popup
Dropped Burrfers | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Buffers

Name d9a955580c3449a2a05bc42845828fc3d67c39d2
Size 192.0KB
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 d531bb3337dd514457c418f23c8b28b6
SHA1 d9a955580c3449a2a05bc42845828fc3d67c39d2
SHA256 9b2bd15cece6126b7656ec8d8ba54ea90d67b9abd3fd35211524a2a32db58a7d
CRC32 C0269D7A
ssdeep 3072:eb4wkNFr2kX4uOgmlX0JeaMan8eRQa2IidNhN12Du807zh+0X7SJMD0V80oiUbIw:eb4ukOwearnua2IizD12y80pxe18x5b1
Yara
  • win_formbook_auto - Detects win.formbook.
  • win_formbook_w0 - (no description)
  • Malicious_Library_Zero - Malicious_Library
  • Malicious_Packer_Zero - Malicious Packer
  • PE_Header_Zero - PE File Signature
  • Win_Trojan_Formbook_Zero - Used Formbook
  • IsPE32 - (no description)
VirusTotal Search for analysis
Name 00f842f8e5723f202e4c7420d9db1c9db5a7a1cd
Size 4.8KB
Type ASCII text, with very long lines, with no line terminators
MD5 f72857c061b266abdae835d8726f3865
SHA1 00f842f8e5723f202e4c7420d9db1c9db5a7a1cd
SHA256 10216386bde8a99e620611b6f9412deb22be590086bef8f8e67e8c4fd993d9ef
CRC32 EE33894B
ssdeep 96:8x1+EN3mxMkP+4mdYHgPvRYNzZfwhxThqqbRbMY8orXihMD:382xnPOYHUknqbhJ8oGY
Yara
  • Suspicious_Obfuscation_Script_2 - Suspicious obfuscation script (e.g. executable files)
VirusTotal Search for analysis
Name 31fd2eb09f9cc5bfdc80c2c1a598aabd28636e51
Size 158.0KB
Type data
MD5 a4659a85314a38a871e125ae97fdf044
SHA1 31fd2eb09f9cc5bfdc80c2c1a598aabd28636e51
SHA256 60810d880807309a557d300f60bd6dbb0b22ee3ca3d16cff584c9d810a9226d3
CRC32 F459D289
ssdeep 3072:6QM/yHusWnthQmvZ9bUXIf40YuMTuflkhNL2Du+0/1h+05NSJWK60V8KoiybODgX:6QM/yZwQmvUcIjKkDL2y+07xG987HbMA
Yara
  • Malicious_Library_Zero - Malicious_Library
VirusTotal Search for analysis
Name 4a0ff52e813f668b153d7825f04335b6d46c43fb
Size 184.5KB
Type data
MD5 076080758056d8ae166612ed603c35a3
SHA1 4a0ff52e813f668b153d7825f04335b6d46c43fb
SHA256 8b8d907811ab3a5be61de060f2e485146585df662daf46dfce136b0eb6562f32
CRC32 EBB2AB0A
ssdeep 3072:5b4wkNFr2kX4uOgmlX0JeaMan8eRQa2IidNhN12Du807zh+0X7SJMD0V80oiUbIw:5b4ukOwearnua2IizD12y80pxe18x5b1
Yara
  • win_formbook_auto - Detects win.formbook.
  • win_formbook_w0 - (no description)
  • Malicious_Library_Zero - Malicious_Library
  • Win_Trojan_Formbook_Zero - Used Formbook
VirusTotal Search for analysis