popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name b203ac07f21d030b_bat.bat
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\bat.bat
Size 320.6KB
Processes 2564 (awpH6iP7gCYM.exe)
Type ASCII text, with very long lines, with CRLF line terminators
MD5 85cb6372bbc4a6a194a314de98c748f2
SHA1 3ef0a62a6c30f36eb9c7e3ba08482f23565b0e18
SHA256 b203ac07f21d030b949bb5ad92895afe9d1ec13b0811d0ca3640057c1e9585ce
CRC32 15F15F7C
ssdeep 6144:4e2e09/0aEJYfdDcldyFQyTpzS1Z6ewqBOicQL0Q8TAy8bRV4NMRtEa:4HH9zEJEcldgQyBe3NDwAy8bP4Ns3
Yara
  • anti_vm_detect - Possibly employs anti-virtualization techniques
VirusTotal Search for analysis
Name 44e8aa0601fffe82_590aee7bdd69b59b.customdestinations-ms
Submit file
Filepath c:\users\test22\appdata\roaming\microsoft\windows\recent\customdestinations\590aee7bdd69b59b.customdestinations-ms
Size 7.8KB
Processes 2920 (powershell.exe)
Type data
MD5 ee6cfd78f72f03663db2a7df0c696dd7
SHA1 56126e81a5f6577f8e24a890185d0c9eb600fa02
SHA256 44e8aa0601fffe82c494bbc7d7280aa3bc5e90effe2aee2d716d5716e1d6b568
CRC32 F27137C4
ssdeep 96:EtuCcBGCPDXBqvsqvJCwoRtuCcBGCPDXBqvsEHyqvJCworu4tDHXyGlUVul:EtCgXoRtCgbHnorBTyY
Yara
  • Antivirus - Contains references to security software
  • Generic_Malware_Zero - Generic Malware
VirusTotal Search for analysis