popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 07b404896a30ff2e_pwgzoxwn.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\pwgzoxwn.exe
Size 147.5KB
Processes 2544 (shekinga2.1.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 744eb2a459e4d738c523abcbadac2693
SHA1 c8a0f9925f7132cef3e84571aef80e4be091b5db
SHA256 07b404896a30ff2e4df1123c0cf233837ec6c739af9b8ef7af9e038b612404ce
CRC32 20C376AC
ssdeep 1536:80VrreAQmNhPjP5eTnzZ/51Zsu0rOtxYIYniR0bjMb2yoFihLd+ccZws8jcdWN2O:/Vryir5oxAoGn2ojMy2Ld+hWNlpJiul
Yara
  • Malicious_Library_Zero - Malicious_Library
  • UPX_Zero - UPX packed file
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name 7f946dd4fb536d00_uoloch.kx
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\uoloch.kx
Size 503.1KB
Processes 2544 (shekinga2.1.exe)
Type data
MD5 a50ca5ceabbff92c860cad4e876d94e9
SHA1 30db3c6c9ff8d5536ae41daedad8cbd0907451e7
SHA256 7f946dd4fb536d00d0a749b783f9837836f419e50fef411e5d7cff8038002508
CRC32 A2CD0022
ssdeep 12288:/awjxfHAVhXaaUO2NM78M2Hp2mW3XRj4Gs5Fx:/RvAR2CZkomNFx
Yara None matched
VirusTotal Search for analysis
Name e3b0c44298fc1c14_nsgF0D8.tmp
Empty file or file not found
Filepath C:\Users\test22\AppData\Local\Temp\nsgF0D8.tmp
Size 0.0B
Type empty
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
CRC32 00000000
ssdeep 3::
Yara None matched
VirusTotal Search for analysis