popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 77c7c10b4c860d5d_gpt.ini
Submit file
Filepath C:\Windows\SysWOW64\GroupPolicy\gpt.ini
Size 11.0B
Processes 2624 (good.exe)
Type ASCII text, with CRLF line terminators
MD5 ec3584f3db838942ec3669db02dc908e
SHA1 8dceb96874d5c6425ebb81bfee587244c89416da
SHA256 77c7c10b4c860d5ddf4e057e713383e61e9f21bcf0ec4cfbbc16193f2e28f340
CRC32 E4327249
ssdeep 3:1EX:10
Yara None matched
VirusTotal Search for analysis
Name 7866ebb9b9256b10_information.txt
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\grandUIAPxJS06_4X1y0Z\information.txt
Size 2.8KB
Processes 2624 (good.exe)
Type ASCII text
MD5 5190ec85609626eed8985ac655f711b3
SHA1 5e3c75b6e25f1bac3c322394632f24d99014d3f8
SHA256 7866ebb9b9256b1010d5dfdde7475dfacd2baa28133fc0e92ce29dbda10b03f3
CRC32 F6E97C93
ssdeep 48:tVataFLnq+sDIEFRMScxiqh392GoxyqcjRSQUz/pJ6L+DeqH+rZvuolQ2oa6L1R6:twe88EPwuDEjRwpJfDeqHOxuolQ2oa6S
Yara None matched
VirusTotal Search for analysis
Name 5f409f7d4c38360a_rise131m9asphalt.tmp
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\rise131M9Asphalt.tmp
Size 13.0B
Processes 2624 (good.exe)
Type ASCII text, with no line terminators
MD5 d0a21bf2057698aa9c4abb43b4c1d717
SHA1 00de86e0d255f4ee7cec36dc4feb7ccc75e51322
SHA256 5f409f7d4c38360aba65ba7a9db351ae14507bbdddc285a2e386b802e1091106
CRC32 87EAE40F
ssdeep 3:L+SVvdKT:RR8T
Yara None matched
VirusTotal Search for analysis
Name 92bbaf30871bd32d_gpt.ini
Submit file
Filepath C:\Windows\System32\GroupPolicy\gpt.ini
Size 272.0B
Processes 2624 (good.exe)
Type ASCII text, with CRLF line terminators
MD5 7d7b2946708e5254b8996d3ae964e0a7
SHA1 01e350de5cf78dd1ba5e8686fee884ff0f240e95
SHA256 92bbaf30871bd32d6fe34a6df757ad8acd375552918a80c45c935091c9df729e
CRC32 71B0380C
ssdeep 6:1WsMzYHxbnvEcvg+5Rnn3jGoanMzYHxbnPonn3k:1q0Hxbnt4UaM0HxbnX
Yara None matched
VirusTotal Search for analysis
Name 16187ff9b5096b21_D87fZN3R3jFeplaces.sqlite
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\posterBoxPxJS06_4X1y0Z\D87fZN3R3jFeplaces.sqlite
Size 5.0MB
Type SQLite 3.x database, user version 69, last written using SQLite version 3038003
MD5 837705c24eaa032145b6f82119af4eea
SHA1 7d38a13b37105ef0f6c24c585de581949616f32c
SHA256 16187ff9b5096b217d405d1492c115a096f8d63d72befbf5851e19b61581f857
CRC32 8BF87D31
ssdeep 192:StsqHQnwkYjcoBMc+uK6ik4QtjJz3ig48pp0:StsbwVTBMc+uK6ikPpJz3E8
Yara None matched
VirusTotal Search for analysis
Name 826172f90aa17ba8_registry.pol
Submit file
Filepath C:\Windows\System32\GroupPolicy\Machine\Registry.pol
Size 6.2KB
Processes 2624 (good.exe)
Type data
MD5 05c4079110b8f65ec083182e2d870e04
SHA1 0b2d16dd8575c6f87c6bd66267cdf8eaba363a11
SHA256 826172f90aa17ba887682da7277b444c06513177653d727acbb146a2308af3a7
CRC32 8B58FA6A
ssdeep 192:FlRRCDN74hvoD5KL0+fLfYT7CcAzXEP0IhYY4WwDiZ:nRRCDN74hvoDEL0+fLf27CcAzXEP02Y0
Yara
  • Generic_Malware_Zero - Generic Malware
VirusTotal Search for analysis
Name 5ee454eb05fcbbc0_02zdBXl47cvzHistory
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\posterBoxPxJS06_4X1y0Z\02zdBXl47cvzHistory
Size 120.0KB
Type SQLite 3.x database, last written using SQLite version 3021000
MD5 64202674f6acaafa94c3390b0cc720b9
SHA1 38c8537feccfaabb095805d290af69272aeb32f1
SHA256 5ee454eb05fcbbc0ac1ff5662ba2be1f22688ddb97d3cc357d4da5cff5b5e5e9
CRC32 3685166F
ssdeep 48:TGjDU66tTKfxNPp+suktLReRK+NaUvdWSZ00LTL0drQHHp7C5fVcS2+VANUXq6uG:BeJQpWSZ00LTL0QCbc0VANPjwQU+
Yara None matched
VirusTotal Search for analysis
Name 512e4e95427a8c66_5lop_S5WM5ERCookies
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\posterBoxPxJS06_4X1y0Z\5lop_S5WM5ERCookies
Size 36.0KB
Type SQLite 3.x database, last written using SQLite version 3021000
MD5 f4c540f52d5c08d24a79805eda1d7abf
SHA1 22be46826df7693f58736adb232ab2da790f2571
SHA256 512e4e95427a8c66b2993b27bb23d99cdab2ebd6e9e8937c7f6a39ed8c6a5b94
CRC32 95C9FB3A
ssdeep 24:TLmg/5UcJOyTGVZTPaFpEvg3obNmCFk6Uwcc85fB34444z:T5/ecVTgPOpEveoJZFrU1cQB34444z
Yara None matched
VirusTotal Search for analysis
Name b8b76f7a1ad3ae2d_grmuKE1Hgf9ZvclFJNQei8RWGp9MZUEs.zip
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\grmuKE1Hgf9ZvclFJNQei8RWGp9MZUEs.zip
Size 1.6KB
Processes 2624 (good.exe)
Type Zip archive data, at least v2.0 to extract
MD5 5a7c7b8f2a0aeb83e4fb400cd15402af
SHA1 cb2e109fdbcc63f661f3f7aa42257c965e1144e9
SHA256 b8b76f7a1ad3ae2d49a08b48498b150968446d52f39b2ab92380eebc7662936c
CRC32 1FFEFB7A
ssdeep 48:9Zy2QHdvri75i5QDjZ1mud8rMWNwXcFWy/fw:7dQHdjs56K9M7rMgBFi
Yara
  • zip_file_format - ZIP file format
VirusTotal Search for analysis
Name 0b8607fdf72f3e65_02zdBXl47cvzcookies.sqlite
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\posterBoxPxJS06_4X1y0Z\02zdBXl47cvzcookies.sqlite
Size 96.0KB
Type SQLite 3.x database, user version 12, last written using SQLite version 3038003
MD5 d367ddfda80fdcf578726bc3b0bc3e3c
SHA1 23fcd5e4e0e5e296bee7e5224a8404ecd92cf671
SHA256 0b8607fdf72f3e651a2a8b0ac7be171b4cb44909d76bb8d6c47393b8ea3d84a0
CRC32 842B3569
ssdeep 12:DQAwfWk73Fmdmc/OPVJXfPNn43etRRfYR5O8atLqxeYaNcDakMG/lO:DQAwff32mNVpP965Ra8KN0MG/lO
Yara None matched
VirusTotal Search for analysis
Name 204a93e1274c57f4_passwords.txt
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\grandUIAPxJS06_4X1y0Z\passwords.txt
Size 4.8KB
Processes 2624 (good.exe)
Type UTF-8 Unicode text, with CRLF line terminators
MD5 974cc190d5703018c01ce08b904e227b
SHA1 b4f0f2a72907fcf9551846411a7221f60a88f97d
SHA256 204a93e1274c57f489adb21e0bf56064624582bb3b79fd59ba779ec8a137d8ff
CRC32 C32C1308
ssdeep 48:tMMMMMMMMMMdMMMM1MMMMMMMM1MMMMMMMM1MMMMMMMM1MMMMMMMMMMdMMMMMMMME:m
Yara None matched
VirusTotal Search for analysis
Name bbc59eb43822e646_Ei8DrAmaYu9KLogin Data
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\posterBoxPxJS06_4X1y0Z\Ei8DrAmaYu9KLogin Data
Size 18.0KB
Type SQLite 3.x database, last written using SQLite version 3021000
MD5 53ea322f91d6f0de8448b68583284d22
SHA1 b6c835867fbf7e432b834f7366eb0407f3eebbfa
SHA256 bbc59eb43822e64660cc4ccbca37d6dc016eaa9b85b2c6f5b40826bb03188b34
CRC32 CA013001
ssdeep 24:LLY10KL7G0TMJHUyyJtmCm0XKY6lOKQAE9V8MffD4fOzeCmly6Uwc6ocW:4z+JH3yJUheCVE9V8MX0PFlNU12W
Yara None matched
VirusTotal Search for analysis
Name 9a8ea0e2df7554c5_D87fZN3R3jFeWeb Data
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\posterBoxPxJS06_4X1y0Z\D87fZN3R3jFeWeb Data
Size 72.0KB
Type SQLite 3.x database, last written using SQLite version 3021000
MD5 0539a773e44d21a84fd97fee0dffd4a3
SHA1 5904058c20aad54c552edc57826babd36ab61149
SHA256 9a8ea0e2df7554c57fb4ee6a8a12782f5a2474a3e4c23dc61e4768631dc4eb9f
CRC32 964BC0B2
ssdeep 96:P0CWo3dOOctAYyY9MsH738Hsa/NTIdE8uKIaPdUDFBlrrVY/qBOnx4yWTJereWbY:PXt769TYndTJMb3j0
Yara None matched
VirusTotal Search for analysis
Name 546f3425bb7d15f0_fanbooster131.lnk
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FANBooster131.lnk
Size 1.1KB
Processes 2624 (good.exe)
Type MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Archive, ctime=Sun Dec 3 23:59:46 2023, mtime=Sun Dec 3 23:59:46 2023, atime=Mon Sep 26 19:48:00 2022, length=1540001, window=hide
MD5 9b619890074ae0f430335c4532a0e2a4
SHA1 fd9ddf6a5748258317ed1cd14d155d6a8db2d178
SHA256 546f3425bb7d15f049ca7ae1f2ef9744cd4d9bcae3eca51723f65a269d196fb3
CRC32 2323D301
ssdeep 12:8iYg4cZCrR8EvSWOR+/NeMgGP1/LbGPCwizCCOLMKNlaV12uawua4t2YLEPKzlXr:8LsERdyR+782zNRWYcL6PytdN
Yara
  • lnk_file_format - Microsoft Windows Shortcut File Format
  • Lnk_Format_Zero - LNK Format
VirusTotal Search for analysis