Dropped Files | ZeroBOX

Name	5514e5a91e4b192c_bstyoops.exe Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\c2868ed41c\bstyoops.exe
Size	6.9MB
Processes	2652 (a3e34cb.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`57794b001e1e8c4917aaa864268fec36`
SHA1	`825e7a4c79f47d61df14a140398c2770ab22fb65`
SHA256	`5514e5a91e4b192cae4f78fc9d4d10641704c3778d0fd418f305b081ba5b9862`
CRC32	`CDFA2D3D`
ssdeep	`196608:gbJEeOGZPuknu4TNAzGx2tXuqIg1YJwPj:gbaElhDSus1YJwPj`
Yara	UPX_Zero - UPX packed file Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature VMProtect_Zero - VMProtect packed file IsPE32 - (no description)
VirusTotal	Search for analysis

Name	8a6e1479d2efdd7e_bra.exe Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\1000057051\BRA.exe
Size	2.7MB
Processes	2816 (bstyoops.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`d5bddbbbf64a97dc0e98d4db2b675fb3`
SHA1	`aeef4f429b68100f46f4a91000b7d593f0ef1462`
SHA256	`8a6e1479d2efdd7ef244c34512a6a8b9c23df2b86374641a07473e4f00f5b457`
CRC32	`75B69512`
ssdeep	`49152:FQ1ePnjF0mHcIhQHDYtgya/O9gLxuze5qqVAc/NSIsTCvNm+ov2jiCJEmLahm7HM:HbFN8Ie5O9gLxuGq6nNuGvNmXu+CFahL`
Yara	UPX_Zero - UPX packed file Is_DotNET_EXE - (no description) PE_Header_Zero - PE File Signature themida_packer - themida packer IsPE32 - (no description)
VirusTotal	Search for analysis

Name	a216650a36498389_sf64r.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\1000058061\sf64r.dll
Size	6.2MB
Processes	2816 (bstyoops.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`374d8e8089ecf5f1a161514d1b346432`
SHA1	`cf3b7d0b7a80a64a5e5a02cf0ea1b588ca0ce0d0`
SHA256	`a216650a36498389a10434af63324705ac991f815bae1ba65d9ecf31f71862de`
CRC32	`F919DD44`
ssdeep	`98304:BtEdRaCU9BlAa/WtuNABPUM6fgGYa3+HQ6JF4VbFofo4eM5YavbJ9nEv:BtEL8WXtB2kUw14bafo4B5YaTJ9nEv`
Yara	IsDLL - (no description) IsPE64 - (no description) Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature
VirusTotal	Search for analysis