popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 14c181a8f4dde7da_unverified-microdesc-consensus
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\4kPv6aJG8e\unverified-microdesc-consensus
Size 2.6MB
Processes 2136 (sservc.exe)
Type ASCII text, with very long lines
MD5 b7243705ad7fd97ff13e261aa3bc1886
SHA1 314a30585515be60f32732204cc6266f782348af
SHA256 14c181a8f4dde7da36024ebac082e1c82e99a45b895016e5512a8594f49fdffc
CRC32 DFCAB946
ssdeep 12288:XI3GlSYDfOzB1g9UTbokx+IL++2WNY89jfW+Hx00YCbzgU/POGGqzQupcScQ7:wGk8Wo9UTbzgWCga60dCZO+QuSQ7
Yara None matched
VirusTotal Search for analysis
Name 46575290733ffc0a_state
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\4kPv6aJG8e\state
Size 209.0B
Processes 2136 (sservc.exe)
Type ASCII text, with CRLF line terminators
MD5 faa9f5e357aa5a283448621b17f79213
SHA1 67e27d753352544fa04dbd6816dceab94a1f0789
SHA256 46575290733ffc0aad5d596c672a5ededf32430e09d1f5590c1d6d479127f01a
CRC32 354DB3CB
ssdeep 6:SbdWwxXIr5W8PznXr87+QVe2vwR/Ep5fM8yWbQz:bwxX455PzXr87HVBvwNCUz
Yara None matched
VirusTotal Search for analysis
Name ed91e2df3bf4d7d2_cached-certs
Submit file
Filepath c:\users\test22\appdata\local\temp\4kpv6ajg8e\cached-certs
Size 20.4KB
Processes 2136 (sservc.exe)
Type ASCII text, with CRLF line terminators
MD5 5bf28f11fd668795d2c80d49ad25fe4d
SHA1 0dec92c99ba883a0d49c67097e23f43afdd29b54
SHA256 ed91e2df3bf4d7d23bc13a1738dd683a286a724496e583a889d928d0d45dfafa
CRC32 C0EB2E6B
ssdeep 384:PU4XVy41h9Yc2q48XVd91hMB/ea4igBVA1hrqtMY4QkV6icO1hMtqb50IU4mV91a:s2xi8nX982a9gBSyRBkoicOaqb+3jntO
Yara None matched
VirusTotal Search for analysis
Name 23eede37a39327d2_state
Submit file
Filepath c:\users\test22\appdata\local\temp\4kpv6ajg8e\state
Size 4.0KB
Processes 2136 (sservc.exe)
Type ASCII text, with very long lines, with CRLF line terminators
MD5 439c7162523b7ae80986f9e85baa6d17
SHA1 a64e9c31e7ed6e94a5f7239c43615a7675f173d5
SHA256 23eede37a39327d20530f74ad6002acd8aa06aad91632870a69354c954b7e59a
CRC32 DE19815F
ssdeep 48:cVgQxSss7Fw5rMA1iQeZKgiIUaJTt8k6M:2Uss7Fw54SeZKgi9aJt8k6M
Yara None matched
VirusTotal Search for analysis
Name 92f3c06a0ba8bc92_csrss.exe
Submit file
Filepath C:\ProgramData\Drivers\csrss.exe
Size 1.9MB
Processes 2136 (sservc.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 4f17e0e8d7f6931d86bcef776619a2b5
SHA1 0bb4fd9f5b2ab83b6dee04480b8e48a5f72b47fb
SHA256 92f3c06a0ba8bc92f1a39521ad2979b86ce409fe9892e5f578e23a48fd8aef46
CRC32 2A55294B
ssdeep 49152:lu1Cicgvix2ooeL/DIk40DHN1Bl7BclwqyW:lusGIUeLhzxRyBv
Yara
  • Malicious_Library_Zero - Malicious_Library
  • IsPE32 - (no description)
  • PE_Header_Zero - PE File Signature
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name 1a2b90808ba102cf_cached-microdescs.new
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\4kPv6aJG8e\cached-microdescs.new
Size 20.1MB
Processes 2136 (sservc.exe)
Type ASCII text, with very long lines
MD5 12924fce99cdf2b6eaf3a04bd45b65b0
SHA1 7f918eb8cd49c0bf506df4a9d59c6a5d7dd7efc7
SHA256 1a2b90808ba102cff3a17a56afb711ba90717d2071aa6b88687503cf4ca53148
CRC32 A29514B8
ssdeep 24576:p0JCgZo8VoFDqZBbejgSbjsn84sQtRX9iUXOnx7A8LLnGgVn57Vj8j4Eq/oTxyws:KrNabAxpI7mqkcxaq9GbbsNLRWEbKLOV
Yara
  • hide_executable_file - Hide executable file
VirusTotal Search for analysis