popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 373fde85a13e0af8_tmp3445.tmp
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\tmp3445.tmp
Size 1.6KB
Processes 300 (HTML.exe)
Type XML 1.0 document, ASCII text, with CRLF line terminators
MD5 6f69054cd982a8c25d0a5436b09491ed
SHA1 eb37f633976e3521478362679ef9e2794ac3ca42
SHA256 373fde85a13e0af862a07776bdb27844585ca1e6a3dc57040e95aa8743127b71
CRC32 6436F3A2
ssdeep 24:2dH4+SEqCH/7IlNMFQ/rlMhEMjnGpwjpIgUYODOLD9RJh7h8gKBa0tn:cbhf7IlNQQ/rydbz9I3YODOLNdq3sy
Yara None matched
VirusTotal Search for analysis
Name cef638c80808c085_pajmbrib.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\PaJmBrIB.exe
Size 581.5KB
Processes 300 (HTML.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 0c86e968796f80b0e5c091b3270ce88b
SHA1 4b8cac21c67d776a6f1e834191b6091236248e73
SHA256 cef638c80808c085c6ad3382a2c0d1f664a0cba324a178fa2acdd572a193eac5
CRC32 237631E0
ssdeep 12288:8awpemS7q1GV1ysvF5kJEqD1DqbQpkMwuINF9ypvrab3ZTsGD/si:8awpemS7qM6sd6JdpPpHvlabJTe
Yara
  • PE_Header_Zero - PE File Signature
  • Admin_Tool_IN_Zero - Admin Tool Sysinternals
  • IsPE32 - (no description)
  • Is_DotNET_EXE - (no description)
  • Win32_Trojan_PWS_Net_1_Zero - Win32 Trojan PWS .NET Azorult
VirusTotal Search for analysis