popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name b80a5cba69d1853e_system.dll
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\nsvF156.tmp\System.dll
Size 11.0KB
Processes 2564 (vbc.exe)
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 c9473cb90d79a374b2ba6040ca16e45c
SHA1 ab95b54f12796dce57210d65f05124a6ed81234a
SHA256 b80a5cba69d1853ed5979b0ca0352437bf368a5cfb86cb4528edadd410e11352
CRC32 D2D3E667
ssdeep 192:cPtkumJX7zBE2kGwfy9S9VkPsFQ1MZ1c:N7O2k5q9wA1MZa
Yara
  • IsDLL - (no description)
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
VirusTotal Search for analysis
Name e3b0c44298fc1c14_nsuF01C.tmp
Empty file or file not found
Filepath C:\Users\test22\AppData\Local\Temp\nsuF01C.tmp
Size 0.0B
Type empty
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
CRC32 00000000
ssdeep 3::
Yara None matched
VirusTotal Search for analysis
Name 66bb2c4ed480e0f9_folderviewimpl.dll.mui
Submit file
Filepath C:\Users\test22\AppData\Local\gasrrledningers\mellemkrigstiders\Forebyggelsesindgreb\Timbery\folderviewimpl.dll.mui
Size 5.5KB
Processes 2564 (vbc.exe)
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 c82f22f389c9e5583ba05b46ebf52afe
SHA1 14c4351bf9dc1ebf20dc8b159a3bc68e2da721cc
SHA256 66bb2c4ed480e0f9025949d40395e5b690a927f8dff077ecf2aa2656e62bb7fe
CRC32 53F5E896
ssdeep 96:aU4/A9BaaK0rpCbGTZgOaKHH8r+hLzK8mQ7G:aU3raJ0MbGTZgOJA+tQyG
Yara
  • IsDLL - (no description)
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
VirusTotal Search for analysis
Name 370e47364561fa50_nsexec.dll
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\nsvF156.tmp\nsExec.dll
Size 6.5KB
Processes 2564 (vbc.exe)
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 0a6f707fa22c3f3e5d1abb54b0894ad6
SHA1 610cb2c3623199d0d7461fc775297e23cef88c4e
SHA256 370e47364561fa501b1300b056fb53fae12b1639fdf5f113275bee03546081c0
CRC32 A7F53748
ssdeep 96:e97GUxNkO6GR0t9GKKr1Zd8NHYVVHp4dEeY3kRnHdMqqyVgN0u3e:eBXhHR0aTQN4gRHdMqJVgN0N
Yara
  • IsDLL - (no description)
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
VirusTotal Search for analysis
Name 9decdb3a8304ab3b_achromasia.cab206
Submit file
Filepath C:\Users\test22\AppData\Local\gasrrledningers\mellemkrigstiders\Forebyggelsesindgreb\Rhinoscopic\Medlemsblade12\Scudded100\Spada171\Achromasia.Cab206
Size 8.5KB
Processes 2564 (vbc.exe)
Type data
MD5 a1a190e5f0bcdd137d83d2efbbdf1beb
SHA1 3e2384a34a62364e82d7004a963fe81f345337da
SHA256 9decdb3a8304ab3beca9de6dd5dc4dbf1f4f0c5f41a425924fca633772bf4d53
CRC32 7F183BA0
ssdeep 192:VppgdL+nAWwuduBo4DXgxHNv3gl5ZKA+6x:zpcL+nzbduBVUZNvQl5ZKA+6x
Yara None matched
VirusTotal Search for analysis
Name 397f242aa956adcb_media-floppy-symbolic.svg
Submit file
Filepath C:\Users\test22\AppData\Local\gasrrledningers\mellemkrigstiders\Forebyggelsesindgreb\Timbery\media-floppy-symbolic.svg
Size 635.0B
Processes 2564 (vbc.exe)
Type SVG Scalable Vector Graphics image
MD5 d87191a72b45749aa10621ab608574e0
SHA1 dfaa424efdc480526023767cc87bcd44dbdbc92e
SHA256 397f242aa956adcb87bfb934b12969bd8baf82c2f64d37117d2698586c66e6ea
CRC32 BCA5D25F
ssdeep 12:t4CP5GD09xdHsEAKFwMxjhTpaAeW02KBXzMG0nKU71XilEUWgopK:t4CBGD01HsP3+JpaAeW0/WG0NZXilElM
Yara None matched
VirusTotal Search for analysis
Name 1b9b3244ef33adc1_system.runtime.extensions.dll
Submit file
Filepath C:\Users\test22\AppData\Local\gasrrledningers\mellemkrigstiders\Forebyggelsesindgreb\Rhinoscopic\Medlemsblade12\Scudded100\Spada171\System.Runtime.Extensions.dll
Size 16.6KB
Processes 2564 (vbc.exe)
Type PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 b879c937737592612dea79f330ea70b4
SHA1 59b3fb0be047b48cf6f8177f19298f6ad850b390
SHA256 1b9b3244ef33adc14a6b2af0c58489df0238cf1ccf6649e7648845d8af51ed0e
CRC32 BF05C355
ssdeep 384:z58KUByGe9xCEW62XWXNWqla/uPHRN7493LlqR:dpUByGeo0ZluMf
Yara
  • Is_DotNET_DLL - (no description)
  • IsDLL - (no description)
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
VirusTotal Search for analysis
Name d84a697593ebe939_stitredes.pro
Submit file
Filepath C:\Users\test22\AppData\Local\gasrrledningers\mellemkrigstiders\Forebyggelsesindgreb\Stitredes.Pro
Size 104.6KB
Processes 2564 (vbc.exe)
Type data
MD5 bab5b72c0ed0beb2f739ac285e6f8240
SHA1 07c67ea487bb7bdb49a431a3f07585d533606824
SHA256 d84a697593ebe93992311a87c2a909b7b4ef497d5b8165c2e2e32438a120191a
CRC32 84717398
ssdeep 3072:wmFk0y9SIb0JxGEag4XncV8gdBN+4ALkuY:wmFk0y9AzgXncVB+4wkB
Yara None matched
VirusTotal Search for analysis
Name 5530e66d1ffc7319_microsoft.win32.primitives.dll
Submit file
Filepath C:\Users\test22\AppData\Local\gasrrledningers\mellemkrigstiders\Forebyggelsesindgreb\Microsoft.Win32.Primitives.dll
Size 25.6KB
Processes 2564 (vbc.exe)
Type PE32+ executable (DLL) (console) x86-64 Mono/.Net assembly, for MS Windows
MD5 2384b705191968ec3d1eeb706e8dcf48
SHA1 796cb7863eb09e708d0464fc95b7d164ded50af2
SHA256 5530e66d1ffc7319e0a851dd5054289f236aecf0128451f57a6695e7aa732b76
CRC32 975024F9
ssdeep 384:4WhopWqlxON3cuWauxG9vQnByXhCuop43WV/uPHRN7ZUXTKAR9zhw:49lYN3ckuxGSnMXwEyMZUX289z2
Yara
  • IsDLL - (no description)
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature
VirusTotal Search for analysis
Name 888b8a81c8773d49_rustful.lnk
Submit file
Filepath C:\Users\test22\Documents\rustful.lnk
Size 966.0B
Processes 2564 (vbc.exe)
Type MS Windows shortcut, Item id list present, Has Relative path, ctime=Sun Dec 31 15:32:08 1600, mtime=Sun Dec 31 15:32:08 1600, atime=Sun Dec 31 15:32:08 1600, length=0, window=hide
MD5 2a23ab066c995db8dc0084ae5f39813c
SHA1 538aebbc8527627df5cd199b4f0cad9607cfee5a
SHA256 888b8a81c8773d49fccae3207026b92d7759839edcaa14d79c7f2ed30488350a
CRC32 978D342C
ssdeep 12:8gl0m2lqqdp88/ucdlbqK1HlA83qybXObdpYmHbqaXuzUN8d4t2YLEPKzlX8:88qdOjcnE83q9d9zQPy
Yara
  • Lnk_Format_Zero - LNK Format
VirusTotal Search for analysis