popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 928d687238ceaf25_runpayload.bat
Submit file
Filepath C:\Users\test22\Documents\payload\runpayload.bat
Size 59.0B
Processes 1688 (None)
Type ASCII text, with CRLF line terminators
MD5 faa3a36e5e43f94f96476f385f85f5da
SHA1 cbe448c110643094f12efe8c65ce5983340e3f09
SHA256 928d687238ceaf25d996b883538b1a89dee1f0209def97ddb8d00fad41ee6b0b
CRC32 92574B21
ssdeep 3:5PmWxpg9l+HZ2TzgLov:NmQpSc2TTv
Yara None matched
VirusTotal Search for analysis
Name d4a0b137da29f33e_load.exe
Submit file
Filepath C:\Users\test22\Documents\payload\load.exe
Size 128.0MB
Processes 1688 (None)
Type PE32+ executable (console) x86-64, for MS Windows
MD5 4a7fc61b05bbe1f017df0122eedfddd3
SHA1 5e88390e1312905772167c02f5efc0e11aa78a7e
SHA256 f4059c813b3e28f607f36f04d9df8b5915fc0e56fc52e77a25c1bec6fba24c76
CRC32 853653AB
ssdeep 3072:n7WTOWDBkvTf5oEkrR187sEZcGxvjinOZ+U9LlmoGMMOkPRCEpZp3c:n7WTOWoTf0j87MGxvwMlpjUPpZdc
Yara
  • UPX_Zero - UPX packed file
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsPE64 - (no description)
  • Malicious_Packer_Zero - Malicious Packer
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name 2028f71bfbbb4573_54c0d883aacadbe2.customdestinations-ms
Submit file
Filepath c:\users\test22\appdata\roaming\microsoft\windows\recent\customdestinations\54c0d883aacadbe2.customdestinations-ms
Size 5.2KB
Processes 2160 (powershell.exe)
Type data
MD5 a645591850fc55a6fd1f021093cb06c4
SHA1 1cff5345f6a9eaacdf31683edcba02477c240d12
SHA256 2028f71bfbbb4573e3b1bd8951d401d9acf98118be7be1f1f96f10709da7b4ee
CRC32 EEA300A3
ssdeep 48:MsJR6hE+pRP8sJR6hE+pRxEH00baKSb3+SogZolxgUQlUVul:7/RSr/RQEH00VS7HwxWlUVul
Yara None matched
VirusTotal Search for analysis
Name 1e5621590f2ec588_payload.bin
Submit file
Filepath C:\Users\test22\Documents\payload\payload.bin
Size 71.3KB
Processes 1688 (None)
Type data
MD5 3867015a1781deafc7af0a74dead3b1e
SHA1 b99db4ee70c82eadf2c1e35d0998e58280fa4e72
SHA256 1e5621590f2ec588cc6a136246d770d42ecceee5edf7da6764c621cf7a1d6e52
CRC32 4C6A112A
ssdeep 1536:P5Qjzwlrvvq8HX2Z7Nu1c1GxHFRM5M6eKXBwLsy1ETqfvu+P4Rtsj5o:Pyzavvq8K7NgfRFRWMRKXBwLs/
Yara None matched
VirusTotal Search for analysis