popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 77c7c10b4c860d5d_gpt.ini
Submit file
Filepath C:\Windows\SysWOW64\GroupPolicy\gpt.ini
Size 11.0B
Processes 1372 (good.exe)
Type ASCII text, with CRLF line terminators
MD5 ec3584f3db838942ec3669db02dc908e
SHA1 8dceb96874d5c6425ebb81bfee587244c89416da
SHA256 77c7c10b4c860d5ddf4e057e713383e61e9f21bcf0ec4cfbbc16193f2e28f340
CRC32 E4327249
ssdeep 3:1EX:10
Yara None matched
VirusTotal Search for analysis
Name 5d297b3a3e002667_fanbooster131.lnk
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FANBooster131.lnk
Size 1.1KB
Processes 1372 (good.exe)
Type MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Archive, ctime=Sun Dec 3 23:59:39 2023, mtime=Sun Dec 3 23:59:39 2023, atime=Mon Sep 26 19:57:22 2022, length=1540014, window=hide
MD5 2797ca79b216b88b04df3878e7c058c1
SHA1 71de6a94c69f6451c6fd7e49779d5f2fd1aa9ebf
SHA256 5d297b3a3e00266740546f003e0bc3940dc973bc02fca2b6b759ff478870fcf3
CRC32 8CB002C1
ssdeep 12:8iav9Eg4cZCrR8EvSWGR+/WmewscQ5M/1XcnAjAk6OLMKT812uawua4t2YLEPKzd:8zvWsERdqRfqswdAkcFcL6PyR
Yara
  • lnk_file_format - Microsoft Windows Shortcut File Format
  • Lnk_Format_Zero - LNK Format
VirusTotal Search for analysis
Name 92bbaf30871bd32d_gpt.ini
Submit file
Filepath C:\Windows\System32\GroupPolicy\gpt.ini
Size 272.0B
Processes 1372 (good.exe)
Type ASCII text, with CRLF line terminators
MD5 7d7b2946708e5254b8996d3ae964e0a7
SHA1 01e350de5cf78dd1ba5e8686fee884ff0f240e95
SHA256 92bbaf30871bd32d6fe34a6df757ad8acd375552918a80c45c935091c9df729e
CRC32 71B0380C
ssdeep 6:1WsMzYHxbnvEcvg+5Rnn3jGoanMzYHxbnPonn3k:1q0Hxbnt4UaM0HxbnX
Yara None matched
VirusTotal Search for analysis
Name 826172f90aa17ba8_registry.pol
Submit file
Filepath C:\Windows\System32\GroupPolicy\Machine\Registry.pol
Size 6.2KB
Processes 1372 (good.exe)
Type data
MD5 05c4079110b8f65ec083182e2d870e04
SHA1 0b2d16dd8575c6f87c6bd66267cdf8eaba363a11
SHA256 826172f90aa17ba887682da7277b444c06513177653d727acbb146a2308af3a7
CRC32 8B58FA6A
ssdeep 192:FlRRCDN74hvoD5KL0+fLfYT7CcAzXEP0IhYY4WwDiZ:nRRCDN74hvoDEL0+fLf27CcAzXEP02Y0
Yara
  • Generic_Malware_Zero - Generic Malware
VirusTotal Search for analysis
Name 33718370d9e5f046_rise131m9asphalt.tmp
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\rise131M9Asphalt.tmp
Size 13.0B
Processes 1372 (good.exe)
Type ASCII text, with no line terminators
MD5 eedf6273314d36d419b606cc974ab76d
SHA1 4fde4e6c281b552c1c20828d00cac94968dd0fbf
SHA256 33718370d9e5f0461faf795f8678fcd207aee9757c5d496eb34cdf0afe2861f5
CRC32 46C95232
ssdeep 3:L+Thsn:x
Yara None matched
VirusTotal Search for analysis