popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 6eaa55f7bd411783_aug.vbs
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\aug.vbs
Size 196.3KB
Processes 2656 (wscript.exe)
Type ASCII text, with very long lines, with no line terminators
MD5 2725abf432ceeca35be3ac737c3f0847
SHA1 608ac3ed1248b3c35deec3ee55070d52b2c9d1a0
SHA256 6eaa55f7bd4117835ac0116d85b20fdcc35e1c461379dbac106d2c2c51d60516
CRC32 BD4E8450
ssdeep 6144:P1V/V9xOh9RfHD60Q/i0RB9cthBjDOaqIQrIcGPS:P1V/xONW/iHS
Yara
  • anti_vm_detect - Possibly employs anti-virtualization techniques
  • hide_executable_file - Hide executable file
VirusTotal Search for analysis
Name e6f25e5f34469cee_json[1]
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\json[1]
Size 272.0B
Type ASCII text, with no line terminators
MD5 521853ee87a1f112c190b7bae999e5c9
SHA1 f9ed422aa1a565e57dad33c6d0f0aa9dbc67df7a
SHA256 e6f25e5f34469ceef0834304069e9347d3a8bfeb682a8c38f3efe5ef3ca4d2b5
CRC32 4C2D3619
ssdeep 6:YWybuaKI4TIa6NrQrHL/kW027hM/b+1H/WXCzbWY:YWybu1ELheobcfWcbf
Yara None matched
VirusTotal Search for analysis
Name e8a54d74a20fc5f2_tempwinlogon.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Tempwinlogon.exe
Size 12.0B
Processes 2800 (wscript.exe)
Type data
MD5 62e498e6e43fc67a9da3c506f9a6d03d
SHA1 654a83bd70c43da23e0d618c8b3b6d638f5c2130
SHA256 e8a54d74a20fc5f2443ca26b69dd707fb15c03a37c7240fd1d73b733bd186b62
CRC32 D71DBCD0
ssdeep 3:5lWlr:5o
Yara
  • PE_Header_Zero - PE File Signature
VirusTotal Search for analysis