popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name dd3704d5088c2f5d_succub.gaz
Submit file
Filepath C:\Users\test22\AppData\Roaming\paletz\Succub.Gaz
Size 207.5KB
Processes 1132 (kobee.exe)
Type data
MD5 5e3ae77abfd0ea14bd6b280e65153da3
SHA1 3c43c3655ffb2fe6362b4568d59b037d9b73a292
SHA256 dd3704d5088c2f5db1d0d064b31bd0e814316d8692ec1ccbe595babcd55a8089
CRC32 FE47CD2A
ssdeep 6144:czmGQ0w29zjMf1ty3mKqmSoMXPWnNfJc1ohy:KmGQp29m/mhMX+NfJmoI
Yara None matched
VirusTotal Search for analysis
Name f362c24176579bd6_frgeleje.med
Submit file
Filepath C:\Users\test22\AppData\Roaming\paletz\Melanochroi\Udrens\Frgeleje.med
Size 21.6KB
Processes 1132 (kobee.exe)
Type data
MD5 b8893c9b4ab1fc98976d08eb9cba03c2
SHA1 c181c91c879b8adc1cdcc921962fdc88e1c6d368
SHA256 f362c24176579bd60d8cbb27238289d157a9934b72a480b2eebc96698df780a2
CRC32 1B445EF4
ssdeep 384:rbofBj1ni4M4zVVRMpD51oqt4sAv2bmLL+TIGuvWLc6MQbI4cqh9z8KNmBsQGnHW:rKdtbMwVRMBt2DLvHUmK1nHW
Yara None matched
VirusTotal Search for analysis
Name 9d546e1bafda1d66_whort.kis
Submit file
Filepath C:\Users\test22\AppData\Roaming\paletz\Melanochroi\Udrens\whort.kis
Size 79.3KB
Processes 1132 (kobee.exe)
Type data
MD5 23df43239f622ddd50577a37329cdce1
SHA1 c54631a332be91be4a454c650f32877b0a66f533
SHA256 9d546e1bafda1d6673c74d5c47992d597c2ec5dbec44300407cbaffa725311b7
CRC32 99F8FA1E
ssdeep 1536:QdLmltPjlMHB/B6hgPO8sLbj//1F9rDfi++qOZL0+Y2xC:FlFjlMHB/B4gPjibj//9r7+qT+Y2xC
Yara None matched
VirusTotal Search for analysis
Name c2f405d7402f815d_system.dll
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\nscC465.tmp\System.dll
Size 11.5KB
Processes 1132 (kobee.exe)
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 9625d5b1754bc4ff29281d415d27a0fd
SHA1 80e85afc5cccd4c0a3775edbb90595a1a59f5ce0
SHA256 c2f405d7402f815d0c3fadd9a50f0bbbb1bab9aa38fe347823478a2587299448
CRC32 9463F62F
ssdeep 192:eX24sihno00Wfl97nH6BenXwWobpWBTtvShJ5omi7dJWjOlqSlS:D8QIl972eXqlWBFSt273YOlqz
Yara
  • IsDLL - (no description)
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
VirusTotal Search for analysis
Name e0debb2d651f92d4_interphase.out
Submit file
Filepath C:\Users\test22\AppData\Roaming\paletz\Aksialturbiner\svrtet\Beholderfabrikken\Redates\Interphase.Out
Size 18.5KB
Processes 1132 (kobee.exe)
Type ASCII text, with very long lines, with no line terminators
MD5 eaa471a689def785c89d54a94c834c53
SHA1 d12e501a09484e655ee212e6c2272917aca55d0c
SHA256 e0debb2d651f92d478c126e1c9bbbee0e7d479f25474d5dcb413fe9b76d124d8
CRC32 3FF3D7A7
ssdeep 384:r2zSsl51A4b11W2U+Qv1cBDmCoHv0NY+p4HpvkXd:ql51pW2Ujv1cBDm5Pupp4HpvkXd
Yara
  • Suspicious_Obfuscation_Script_2 - Suspicious obfuscation script (e.g. executable files)
VirusTotal Search for analysis
Name 6ed0a0d37b2ea1f3_abends.lka
Submit file
Filepath C:\Users\test22\AppData\Roaming\paletz\Aksialturbiner\svrtet\Beholderfabrikken\Redates\Abends.lka
Size 74.6KB
Processes 1132 (kobee.exe)
Type data
MD5 775b36e641accd3030a8df3ffc5bf9ca
SHA1 f08b661c07508b0aa174432e50399f96cbea1dd3
SHA256 6ed0a0d37b2ea1f355e879b18b06b17f7ce4cdafb33d990349cf54764be60091
CRC32 9A2713D6
ssdeep 1536:hCly0DOH76WsyJcq6sqMZvVbAlLMOTKoXJ6xmwPHu+rPLDBqIO:hCc7jsyYsnVbwTKrPHu0PfBqh
Yara None matched
VirusTotal Search for analysis
Name e3b0c44298fc1c14_nsgC212.tmp
Empty file or file not found
Filepath C:\Users\test22\AppData\Local\Temp\nsgC212.tmp
Size 0.0B
Type empty
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
CRC32 00000000
ssdeep 3::
Yara None matched
VirusTotal Search for analysis