popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 95b02477f274b456_umesd.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\umesd.exe
Size 255.0KB
Processes 2540 (marikolock2.1.exe) 2996 (cmd.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 42585eb02d6985fd4355100dc6d5bac8
SHA1 e81634c1bf49a6b4ff55925b6d58860174013599
SHA256 95b02477f274b4562972713da97379caffa9e7b9cc4eacbefe9762c131fde0cb
CRC32 8C86EF40
ssdeep 3072:URMYyMXr1c88/FG4YmC6kVhRl9P3DfwotaNB7J/cFchtoYZciOZheUrGE9aheAgx:USQi88cVhRl9bta7J/YchuiO/eiAOld
Yara
  • Malicious_Library_Zero - Malicious_Library
  • UPX_Zero - UPX packed file
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name e3b0c44298fc1c14_nseF07A.tmp
Empty file or file not found
Filepath C:\Users\test22\AppData\Local\Temp\nseF07A.tmp
Size 0.0B
Type empty
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
CRC32 00000000
ssdeep 3::
Yara None matched
VirusTotal Search for analysis
Name f8c2565240319ede_ksouyp.yie
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\ksouyp.yie
Size 205.1KB
Processes 2540 (marikolock2.1.exe)
Type data
MD5 163c5256afa3efab64c226450182b19e
SHA1 40155d241c83bec5dad6101c725d10b3d0963c1f
SHA256 f8c2565240319edeb88ea7f3f6aae624e6598c030e1ede0209af8dc14e68cc44
CRC32 BEEAF57D
ssdeep 6144:OaPLbr0a1CCtkZxBIvlMPSAiwuprS9wjG3kG:OaDDwdINMPSbjprSeU
Yara None matched
VirusTotal Search for analysis