popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 9798e0b970d6450d_s1yw.0.bat
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\s1yw.0.bat
Size 178.0B
Processes 2552 (cp.exe)
Type DOS batch file, ASCII text, with CRLF line terminators
MD5 30739dd2b691168efa672f9c18020cf1
SHA1 90ff55196f166c3e9d23d8eee825cb999b149bf3
SHA256 9798e0b970d6450dc0a85a57b89f511bd07305a0e7c824dd9376c702766c171e
CRC32 88395E52
ssdeep 3:mKDDCMNqTtvL5mZkREH0jfrRBvmqRDmWxpcL4E2J5xAIfjg/Hm1mWxpcL4E2J5xJ:hWKqTtTPA0jlBvmq1mQpcLJ23ffjg/HU
Yara None matched
VirusTotal Search for analysis
Name fefd30308f73092c_xrjnzc.exe
Submit file
Filepath C:\ProgramData\pinterests\XRJNZC.exe
Size 6.5MB
Processes 2552 (cp.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 8fc868f86ee50172a6135d3a58d3495f
SHA1 b26cd7a4ca5229e05e51068852539549b3838738
SHA256 fefd30308f73092c122fe29921534fbeea6659c32dfd68fe234bcdbabdf8d1ec
CRC32 C282DCF5
ssdeep 98304:oLRKr2ABiBQPGrOr17nGPVzN1iiriD0dbZHX7rYEnpMoC1y5EHuj4QdrwDOuL:oL5ABRPGSrlnGPVH7iDe0EpMoCSeuHG1
Yara
  • Malicious_Library_Zero - Malicious_Library
  • IsPE32 - (no description)
  • PE_Header_Zero - PE File Signature
  • VMProtect_Zero - VMProtect packed file
  • UPX_Zero - UPX packed file
VirusTotal Search for analysis