popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name f58d3a4b2f3f7f10_moscow.pif
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\24091\29161\Moscow.pif
Size 924.6KB
Processes 1964 (cmd.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 848164d084384c49937f99d5b894253e
SHA1 3055ef803eeec4f175ebf120f94125717ee12444
SHA256 f58d3a4b2f3f7f10815c24586fae91964eeed830369e7e0701b43895b0cefbd3
CRC32 4FCA9037
ssdeep 24576:LOo8pEnK4mrqlEZuVZ2HOI+X0l1lMZyYFaeBmyF:LF8p4KpqlEZeXI+X0TVcae3F
Yara
  • Malicious_Library_Zero - Malicious_Library
  • IsPE32 - (no description)
  • PE_Header_Zero - PE File Signature
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name fc141ffe6bf256b8_compound
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\24091\Compound
Size 213.0KB
Processes 2544 (TierDiagnosis.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 e9db611974409fb7c1770fe95bfd5402
SHA1 ad077d6f8ad48bd4a8edbca88711cc4b7c71c1b5
SHA256 fc141ffe6bf256b8794c769feed25fa8bfeff01a60cdd2699e2d84e94585553c
CRC32 DD135DB7
ssdeep 6144:LQBk7JjX74cN0lrztgwU0Wyw3mFygyE4m:LO0z8e0lvSr0Wyw20K4m
Yara
  • IsPE32 - (no description)
  • PE_Header_Zero - PE File Signature
VirusTotal Search for analysis
Name 7878bf0bad5d5201_participants
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\24091\Participants
Size 60.6KB
Processes 2544 (TierDiagnosis.exe)
Type data
MD5 7e012cfad9fc2540936792e39cfeb683
SHA1 14ec9c74d3c570d0e532bd37faf17d66b77ae87f
SHA256 7878bf0bad5d520187465546a691242c4b76d7fd9faf5f827ab965b40dc905e4
CRC32 8AB10B5E
ssdeep 1536:Xo2+9BkxXiblenlJJyIE2UWb/hoQZ2OE3:XNogXJ3i2Umb2Oq
Yara None matched
VirusTotal Search for analysis
Name ac432b9cbaadc6e7_emperor
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\24091\Emperor
Size 274.0KB
Processes 2544 (TierDiagnosis.exe)
Type data
MD5 a5670bf198a414d7c1d208b45352b28a
SHA1 b88f181962454a80a2247971281972799aa9260b
SHA256 ac432b9cbaadc6e754ade1789305f5c907a18406645e78563246445aaa28ba75
CRC32 563EB580
ssdeep 6144:l8DsvqJX4xNAB+xHFq9O0lHPOGUWLhxjRYmFqZvEAOz04pmdv:hvqJWNAB+X0lHPOGNnlMZce4wdv
Yara None matched
VirusTotal Search for analysis
Name 7925ed5739f850ae_bathrooms
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\24091\Bathrooms
Size 12.4KB
Processes 2544 (TierDiagnosis.exe)
Type ASCII text, with very long lines, with CRLF line terminators
MD5 cecb2af97fde1a363645feda343b13cc
SHA1 e1352ee119836ffca4e6541642223dc5af218254
SHA256 7925ed5739f850ae29ec9c489783d3c2db80f5e0f66a35ae2d271dd7fbab88e4
CRC32 B0393652
ssdeep 96:Abp+mXrjcx7iqOJgs3Uct4X6h21KB0nQ/LPhaZhqysFv3d3vzoeJbRqbd3cYWqQ6:ariSJglh1O0CLE9sFfdLY
Yara None matched
VirusTotal Search for analysis
Name d91f62534c2abd84_marketwise.js
Submit file
Filepath C:\Users\test22\AppData\Local\Insightful Markets Technologies\MarketWise.js
Size 202.0B
Processes 2136 (Moscow.pif)
Type ASCII text, with no line terminators
MD5 25a0c055c03932ee3d3dbfe51b74a090
SHA1 9063848d5d2307f630fc89f4d8c3731a4ea93807
SHA256 d91f62534c2abd84f26b9c1146e608f718d0132ce773cceef9dafb359bf67e30
CRC32 33BAE268
ssdeep 6:RiJbNHCwWDbRXp+NkDrswLNzoXHSwWDbRXp+NkDrswLNz0s:YJpCjvxsEN0avxsENAs
Yara None matched
VirusTotal Search for analysis
Name c2ae169495738288_TierDiagnosis.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\TierDiagnosis.exe
Size 1.3MB
Type PE32 executable (console) Intel 80386, for MS Windows
MD5 2e600b1ff7cd82c6402bb280720ced61
SHA1 b182c466b2a43d7ec3b5dad5a351b703771baa27
SHA256 c2ae169495738288c01df97f582da3db67e4f4d4514be563a7e2cbc069b76448
CRC32 1BE19488
ssdeep 24576:w+7dsbKHIny1loKiqxsbOMVolrhuXvc9Ft2rmeOaNRRL:Non782UTt2rm1KDL
Yara
  • Malicious_Library_Zero - Malicious_Library
  • IsPE32 - (no description)
  • PE_Header_Zero - PE File Signature
  • Admin_Tool_IN_Zero - Admin Tool Sysinternals
  • UPX_Zero - UPX packed file
  • mzp_file_format - MZP(Delphi) file format
VirusTotal Search for analysis
Name 29d88f4d6378126b_injection
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\24091\Injection
Size 222.0KB
Processes 2544 (TierDiagnosis.exe)
Type data
MD5 02eb5744ddab6eeef3ee9253d92b294d
SHA1 c17510aa38107762933086f35bf7457ae5dc79ad
SHA256 29d88f4d6378126b7b73a77a553fb22504038f4c43026768ab98f8d91cd7508a
CRC32 1B88EA1A
ssdeep 6144:fqd12lqlEAehuqN8zwNzlmhPL1b5nZ2tZ6lfA6Gfm6K:fqClqlEZuB1b5Z2tZ6XKmL
Yara None matched
VirusTotal Search for analysis
Name 14bebc518958785c_lt
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\24091\Lt
Size 470.6KB
Processes 2544 (TierDiagnosis.exe)
Type ASCII text, with very long lines, with CRLF line terminators
MD5 97ec1836ede6602974d17b6901cafbb1
SHA1 951a68e8c79cf6b5561974d1c8f21b7b6ffb2035
SHA256 14bebc518958785c7a40234081970dd19b2526e30e7a1266fd9e2d52cebbccfd
CRC32 069DDE3E
ssdeep 6144:CceBIHVj+S5I1qcTRnY6AYVYc35TzEh42sdYphnsFj+CK2:CWV+SS1qcTRY6H6A5chUdYfsFCu
Yara
  • Generic_Malware_Zero - Generic Malware
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name ca1b4dba97f2663a_worm
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\24091\Worm
Size 155.0KB
Processes 2544 (TierDiagnosis.exe)
Type data
MD5 f77a7706678afb56e603fc440531ae33
SHA1 224fae81abe46db38f3a780428a728850fa8dd57
SHA256 ca1b4dba97f2663a915aacb494088ef1bcd575b51a1483ad13f68919e3ef05cf
CRC32 B85809C8
ssdeep 1536:NPdMaj6iTcohiPfKj+wsxjgarB3RZg3EYrDWyu0uZ:NPf6jKj+wsxjgarB3RZgDWy4Z
Yara
  • Malicious_Library_Zero - Malicious_Library
VirusTotal Search for analysis