Dropped Files | ZeroBOX
Name 3c8cea1a86f07b01_x
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\x
Size 11.6KB
Type ASCII text, with CRLF line terminators
MD5 1882f3dd051e401349f1af58d55b0a37
SHA1 6b0875f9e3164f3a9f21c1ec36748a7243515b47
SHA256 3c8cea1a86f07b018e637a1ea2649d907573f78c7e4025ef7e514362d09ff6c0
CRC32 C4D9CC2A
ssdeep 192:Ljafl1gt6iUq/l0ZQjGNxYoanyJfjvB0BXmqqTZhXBnaRL9znQ32z8h0:L29mtJUui1any9Bn/RaRL06
Yara
  • Suspicious_Obfuscation_Script_2 - Suspicious obfuscation script (e.g. executable files)
VirusTotal Search for analysis
Name a3d5715a81f2fbeb_memz.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\MEMZ.exe
Size 14.5KB
Processes 296 (cscript.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 19dbec50735b5f2a72d4199c4e184960
SHA1 6fed7732f7cb6f59743795b2ab154a3676f4c822
SHA256 a3d5715a81f2fbeb5f76c88c9c21eeee87142909716472f911ff6950c790c24d
CRC32 D987E890
ssdeep 192:sIvxdXSQeWSg9JJS/lcIEiwqZKBkDFR43xWTM3LHn8f26gyr6yfFCj3r:sMVSaSEglcIqq3agmLc+6gyWqFCj
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
VirusTotal Search for analysis
Name aa01b8864b43e920_x.js
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\x.js
Size 448.0B
Type ASCII text, with CRLF line terminators
MD5 8eec8704d2a7bc80b95b7460c06f4854
SHA1 1b34585c1fa7ec0bd0505478ac9dbb8b8d19f326
SHA256 aa01b8864b43e92077a106ed3d4656a511f3ba1910fba40c78a32ee6a621d596
CRC32 C7D4F068
ssdeep 12:KiN1ZxJbVCWiutHvBmjUXgYzxLElp3OxZIQv:JPxPCWDtPBmgX2ROxu6
Yara None matched
VirusTotal Search for analysis
Name 44c1857b1c4894b3_z.zip
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\z.zip
Size 8.5KB
Processes 296 (cscript.exe) 2200 (cmd.exe)
Type Zip archive data, at least v2.0 to extract
MD5 63ee4412b95d7ad64c54b4ba673470a7
SHA1 1cf423c6c2c6299e68e1927305a3057af9b3ce06
SHA256 44c1857b1c4894b3dfbaccbe04905652e634283dcf6b06c25a74b17021e2a268
CRC32 2948C001
ssdeep 192:egFudZs7gU52m4qi2hvimtucysYSM3lRNm5wy2k89QPaNmCpCfAKgW:SdZs7n52mbFimtuckPXEKyuGSXCfAKx
Yara
  • zip_file_format - ZIP file format
VirusTotal Search for analysis