popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 478aa272d465eaa4_cred64.dll
Submit file
Filepath C:\Users\test22\AppData\Roaming\465dbc52837d81\cred64.dll
Size 1.1MB
Processes 2680 (Utsysc.exe)
Type PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5 1c27631e70908879e1a5a8f3686e0d46
SHA1 31da82b122b08bb2b1e6d0c904993d6d599dc93a
SHA256 478aa272d465eaa49c2f12fc141af2c0581f569ccf67f628747d90cc03a1e6a9
CRC32 487753B1
ssdeep 24576:OGKcuUK9Jyi+Uj+TGHWTZNyMuB/J/TO/pYmea+Xo45qG:o9Jyi+UjyGGZNyMur/TO/qb4Uq
Yara
  • Malicious_Library_Zero - Malicious_Library
  • UPX_Zero - UPX packed file
  • infoStealer_browser_b_Zero - browser info stealer
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
  • IsPE64 - (no description)
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name 9e6e4772050998a5_readme.txt
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\_Files_\readme.txt
Size 10.0B
Type ASCII text, with no line terminators
MD5 eb6b6c90251ab33cee784713c451e6d8
SHA1 451685e9efac4a6dc1fee73ec53ffb6b2c4c38b5
SHA256 9e6e4772050998a5c0dc3c61acf3dab0a7e594566171fa5746d6b62f9598efb6
CRC32 22598B08
ssdeep 3:IS:7
Yara None matched
VirusTotal Search for analysis
Name b0a0d0e7b5b2f26c_832866432405
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\832866432405
Size 23.5KB
Processes 2680 (Utsysc.exe)
Type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1024x768, frames 3
MD5 4e932ed378358a4b81014fff48597da7
SHA1 8dd87501cc567a97d798f1c317e5c6c5684552bd
SHA256 b0a0d0e7b5b2f26c3ce8732646538fdc3d5e72b36fe664869a9797ed36a0dc31
CRC32 A796C4E8
ssdeep 384:0JaiPMgnbQA5s9D6wdhBEmz1+tisunPiI2Zx:0Abus9D6wdDEmp+t3a27
Yara
  • JPEG_Format_Zero - JPEG Format
VirusTotal Search for analysis
Name 9da10d7b75c589f0_utsysc.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\ea7c8244c8\Utsysc.exe
Size 307.0KB
Processes 2556 (abd.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 b6d627dcf04d04889b1f01a14ec12405
SHA1 f7292c3d6f2003947cc5455b41df5f8fbd14df14
SHA256 9da10d7b75c589f06f1758ed8e3c0335b9a738d0ad1317c48e380bca768bdddf
CRC32 20C054AF
ssdeep 6144:G77rhGafhHSBwHRqGJbdbZI44SGe4s8Lu67rvAOveiZavLb:G7rRSSHRnJfIrscu67TZhavL
Yara
  • Malicious_Library_Zero - Malicious_Library
  • UPX_Zero - UPX packed file
  • Malicious_Packer_Zero - Malicious Packer
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name 5abe79606e600275_832866432405
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\832866432405
Size 23.7KB
Processes 2680 (Utsysc.exe)
Type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1024x768, frames 3
MD5 f9c9cb9b9a9f1e3d65c56d7101ae10ac
SHA1 cc6de1be3b1122df5aebefde878d29865f31a729
SHA256 5abe79606e6002757363346cbdf3b5fb3b9240a3540a2099fc76d17ec3bdeb8a
CRC32 59FDB0AC
ssdeep 192:WfJaLyOeTVezoJqNdIheZH18isdgVM/cBhjeEKm3RDNLhM1O6PO5c:0JaiPk7vZAq6UhjRpSxPOC
Yara
  • JPEG_Format_Zero - JPEG Format
VirusTotal Search for analysis
Name da0bf5520986c2fb_clip64.dll
Submit file
Filepath C:\Users\test22\AppData\Roaming\465dbc52837d81\clip64.dll
Size 102.0KB
Processes 2680 (Utsysc.exe)
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 ceffd8c6661b875b67ca5e4540950d8b
SHA1 91b53b79c98f22d0b8e204e11671d78efca48682
SHA256 da0bf5520986c2fb92fa9658ee2fcbb07ee531e09f901f299722c0d14e994ed2
CRC32 CDB79102
ssdeep 3072:bHEjxEfCk+EeY22JosmvWuQRRIQrT7xUD0YNS60Z:DsqqdLsOWuQRbaHNS60Z
Yara
  • Malicious_Library_Zero - Malicious_Library
  • UPX_Zero - UPX packed file
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
  • IsPE32 - (no description)
  • Win_Amadey_Zero - Amadey bot
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis