Dropped Files | ZeroBOX

Name	3416a9b34bb50bd9_meh.bat Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\IXP000.TMP\meh.bat
Size	53.9KB
Processes	1508 (RuntimeBroker.EXE) 1740 (cmd.exe)
Type	DOS batch file, ASCII text, with very long lines, with CRLF line terminators
MD5	`d407ec6176eb72f08868310d35383615`
SHA1	`61e881c0b1d720560d67bc646437fcb12fb1de04`
SHA256	`3416a9b34bb50bd966788865a24226a94436b34c62ad96385700a9ffc19a4d7b`
CRC32	`4A081C40`
ssdeep	`1536:5FdiVD/qtSSoGinH6r8MNqQgPEGpXaW4CTqWagpkVph:5FPSSB9NpYXacey8h`
Yara	None matched
VirusTotal	Search for analysis

Name	a8fdba9df15e41b6_meh.bat.exe Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\IXP000.TMP\meh.bat.exe
Size	462.5KB
Type	PE32+ executable (console) x86-64, for MS Windows
MD5	`852d67a27e454bd389fa7f02a8cbe23f`
SHA1	`5330fedad485e0e4c23b2abe1075a1f984fde9fc`
SHA256	`a8fdba9df15e41b6f5c69c79f66a26a9d48e174f9e7018a371600b866867dab8`
CRC32	`71A0F262`
ssdeep	`6144:dxGRyCXBgoDhzoNKXzJ7BapCK5d3klRzULOnWyjLsPhAQzqO:CRZgQhIKXzJ4pdd3klnnWosPhnzq`
Yara	PE_Header_Zero - PE File Signature IsPE64 - (no description) Antivirus - Contains references to security software UPX_Zero - UPX packed file Generic_Malware_Zero - Generic Malware
VirusTotal	Search for analysis