popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name a2ce3a0fa7d2a833_e0f5c59f9fa661f6f4c50b87fef3a15a
Submit file
Filepath C:\Users\test22\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E0F5C59F9FA661F6F4C50B87FEF3A15A
Size 893.0B
Processes 2560 (f305ba-b4b69ab5.exe)
Type data
MD5 d4ae187b4574036c2d76b6df8a8c1a30
SHA1 b06f409fa14bab33cbaf4a37811b8740b624d9e5
SHA256 a2ce3a0fa7d2a833d1801e01ec48e35b70d84f3467cc9f8fab370386e13879c7
CRC32 1C31685D
ssdeep 24:hBntmDvKUQQDvKUr7C5fpqp8gPvXHmXvponXux:3ntmD5QQD5XC5RqHHXmXvp++x
Yara None matched
VirusTotal Search for analysis
Name b6a3f891ccf4332d_Display.png
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\obentermkR1z64a\Display\Display.png
Size 50.2KB
Processes 2712 (RegAsm.exe)
Type PNG image data, 1024 x 768, 8-bit/color RGBA, non-interlaced
MD5 d89a4ef97dfbee005886519985871fdc
SHA1 152190784e13a0519e3e72f5ecd0fc9169e22e3c
SHA256 b6a3f891ccf4332dd7af8558f6c87be396cb00cc24498798c42f6e94aa3189e2
CRC32 386CACF1
ssdeep 768:FLuZN+MyM1FUBrDCvcChkzWPtkRuW2PTJmwr2Gb2Ly7oIO:FLuTyMLUDCvphTPmwZC
Yara
  • PNG_Format_Zero - PNG Format
VirusTotal Search for analysis
Name cb6aa4a393ded34a_obentermkR1z64a.ligma
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\obentermkR1z64a.ligma
Size 34.6KB
Processes 2712 (RegAsm.exe)
Type Zip archive data, at least v2.0 to extract
MD5 f452a29cf01b6bb1eccc966752f58b1c
SHA1 c3098f32ef9d98a0b492d99c032e659b58853fa4
SHA256 cb6aa4a393ded34a761ea1577362c1a83f10b6ec1438f2fa6af6e0654ca0a0a9
CRC32 580423E5
ssdeep 768:zjW0Cq6Y6YmpkE0Cyffd5zmTWD/P1ZWJ6hVPOOmJL7AY106SlIYmEmtgd:v4YGsdFmo/PfWJ6hVy7jGlIO
Yara
  • zip_file_format - ZIP file format
VirusTotal Search for analysis
Name e65acc5ec7cad24c_e0f5c59f9fa661f6f4c50b87fef3a15a
Submit file
Filepath C:\Users\test22\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E0F5C59F9FA661F6F4C50B87FEF3A15A
Size 252.0B
Processes 2560 (f305ba-b4b69ab5.exe)
Type data
MD5 631a4300545325ec8f0075f1dcba9e71
SHA1 ee4df12b02499a2b55d2ac3e69dc7ddaff29462a
SHA256 e65acc5ec7cad24ceea0c0e8b41847ff6b872eea8f669e4eecb661b86da4ef04
CRC32 9EF6ECF2
ssdeep 3:kkFklkfNllXfllXlE/E/KRkzllPlzRkwWBARLNDU+ZMlKlBkvclcMlVHblB8V7l3:kK1flxliBAIdQZV7I7kc3
Yara None matched
VirusTotal Search for analysis
Name b7c225ef3cc3e875_d93f411851d7c929.customDestinations-ms~RF113a9c3.TMP
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d93f411851d7c929.customDestinations-ms~RF113a9c3.TMP
Size 7.8KB
Processes 2860 (powershell.exe) 2972 (powershell.exe)
Type data
MD5 81ca4510272caf505e8091e9a28cb716
SHA1 71414aeec9f1e4a6f5a461b01700cc9cc992cd9e
SHA256 b7c225ef3cc3e87506150eb140e7b9cc127a3469c50a808854acac71a53d98bf
CRC32 FC31E90F
ssdeep 96:EtuCcBGCPDXBqvsqvJCwoRtuCcBGCPDXBqvsEHyqvJCwor/47HwxGlUVul:EtCgXoRtCgbHnorLxY
Yara
  • Antivirus - Contains references to security software
  • Generic_Malware_Zero - Generic Malware
VirusTotal Search for analysis