popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 065d2b17ad499587_1.bat
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\RarSFX0\1.bat
Size 35.0B
Processes 2068 (jfesawdr.exe)
Type DOS batch file, ASCII text, with CRLF line terminators
MD5 ff59d999beb970447667695ce3273f75
SHA1 316fa09f467ba90ac34a054daf2e92e6e2854ff8
SHA256 065d2b17ad499587dc9de7ee9ecda4938b45da1df388bc72e6627dff220f64d2
CRC32 4B410F4B
ssdeep 3:mKDDFRK58FoXMMH:h08Foc2
Yara None matched
VirusTotal Search for analysis
Name 69efe73bf8f96694_work.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\RarSFX0\work.exe
Size 5.8MB
Processes 2068 (jfesawdr.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 8eeea65d388106b4489d07e025e17fed
SHA1 96651968f724c7daec51e74476403899bc7bf8c2
SHA256 69efe73bf8f9669427fb25962d104fb63ae7a4fdb4fb2f0022c7541a72c8a2c3
CRC32 06C1613D
ssdeep 98304:cvEbLriWEmQfgLVPn2qQniV0kSybkHXrsfM8n1TQuDFviH345nBIvgj2dKczR:mE7iWWaVP2qeiTHkbYMyTeHcNjEKczR
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • UPX_Zero - UPX packed file
  • Generic_Malware_Zero - Generic Malware
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name e3b0c44298fc1c14___tmp_rar_sfx_access_check_31315218
Empty file or file not found
Filepath C:\Users\test22\AppData\Local\Temp\RarSFX0\__tmp_rar_sfx_access_check_31315218
Size 0.0B
Type empty
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
CRC32 00000000
ssdeep 3::
Yara None matched
VirusTotal Search for analysis
Name 2ca04fad5b8a8126_podaw.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\RarSFX1\podaw.exe
Size 5.5MB
Processes 2224 (work.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 125c7efdef3f11c70b514739b1bab646
SHA1 526560d1ff7636ea4f0404eb74f5da68f7eb8e23
SHA256 2ca04fad5b8a81264292bb9877cb9c1c9f7a484cd03815ec9bb686ddf70edefa
CRC32 8C89D008
ssdeep 98304:XyMVJDni/BM/DuQBXPaBoWC9Nd3IiUtHu7ocC7qMqWOT1Rbn:XyUDi5M/quM/2f3IdtHu7oc+qMqWOT1R
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • VMProtect_Zero - VMProtect packed file
  • IsPE32 - (no description)
VirusTotal Search for analysis