popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name e3b0c44298fc1c14_jna4115874404283386990.dll.x
Empty file or file not found
Filepath C:\Users\test22\AppData\Local\Temp\jna--877171118\jna4115874404283386990.dll.x
Size 0.0B
Type empty
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
CRC32 00000000
ssdeep 3::
Yara None matched
VirusTotal Search for analysis
Name e7d8ad1dc0d46469_cce3fe3b0d8d805f.timestamp
Submit file
Filepath C:\ProgramData\Oracle\Java\.oracle_jre_usage\cce3fe3b0d8d805f.timestamp
Size 57.0B
Processes 3044 (java.exe) 292 (java.exe) 1628 (java.exe)
Type ASCII text, with CRLF line terminators
MD5 d72222fdc4bad6e39b6a979cb8f1db54
SHA1 0c3da84accde9d8674742d784c673a43d357ee05
SHA256 e7d8ad1dc0d464696404ba9b1fc837c98d90ae4ce1bbb472a134acc4f2197e24
CRC32 4330DB0B
ssdeep 3:oFj4I5vpN31Uov:oJ5X3ay
Yara None matched
VirusTotal Search for analysis
Name 2eae3dea1c3dde61_sqlite-jdbc-3.14.2.1.jar
Submit file
Filepath C:\Users\test22\AppData\Roaming\lib\sqlite-jdbc-3.14.2.1.jar
Size 4.1MB
Processes 292 (java.exe)
Type Zip archive data, at least v1.0 to extract
MD5 b33387e15ab150a7bf560abdc73c3bec
SHA1 66b8075784131f578ef893fd7674273f709b9a4c
SHA256 2eae3dea1c3dde6104c49f9601074b6038ff6abcf3be23f4b56f6720a4f6a491
CRC32 36EC8856
ssdeep 98304:czJoX0izQbrabWo2MxgErRYxFOY8IsFWyTIiTIzMpca:cJoXHQKW9MxRr8wZZsikzMaa
Yara
  • zip_file_format - ZIP file format
VirusTotal Search for analysis
Name a4568e582c1aefd5_order-2320884.jar
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ORDER-2320884.jar
Size 323.9KB
Processes 292 (java.exe)
Type Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.0, MSI Installer, Code page: 1252, Title: Installation Database, Subject: Microsoft Software Update for Web Folders (English) 14, Author: Microsoft Corporation, Keywords: Installer, MSI, Database, Release, Comments: This Installer database contains the logic and data required to install Microsoft Software Update for Web Folders (English) 14., Template: Intel;1033, Revision Number: {D09D1C77-A5D3-48C0-B530-C9C18BAF2545}, Create Time/Date: Tue Mar 30 17:26:02 2010, Last Saved Time/Date: Tue Mar 30 17:26:02 2010, Number of Pages: 200, Number of Words: 2, Name of Creating Application: Windows Installer XML (3.0.5419.0), Security: 2
MD5 c2cfe1bc4cc6ec14cd510cd4ac40d6f5
SHA1 9a104dc347f80a2cc0a09ad13ed68921c2f3bf94
SHA256 a4568e582c1aefd53d5e23a8cf09d5d7ed8af4af1ffebe75dbf8f743df5ad11b
CRC32 124F9B7D
ssdeep 6144:01kCix3B0FqADA5QDjkeVJDtgslBlYOz1hPkoVsdVhacijUU:06CkA05QDIeVttgOBRzLZydV7gz
Yara
  • Microsoft_Office_File_Zero - Microsoft Office File
  • Antivirus - Contains references to security software
VirusTotal Search for analysis
Name b308faebfe4ed409_jna-5.5.0.jar
Submit file
Filepath C:\Users\test22\AppData\Roaming\lib\jna-5.5.0.jar
Size 1.4MB
Processes 292 (java.exe)
Type Java archive data (JAR)
MD5 acfb5b5fd9ee10bf69497792fd469f85
SHA1 0e0845217c4907822403912ad6828d8e0b256208
SHA256 b308faebfe4ed409de8410e0a632d164b2126b035f6eacff968d3908cafb4d9e
CRC32 ADCAF72A
ssdeep 24576:BggLnybolJdaW+864NkqCUer8N7sSFOaj5lWOEMIKk6idJRWPTgzq3bICEz2lFO:BTnybo9aW+L5qCUO0xsiMPZrJgPLLIO6
Yara
  • zip_file_format - ZIP file format
VirusTotal Search for analysis
Name 2ddda8af6faef8bd_system-hook-3.5.jar
Submit file
Filepath c:\users\test22\lib\system-hook-3.5.jar
Size 772.7KB
Processes 3044 (java.exe)
Type Zip archive data, at least v1.0 to extract
MD5 e1aa38a1e78a76a6de73efae136cdb3a
SHA1 c463da71871f780b2e2e5dba115d43953b537daf
SHA256 2ddda8af6faef8bde46acf43ec546603180bcf8dcb2e5591fff8ac9cd30b5609
CRC32 9D0119ED
ssdeep 24576:IhCFW8WXvOsWW9XGmvcVfkfTnzrLvadKPpv:IhCYWstW202t
Yara
  • zip_file_format - ZIP file format
VirusTotal Search for analysis
Name 04c9a8ab43d1eb61_jna744424494011297200.dll
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\jna--877171118\jna744424494011297200.dll
Size 203.0KB
Processes 1628 (java.exe)
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 28d895a3cb7e9a0b6a5ae5ed6a62b254
SHA1 703d8604a8d04d29c52c0ebcde1e86f3bc8ff824
SHA256 04c9a8ab43d1eb616b84d0686c8ae1d881ef03fe4f3aa26511e5b19d35ef16af
CRC32 6BF047D1
ssdeep 3072:q9LCZdSWDLC2L5THvPEFKESxLBaj+EdyfWC0EHxvNVmvXsNGpqqqYrZG:VDvL5TQdndmkvXsNGpqOFG
Yara
  • Malicious_Library_Zero - Malicious_Library
  • IsPE32 - (no description)
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name 064c34c9f92f6aca_jna4115874404283386990.dll
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\jna--877171118\jna4115874404283386990.dll
Size 101.5KB
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 d2f0da769204b8c45c207d8f3d8fc37e
SHA1 c6870c1b8be2dbf1d737c918963d2f183aa778e1
SHA256 064c34c9f92f6aca636b5b53006b539853268570f048f33155c6a6635d6c0e7b
CRC32 74C26B4C
ssdeep 1536:6E6yQzBR0Sz+0kwXPxkuuoGesnRF+ojwCds6EaH2UivXsdDGkPUx5L:6PfR046cJevnRF+oFEbUivXsNGn5L
Yara
  • IsPE32 - (no description)
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
VirusTotal Search for analysis
Name 24d81621f82ac29f_jna-platform-5.5.0.jar
Submit file
Filepath C:\Users\test22\AppData\Roaming\lib\jna-platform-5.5.0.jar
Size 2.6MB
Processes 292 (java.exe)
Type Java archive data (JAR)
MD5 2f4a99c2758e72ee2b59a73586a2322f
SHA1 af38e7c4d0fc73c23ecd785443705bfdee5b90bf
SHA256 24d81621f82ac29fcdd9a74116031f5907a2343158e616f4573bbfa2434ae0d5
CRC32 9E273BAB
ssdeep 24576:DyciOooDbK7Yw1J75n4BP/NtK2ov3mhDR6:3iOLDOZJ75nwtK2ovWh8
Yara
  • Malicious_Library_Zero - Malicious_Library
  • zip_file_format - ZIP file format
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis