popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name eeee2b0a6ad1c7e4_6eehzf55.exe
Submit file
Filepath C:\Users\Public\Desktop\6EEHZF55.exe
Size 85.3KB
Processes 2576 (FPyuSqdES06O8vS.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 1cf9257c07936d7fbf508dc113e9b6d5
SHA1 324f8a1f0779fe42baabc544bc7f6814a3d150ca
SHA256 eeee2b0a6ad1c7e4614fed4dfbe58b63776f6a3a6758267b5a976b4dc4315f48
CRC32 D17A4691
ssdeep 1536:+UD86+VKgtoNMJiYkiW2yF4q/4i98+ayxpF0Kxn+7ygK/fM:RwlJnsiJyrQi98+ay+KqK/k
Yara
  • UPX_Zero - UPX packed file
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • Malicious_Packer_Zero - Malicious Packer
VirusTotal Search for analysis
Name 1d5ec85b49e01007_screen.jpeg
Submit file
Filepath C:\Users\test22\AppData\Roaming\ScreenShot\screen.jpeg
Size 21.2KB
Processes 2916 (7G19RCI8.exe)
Type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1024x768, frames 3
MD5 9158b0b801d8b4e343e879aed9787b98
SHA1 9d60bafdc466f38bc7588cbfd938ff0ac573473a
SHA256 1d5ec85b49e010073736b819c094aa09890818611b15b8e0f7b512fbf53af893
CRC32 D44A2448
ssdeep 384:Rq/K2h1Lmjrdd6/Fpgg2EIeZ192UJAqOQkC:RSph1Kjrqdpg55UjR4QkC
Yara
  • JPEG_Format_Zero - JPEG Format
VirusTotal Search for analysis
Name d366f0980a9c490f_tmpg669.tmp
Submit file
Filepath c:\users\test22\appdata\local\temp\tmpg669.tmp
Size 183.0KB
Processes 2576 (FPyuSqdES06O8vS.exe) 2916 (7G19RCI8.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 64a509a5d856c0e1bc482e64e5ea8556
SHA1 ac04f5364ce8df715bc99f9d7bae5725c18dde59
SHA256 d366f0980a9c490f3a9a2c6a7680d011899f345fd2d0bdc5c1642b436bbab262
CRC32 5B2F4018
ssdeep 3072:1ZGaTHmQUtUHQkH+wWtaiQGlIQZboLRF9ua/aHyvZRGd2ite:1ZjqQU4j7xGlVbA
Yara
  • Malicious_Library_Zero - Malicious_Library
  • UPX_Zero - UPX packed file
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • Is_DotNET_EXE - (no description)
  • Win32_Trojan_PWS_Net_1_Zero - Win32 Trojan PWS .NET Azorult
  • OS_Name_Check_Zero - OS Name Check Signature
  • OS_Memory_Check_Zero - OS Memory Check
  • OS_Processor_Check_Zero - OS Processor Check
  • Generic_Malware_Zero - Generic Malware
VirusTotal Search for analysis