popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 69a86e79b33c29c9_mousme
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\mousme
Size 483.0KB
Processes 800 (wininit.exe) 2488 (excel.exe)
Type data
MD5 e69c1eef7cf3db3d5e466961c296b0b8
SHA1 b6ba65c5d4def115cc632cd2576df42cb965e1c6
SHA256 69a86e79b33c29c995e82ba4a8cecbfcd06395b1bdd1dabdf215d18e3d0e390b
CRC32 E6252511
ssdeep 6144:CF1Dn3sLyo/rToOROn6cNZtAXjpO6KxJhhWfJq38Ac20dLP4CX0TVmKb1voB5LFw:ctc2o/rTfOn6aZtAc9sqMd6KuZE59G0K
Yara None matched
VirusTotal Search for analysis
Name 046c65ede0d15327_ophiolatrous
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\ophiolatrous
Size 58.0KB
Processes 800 (wininit.exe) 2488 (excel.exe)
Type UTF-8 Unicode text, with very long lines, with no line terminators
MD5 550d22d85dd73fae70595414f32e77a3
SHA1 0ba02199cf012f7b9ac24aa42b5d5f3419b1c496
SHA256 046c65ede0d1532759a4b7a097c6d86dec80e797f45ba6014a6a7d4979d225ff
CRC32 469881D5
ssdeep 1536:Zg2RyeLWNDFMZXLBDBKnpiowrJVckAqGK1YpeFFd+5FHd:ZgTS6iEkAqGkpgd
Yara None matched
VirusTotal Search for analysis
Name 01a090cf2ac03ed9_excel.vbs
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\excel.vbs
Size 272.0B
Processes 2488 (excel.exe)
Type data
MD5 06acb2541550ff04a7121c1abdc875d5
SHA1 e7a8276a5d51c37a11ddec69570eb3d2d44b06b1
SHA256 01a090cf2ac03ed9f4930e0a8faa48728e9010306ced841d601235306cd363fb
CRC32 1F7BB728
ssdeep 6:DMM8lfm3OOQdUfcls/UEZ+lX1Al1AuaVnriIM8lfQVn:DsO+vNls/Q1A1RmmA2n
Yara None matched
VirusTotal Search for analysis
Name 83cddd47b6b0fb72_excel.exe
Submit file
Filepath C:\Users\test22\AppData\Local\directory\excel.exe
Size 107.3MB
Processes 800 (wininit.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 149f437fd8e06350301a8c744b04c4f5
SHA1 71e335b09b575c1777113a5c515441a539bf4798
SHA256 83cddd47b6b0fb724bd0ce9af92b9037181786432df025aa5a19987494dc5d2c
CRC32 FD133476
ssdeep 49152:6h+ZkldoPK8Ya9rQWo6Ukd0TuB2IE+xI0eqNlYNkU77Ett2i:T2cPK8bQ0dwfcT
Yara
  • Malicious_Library_Zero - Malicious_Library
  • Process_Snapshot_Kill_Zero - Process Kill Zero
  • PE_Header_Zero - PE File Signature
  • FindFirstVolume_Zero - FindFirstVolume Zero
  • CryptGenKey_Zero - CryptGenKey Zero
  • Device_Check_Zero - Device Check Zero
  • IsPE32 - (no description)
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name 97b208f67fb1f0e0_autC0CA.tmp
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\autC0CA.tmp
Size 414.7KB
Processes 800 (wininit.exe)
Type data
MD5 2d147bd7d09473815b1eee93e8a59c96
SHA1 c5810fbb571ad05a362894e31920d2f2387e9a76
SHA256 97b208f67fb1f0e0f2579e6967b09d1f5171e0d8ca6a019b93f00432176b774f
CRC32 100C7A17
ssdeep 12288:K5gpLRwhVP1z7apPLZEZ5tpV3L3m0azowaEv7:KyzwhV5+dFE/RWBT
Yara None matched
VirusTotal Search for analysis
Name e1bd038d97afe5db_autC10A.tmp
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\autC10A.tmp
Size 11.5KB
Processes 800 (wininit.exe)
Type data
MD5 f62a77a8e086647f9d1db218445e656f
SHA1 306858c5666433da906e32d82fe8691a78956135
SHA256 e1bd038d97afe5db23c1f2f0978219ac93001519c67b5eb854b21b38d0e49172
CRC32 CAB928C7
ssdeep 192:GKyPqE89iJ+qY1Rvd3eMD8NSZ04ol4fFCWueDQRKbMEyYUTpI1Zx/G0JVdl2HfD:GW0gRkMANSZr3ue0RdTUnua2HfD
Yara None matched
VirusTotal Search for analysis