popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name f7b02278a2310a26_snake.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\snake.exe
Size 490.0KB
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 a338043c6b5260df6b7ce4c4ec3d1b80
SHA1 087a787a34ee05478bfa07b50fd39c8367b0a157
SHA256 f7b02278a2310a2657dcca702188af461ce8450dc0c5bced802773ca8eab6f50
CRC32 48B983E7
ssdeep 6144:/6ho3IhHN5ya1R64TxT8jWHgf8YJkVHC++VeQPBZnq0LZYSwFxQx9tw39b5wGuJB:irhtHxpmWHgf8Y6/Qp1nLiDKIwf
Yara
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • Is_DotNET_EXE - (no description)
  • Win32_Trojan_PWS_Net_1_Zero - Win32 Trojan PWS .NET Azorult
  • WhiteSnakeStealer_XOR - Detects WhiteSnake Stealer XOR version
VirusTotal Search for analysis
Name cfb05fff77b9b26d_port.dat
Submit file
Filepath C:\Users\test22\AppData\Local\y5aox5pi99\port.dat
Size 4.0B
Processes 2980 (snake.exe)
Type ASCII text, with no line terminators
MD5 c57168a952f5d46724cf35dfc3d48a7f
SHA1 3057153b64fd2455411534a93c8b74c0b8854807
SHA256 cfb05fff77b9b26d027b12c345d05bd1d453619318c52e827458b865860f6a85
CRC32 81E3E12F
ssdeep 3:en:e
Yara None matched
VirusTotal Search for analysis