popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 43e8c9b6c1403b46_python27.dll
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\_MEI16482\python27.dll
Size 3.3MB
Processes 1648 (lazagne.exe)
Type PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5 3ae2bfd1f3810e1f8e63d12b6640d305
SHA1 0eaa9f0c96fa24ab837c736e6540a0be72ed83d2
SHA256 43e8c9b6c1403b4622de9c9bff75542803a674909d44aba26cf11828fd0a5ed0
CRC32 07E9E2C5
ssdeep 49152:cnHmMWTjmrbx/NWSRCgn6S4Ttffg7d47fPjnRM4gHQM1IITPCc+y5+3jt:FsVZzWzRMhHnaup5mt
Yara
  • IsPE64 - (no description)
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
  • UPX_Zero - UPX packed file
  • Generic_Malware_Zero - Generic Malware
VirusTotal Search for analysis
Name 09b85bb7f63a45c0_msvcp100.dll
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\_MEI16482\msvcp100.dll
Size 1.0KB
Processes 1648 (lazagne.exe)
Type PE32+ executable (DLL) x86-64, for MS Windows
MD5 56b60d510b2c02a6b0e5bbb4995d37c4
SHA1 b5cb31f92c6e5124d259df06294de36ff3143f54
SHA256 09b85bb7f63a45c0cdc8a3a36a2f0ecdc64afe00481236b9eb9cb230936cf243
CRC32 035DFF66
ssdeep 3:zp/t/NAFjYNKPWrl/WlWotttltl1Xl1Vl+//l5llHlMtllFllNllFll1llltMldd:zRb2WEAotu1Z4+E
Yara
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
VirusTotal Search for analysis
Name d384e6a309c41031__multiprocessing.pyd
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\_MEI16482\_multiprocessing.pyd
Size 34.0KB
Processes 1648 (lazagne.exe)
Type PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5 d29f54fe961ff0be2b4d1b75b18ee229
SHA1 eb0e10454ba5ebd35422dcfd15f5e718acb015d3
SHA256 d384e6a309c41031921fac5358b99a37e4768681d882de3e66d20179bde623cf
CRC32 0ED5B366
ssdeep 768:UO+DjdRQCIcrb8rT6Q9QcuNGqEa757vsZ9newa:U3DRRVrorT6Q9xzq7vsZ9ne
Yara
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
VirusTotal Search for analysis
Name a2fd7ffced225de6_pyexpat.pyd
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\_MEI16482\pyexpat.pyd
Size 182.0KB
Processes 1648 (lazagne.exe)
Type PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5 a5087ebbe3f55657e588b6c3d33b05b5
SHA1 66cb6592d0c7c33b4089906ca1fd8d1f60b9c9cb
SHA256 a2fd7ffced225de673f815374903500921baa1ff2b13a5de1dc35b53e457b964
CRC32 76B94B24
ssdeep 3072:hLr0JazUQXiCiqf9kZJH4+gUP4HR6EgsUsApxg+Y6qTiIYrL0JaNTjX4tsgqYU/l:hLr0xQy/1Y+gUP4cEgoomPW1UCZR1dgO
Yara
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
VirusTotal Search for analysis
Name 202ab2744bef1aa1_msvcr100.dll
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\_MEI16482\msvcr100.dll
Size 2.4KB
Processes 1648 (lazagne.exe)
Type PE32+ executable (DLL) x86-64, for MS Windows
MD5 8014a303c133e84a62febb00967306df
SHA1 60f9e6706dcd69328be21b1afcea632220791827
SHA256 202ab2744bef1aa198a3be33ef5ee1a78764db85d5076c0d0b168c574bde1c35
CRC32 FC1C8744
ssdeep 24:ttlDEtyDaA9bZW0sfmNFkUclvgn4Y3oCPNJP:pDs0aGZWvfYFkUclon4moOR
Yara
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
VirusTotal Search for analysis
Name d712b72e9b9b8648_win32pipe.pyd
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\_MEI16482\win32pipe.pyd
Size 27.0KB
Processes 1648 (lazagne.exe)
Type PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5 5ed99afcf2ddd45adf10e8bfa037def1
SHA1 9eaf1151ca6292132554dd53a1a77b80bb7de9c1
SHA256 d712b72e9b9b86486f352c42203fb2f9883780ea102793cc389b4f6254d660ab
CRC32 5BDC96F4
ssdeep 768:LV8mBWEPoWxrwk3HDaF2Wfk4MXPisI4l:LV8mBWEPoWxck3H0CPiol
Yara
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
VirusTotal Search for analysis
Name 959bece25a592bf3_pywintypes27.dll
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\_MEI16482\pywintypes27.dll
Size 135.5KB
Processes 1648 (lazagne.exe)
Type PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5 ec16db0ad80be2fb40600df034797ecb
SHA1 6d5bce3b8fb8c7dff0aa179d503af47887e3f0c2
SHA256 959bece25a592bf32d3b3e602bb8ebe88039db2f58916f593db3b66795258074
CRC32 D19F8E4F
ssdeep 3072:gMwiYgZWoh2lw41fwYYrrC0zrG+h+lu01dOlHqmvfbhc:BwiYSPlCfwYYrrC0XG+Ku2dOlHqmvfb
Yara
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
  • UPX_Zero - UPX packed file
VirusTotal Search for analysis
Name 93f30d067897dba0_MSVCR90.dll
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\_MEI16482\MSVCR90.dll
Size 612.0KB
Processes 1648 (lazagne.exe)
Type PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5 425d035880430fbed64dd6205c77f5b2
SHA1 c3eae140485e568e9868bedcf9b7fd18dc4321ed
SHA256 93f30d067897dba001b9f7ada68c1c50b1de40a8ed9f34905af43537009a0aa6
CRC32 3E451384
ssdeep 12288:uPGHbufTcaHuug7kgsHNbFM2zaVriFIWeAIDmqy7tHYa:uPG67c2uFbsNFM/rEIWeAIDmqy7tHh
Yara
  • IsPE64 - (no description)
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
  • Win32_Trojan_Gen_1_0904B0_Zero - Win32 Trojan Emotet
  • UPX_Zero - UPX packed file
  • Generic_Malware_Zero - Generic Malware
VirusTotal Search for analysis
Name 9bdab17d9ee7c7ed_sqlite3.dll
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\_MEI16482\sqlite3.dll
Size 784.0KB
Processes 1648 (lazagne.exe)
Type PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5 6243adf7ebc3e698197c7161c219d172
SHA1 dabf82e0359066bc92bd9dd44800927d21595b85
SHA256 9bdab17d9ee7c7ed2bd7cf06e2342a4661ab1cc43c0d6cdac708c7e13c329561
CRC32 30CBE831
ssdeep 12288:8x3X8SmDn2xExf8zn4iqSZog4c7CGdXATK2VET9HkAV9216wm9EOLjmCkc:8NX8Smy0fm48ZhX7CGdQ+2Vs2NEn
Yara
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
  • Generic_Malware_Zero - Generic Malware
VirusTotal Search for analysis
Name baa75ad550784c5c_bz2.pyd
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\_MEI16482\bz2.pyd
Size 90.5KB
Processes 1648 (lazagne.exe)
Type PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5 a1950d15ae7fadd5b203639f3965f690
SHA1 dd09dfee5577feca2ce25d9cc5091933ca580adb
SHA256 baa75ad550784c5c5bada51cb565784a04f267fad708e6611b0cc3dc6ae0c1ed
CRC32 A7BAAA0E
ssdeep 1536:+2swYRURXPj3/W3yd/nVu26F3RjrEOxZhuhiDOouhvqucpY62M84+f/PPgTt/:ewYRUR7/W3yd/npS3BE8uhiDObvquWY0
Yara
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
VirusTotal Search for analysis
Name 43092954458ad5d6__sqlite3.pyd
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\_MEI16482\_sqlite3.pyd
Size 62.5KB
Processes 1648 (lazagne.exe)
Type PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5 cee4e6d863e08f9db01735f9fec8e9b1
SHA1 6cc4e503227c6d07749ed2bdf79a5878d3ad2def
SHA256 43092954458ad5d6e6cd2c8fd5d917d09a66e8976b0ba3225cda48d60465e179
CRC32 0403B551
ssdeep 768:qwE/smm5aVdUtHBNn0Os9tXD35vJ9umj+iYMZ+hJ9MSNEEVVvrgIuqWtxTQb:A/sXmdQhOOs9tTIiJOO+vrPuqWtxT4
Yara
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
VirusTotal Search for analysis
Name 6f450435edb2b785__ctypes.pyd
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\_MEI16482\_ctypes.pyd
Size 119.5KB
Processes 1648 (lazagne.exe)
Type PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5 77be51b28c575526d749e2a91f3a4a83
SHA1 6a3a1b24696f5e82813eb5ae633fb4a3543d0543
SHA256 6f450435edb2b78504f166044aa45e87cd19670789dfacdb1074db7f934ab2a6
CRC32 2D9DEEF7
ssdeep 3072:GlBQfrPbtfynx+PRNn5LrL3BL8V4V5+4fJMThn6l:3DDtfIx+PRB5LrLRLK4ffJMTVm
Yara
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
VirusTotal Search for analysis
Name 425341f9b08a8d16__elementtree.pyd
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\_MEI16482\_elementtree.pyd
Size 183.0KB
Processes 1648 (lazagne.exe)
Type PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5 c97bf92a8086849b9ad36dfffe33081e
SHA1 7889a9f095ccd2fc84752479516ed32a5f50838d
SHA256 425341f9b08a8d1683a9d88dcd820acfe9e88612d4666cf9d2421315a592e74e
CRC32 43C0E215
ssdeep 3072:wvHvLh0U5wUl4d0T7Ec70i+T+fHJ84+gUP+HRyBRQk62IAK711111111etRseROl:wvHvLh0U5wUE0T71gHsj+gUP+4BRQkgF
Yara
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
VirusTotal Search for analysis
Name f02285fb90ed8c81_7ydkig
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\7ydkig
Size 4.0B
Processes 2092 (lazagne.exe)
Type ASCII text, with no line terminators
MD5 3f1d1d8d87177d3d8d897d7e421f84d6
SHA1 dd082d742a5cb751290f1db2bd519c286aa86d95
SHA256 f02285fb90ed8c81531fe78cf4e2abb68a62be73ee7d317623e2c3e3aefdfff2
CRC32 DA283D13
ssdeep 3:qn:qn
Yara None matched
VirusTotal Search for analysis
Name 7ddf74ac35a6dfa2__socket.pyd
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\_MEI16482\_socket.pyd
Size 49.5KB
Processes 1648 (lazagne.exe)
Type PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5 f9b160a08dacc271b8b7ad1516d88330
SHA1 762698430bbfe5b5d52756b969fe7a757ce07a33
SHA256 7ddf74ac35a6dfa24c4f96acd058829fc934b798af910ed2a58d9b8ef8a26511
CRC32 39323B3B
ssdeep 1536:Bxz3Bo5eP0gWO/k+zjIH6rrS/FrC7febv:X3G5eP0gfs+jdrrSdrufe
Yara
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
VirusTotal Search for analysis
Name 7a256d44ab212f08_select.pyd
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\_MEI16482\select.pyd
Size 11.5KB
Processes 1648 (lazagne.exe)
Type PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5 0ec68f2be57e2c19220f6e8c3101c77b
SHA1 7df423b32f071155d54814e94524fe444a69fc68
SHA256 7a256d44ab212f08e3dcb8d17abb12d9b79618699ecac75ccf00cdae5d35df1a
CRC32 F3CEA1EC
ssdeep 192:WAwvSWlNmvru6GuANTdZXaGI3X+Mw6Hc1U5dz2R:W0WlNmTu6ANTdZXX486HuA
Yara
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
VirusTotal Search for analysis
Name 21f810b2c5e7f433_unicodedata.pyd
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\_MEI16482\unicodedata.pyd
Size 676.0KB
Processes 1648 (lazagne.exe)
Type PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5 7af93ccb3188d3e8b8e6b4312843f3c6
SHA1 2133afa4ed01cb854ade1c37299476a19f9ab09e
SHA256 21f810b2c5e7f433a6d6ceded19534499122d3e90ec643a22847769af3346bdc
CRC32 3F181793
ssdeep 12288:WTXP3AxoMPBt8FpQsVdFiI5mZMPXubUxktwd:MXfRM8XQsVdXSPAxLd
Yara
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
VirusTotal Search for analysis
Name 4c5af12ecd203ea4__hashlib.pyd
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\_MEI16482\_hashlib.pyd
Size 1.6MB
Processes 1648 (lazagne.exe)
Type PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5 ae415df4a7c5e23857092c0c10bd7d8f
SHA1 ee6793e2eebb0e11e520933f4d233d8818d7c066
SHA256 4c5af12ecd203ea45e2aec5ce9b4b862636a3b9a6057ce0d5d8cce0ee37ec3a9
CRC32 8872D972
ssdeep 49152:iPZZq9jSQ5k2wbmSNPGtlqZVwASO+QPpyo3sALbF+:iPij5KwP
Yara
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
VirusTotal Search for analysis
Name 4127ecf092bc6034_lazagne.exe.manifest
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\_MEI16482\lazagne.exe.manifest
Size 1012.0B
Processes 1648 (lazagne.exe)
Type XML 1.0 document, ASCII text, with CRLF line terminators
MD5 dbcdc3116767f0b87dfbb68d4ffc4f9c
SHA1 2734ca39f9fd5456eac65457bb24d83b29bdcac0
SHA256 4127ecf092bc603470ef5ad84159c45bc15d341cdfb95ff314b7792bbe471930
CRC32 03183FDC
ssdeep 12:TMHdtnQEH5LXgVNsSNXvNxW5v+MHCgVNenhSN4tOvcNg4gv18zyiUGXwcGkVtvX8:2dtn3ZrgPN2v+zg6nEN4Wme5rcb3S
Yara None matched
VirusTotal Search for analysis
Name a9d0fdc952d5bb1b__ssl.pyd
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\_MEI16482\_ssl.pyd
Size 2.0MB
Processes 1648 (lazagne.exe)
Type PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5 16bbb7e72d190e6712d923dbc854a45f
SHA1 2913c4d3b9f0c708845252e863518d9bdaea5aac
SHA256 a9d0fdc952d5bb1ba7f809a6fa7ba9418414d5a10f4a7d429f680eac22d6a322
CRC32 714753EA
ssdeep 49152:w4yIXF3XjSlzJLt0ubdp+e9K1cihGtlqSTeVwASO6Awp/:PjGN9nT9D
Yara
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
VirusTotal Search for analysis