popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 69aea94d991a3ec7_$813877592
Submit file
Filepath C:\Users\test22\AppData\Roaming\$813877592
Size 2.5MB
Processes 2560 (ax.exe)
Type data
MD5 6f18a9a6f4421a80d2fc762cb195066f
SHA1 d5cc6a00cd861530fc5879cac913264fb68844af
SHA256 69aea94d991a3ec73d327bf8ac1edc5adb8bc8906096120e8f7093ca9d45e3ea
CRC32 337D5722
ssdeep 49152:HAFwSgCNZkrkgtoqZyyAn4o/0Kz+NCBqcRKEkmG1pgChkQGsgBAkSCEd0kSEijla:gFwlCNZTOoqXAx88BqcVu1pggGsgBsC0
Yara
  • Malicious_Library_Zero - Malicious_Library
  • anti_vm_detect - Possibly employs anti-virtualization techniques
VirusTotal Search for analysis
Name e06bccb52291d40f_svchost.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\svchost.exe
Size 1.6MB
Processes 2560 (ax.exe)
Type PE32+ executable (GUI) x86-64, for MS Windows
MD5 52f4d7976c9a9396220d02429bb3e635
SHA1 14f950c169fde471c0115e255155e3414c8653d6
SHA256 e06bccb52291d40f1afe838da3d8473d861e698ab35d84ed2f1306e33ee99f10
CRC32 0B873A4E
ssdeep 49152:gAFwSgCNZkrkgtoqZyyAn4o/0Kz+NCBqcRKEkmG1pgChv:rFwlCNZTOoqXAx88BqcVu1pgw
Yara
  • Malicious_Library_Zero - Malicious_Library
  • Malicious_Packer_Zero - Malicious Packer
  • PE_Header_Zero - PE File Signature
  • IsPE64 - (no description)
  • UPX_Zero - UPX packed file
VirusTotal Search for analysis
Name 9387843ba50bc260_xzw.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\xzw.exe
Size 888.0KB
Processes 2560 (ax.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 a60eb6b05e9aa663aa574603aa4b7688
SHA1 1bea14088e5fa1d7e46a4a1d7f3c3fa5b395c7f8
SHA256 9387843ba50bc2600c26e7fe86b6d40e1dc5db5d685dbbf681cbcb50eb6cab5e
CRC32 6490985E
ssdeep 24576:MVjTGZQFooOuciaIB0dFkSCyOlRUJd0kSSJinrRVlr+M6l:MQGsgBAkSCEd0kSEijlr+M6l
Yara
  • Malicious_Library_Zero - Malicious_Library
  • IsPE32 - (no description)
  • Malicious_Packer_Zero - Malicious Packer
  • PE_Header_Zero - PE File Signature
  • anti_vm_detect - Possibly employs anti-virtualization techniques
  • UPX_Zero - UPX packed file
VirusTotal Search for analysis
Name 76541a527e150ee5_sys.key
Submit file
Filepath C:\ProgramData\sys.key
Size 108.0B
Processes 2632 (svchost.exe)
Type data
MD5 345ed93d827018b6d9c80874920e5d0c
SHA1 16184b7d6f7881b62d8ed71206ca342ea8270a8f
SHA256 76541a527e150ee5a1f581731504f74e8daf5174d8a6d6cd7c840ae8376aea66
CRC32 D11F4356
ssdeep 3:KfAKblovDluni3PXLlIlXlYSXOYFf1lU:xKbW0i3P+l1/eYdC
Yara None matched
VirusTotal Search for analysis