mtime=Sun Jul 23 15:09:51 2023, atime=Wed Apr 28 07:54:28 2010, length=2018816, window=hide
MD5 92a97e718b6f2aa8270a323d2668bb89
SHA1 9ef31666e27dadc3ef964868067d6a23fc244d6d
SHA256 50ca5b262e54127a648caa43999c07a7a3e0d5bde2b33361d6b904f75f97b4e0
CRC32 EC082B93
ssdeep 12:8mYeASmO4cZCrR8EvSE7o1SLSXfYOApYAuizCCOLAHx2hMJBwYOWhA//MJBwYOPn:8mAsERdqitOizNZfHOWlfHOPia
Yara
  • Lnk_Format_Zero - LNK Format
VirusTotal Search for analysis
Name 83d41816cb1ff3f8_10.png
Submit file
Filepath C:\Users\test22\AppData\Roaming\ACommander\faq\images\10.png
Size 174.7KB
Processes 2568 (install-alevrola.exe)
Type PNG image data, 580 x 655, 8-bit/color RGB, non-interlaced
MD5 9c4cd50b9d0ac39fadc52bd12947f25a
SHA1 6dfef238efb202337bae4e2523591c5d5b8700d4
SHA256 83d41816cb1ff3f89eba10708a7d9f42810d8cd3dbaec8aace08a172196aff52
CRC32 6D68D881
ssdeep 3072:oCe6g3xkcrOL3OdvY2NT4jiHBJF9m9TxweQ8R6ePXt3LsIwxW8Efu:Hg3xuTopNhm9VwzqJPX1sIwxWO
Yara
  • PNG_Format_Zero - PNG Format
VirusTotal Search for analysis
Name a593de72f8fbed5b_guide.html
Submit file
Filepath C:\Users\test22\AppData\Roaming\ACommander\faq\guide.html
Size 7.7KB
Processes 2568 (install-alevrola.exe)
Type HTML document, ASCII text, with very long lines, with CRLF, CR line terminators
MD5 c4e8e30cc37c897cf53c9abb76f3a4b3
SHA1 62b4e6511bda521c6e9f1e106400e56c1e5ec267
SHA256 a593de72f8fbed5ba799bc68578f77c0e2c073873fb9beb8761d69774f5f5bfe
CRC32 24DA72BC
ssdeep 192:Sqgy/jSKBH4hHQTpSHF9qjIfFW7RsvQuUU/Mv6tZ/X5mJ0OAA43FCpE:SspVwF4jIfg76vtQJ0R9
Yara None matched
VirusTotal Search for analysis
Name 0ef4aefcf5d91baf_ccmain.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\ACommander\ccmain.exe
Size 1.9MB
Processes 2568 (install-alevrola.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 9d324fda21e5a4d1406a5f52d24de181
SHA1 419c8b892782f6d4465bb5aeb52bcbb5ff651efe
SHA256 0ef4aefcf5d91bafb365688b6d433fb997c2cbffce9b99b3d83d9d0d5eca13bd
CRC32 5ACA9C78
ssdeep 24576:u+4FjTCktGXB8nFNpKtHQ4nZ5sgHGtTGAuIAcvi7ssmiHu/7FvbBq64gwTOW:acPcyjfITGRcq7ssm6u/7W64T6W
Yara
  • UPX_Zero - UPX packed file
  • mzp_file_format - MZP(Delphi) file format
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • Generic_Malware_Zero - Generic Malware
VirusTotal Search for analysis
Name cca0421a0cbb8277_07.png
Submit file
Filepath C:\Users\test22\AppData\Roaming\ACommander\faq\images\07.png
Size 44.7KB
Processes 2568 (install-alevrola.exe)
Type PNG image data, 535 x 425, 8-bit/color RGB, non-interlaced
MD5 ce9ce14e68eec3216ddccff9580d6e8f
SHA1 2d2748ed1f6136fbefcf1243408c78d24b206201
SHA256 cca0421a0cbb82778e344cde43e6382864b3824121a0cb5c2e3d94081f5fb8c4
CRC32 7DD32CBA
ssdeep 768:D35Rs1BuOkPq2eDluNr1X6H5m34S2ujpjwTmVlUdDYD1yIwJi8inA8nr0c:fs1BuxPq2c8Q5m34ZQkqlvD15wJ/QDF
Yara
  • PNG_Format_Zero - PNG Format
VirusTotal Search for analysis
Name 330a893717396970_06.png
Submit file
Filepath C:\Users\test22\AppData\Roaming\ACommander\faq\images\06.png
Size 47.2KB
Processes 2568 (install-alevrola.exe)
Type PNG image data, 535 x 425, 8-bit/color RGB, non-interlaced
MD5 a4038b0cbcc3c12b14fe6e6ab592dbdd
SHA1 24710c9b0af30c1a9a1f79bacdf99378633ce477
SHA256 330a8937173969707a79ec84c79030d03281f920453f7de916795846b5c8a96e
CRC32 383977A9
ssdeep 768:D35AMGLsZX4M5syrMrd+ZclS9yortAJaHFUaNXgrOQyWZ53nkfiN:pUsZIK8d+ZfnfHyWWJyWZFniiN
Yara
  • PNG_Format_Zero - PNG Format
VirusTotal Search for analysis
Name 0acca4892a4f939e_08.png
Submit file
Filepath C:\Users\test22\AppData\Roaming\ACommander\faq\images\08.png
Size 41.8KB
Processes 2568 (install-alevrola.exe)
Type PNG image data, 535 x 425, 8-bit/color RGB, non-interlaced
MD5 935584884d7b957d25692a61517800c4
SHA1 72bedc04c3869cbb4480b9090bcd7ef13b18899d
SHA256 0acca4892a4f939eaf6dd47d50fa0aac48b1f25e244ff725d4fd252f3e85178f
CRC32 1D4CDD88
ssdeep 768:D35uiAUZRhaLbDM+H4jgVoVs0SPXVNj2a2DYDmfnQSk7qrh8ZmtNkcJU:EizhIbYW4yhX/2a2Om/QSxiw/NU
Yara
  • PNG_Format_Zero - PNG Format
VirusTotal Search for analysis
Name 481c4b755b9cdf96_settings.ini
Submit file
Filepath C:\Users\test22\AppData\Roaming\ACommander\settings.ini
Size 187.0B
Processes 2568 (install-alevrola.exe)
Type ASCII text, with CRLF line terminators
MD5 de0176639116006dfb5359f9c61012ec
SHA1 02eb55f51ed08fc43ed13859bffff7cfb8aebbd7
SHA256 481c4b755b9cdf969e291ec0856fbcef319d85a375065c9f6ba9a47089c9f567
CRC32 6E185CF5
ssdeep 3:1yUYEJyovWeGKxtdb7DXzKlQnHKKB4yYEkEKX2TJovlWX1O:1yUYg7vWab7LoeK85KX2TJovlWXY
Yara None matched
VirusTotal Search for analysis
Name d3f8a4867d2fc736_05.png
Submit file
Filepath C:\Users\test22\AppData\Roaming\ACommander\faq\images\05.png
Size 52.7KB
Processes 2568 (install-alevrola.exe)
Type PNG image data, 535 x 425, 8-bit/color RGB, non-interlaced
MD5 ab73f465d6c5ca6938d63364a9fd301a
SHA1 4f2d97e6c7e2a77bb4b3c08c0616a873f6f1e284
SHA256 d3f8a4867d2fc736d52aeb401d7e842a50dca4458daeefbb478597ef281e5f49
CRC32 44B441A4
ssdeep 1536:Us248vTrOb+3ySf6gsxgounTPnfCB5iLKYxe:UpIb+ZCDluTPf/Pxe
Yara
  • PNG_Format_Zero - PNG Format
VirusTotal Search for analysis
Name ed4bdca9b4c07bff_ccagent.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\ACommander\ccagent.exe
Size 538.0KB
Processes 2568 (install-alevrola.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 a7b7ef0b23721640b4bc80be4e32cc11
SHA1 9ddff6eb60ec5344b75c5c96bb5c58f3fc4553a1
SHA256 ed4bdca9b4c07bffb2f43a223aa5d5624da6962a1fa1b7709ba90a6ae5ac0b57
CRC32 C4102D2A
ssdeep 12288:UD+cJIuxZTnppvbSo2XIuhihS2pr/Jqjkb6G888888888888W88888888888k6:KbTppGo2Xcfkj1k
Yara
  • UPX_Zero - UPX packed file
  • mzp_file_format - MZP(Delphi) file format
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
VirusTotal Search for analysis
Name 2d3d8743611dc344_uninstall.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\ACommander\uninstall.exe
Size 65.5KB
Processes 2568 (install-alevrola.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
MD5 25405dcd6046bec06e53eadd08a074c3
SHA1 6e4a0d83306117a2d5c62dc2b0a229b95b37c703
SHA256 2d3d8743611dc344ea7d20b5e2f6c6bb2a3dbf871388dd35e1179af5272a27b4
CRC32 00B8DE4D
ssdeep 1536:7kbVPa75jAbamlLUeK/n0p4tmJ3cWZmQmQmxWGH6tuE/1s2SXiMl5Dovxj+hh:IbVPqMLS0WmJMymQmQmcG3E9s2giM0vw
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
VirusTotal Search for analysis
Name aa82ddbe7e97e643_09.png
Submit file
Filepath C:\Users\test22\AppData\Roaming\ACommander\faq\images\09.png
Size 135.1KB
Processes 2568 (install-alevrola.exe)
Type PNG image data, 535 x 425, 8-bit/color RGB, non-interlaced
MD5 78054ad81a7814f3c747596943dc552c
SHA1 01f1e4c968d4e02a9b5e818a125cb19a794d74aa
SHA256 aa82ddbe7e97e643b9b03f736c81a9141520a382ecda3043426dbe71448e0911
CRC32 4CE15705
ssdeep 3072:DjQC/uFxT6MRQ53EWuxqHVta7J/uCGKLpRwMiy:YBFx1y3BiqHKmCGcpRYy
Yara
  • PNG_Format_Zero - PNG Format
VirusTotal Search for analysis