Dropped Files | ZeroBOX

Name	b6e1c130d2b9f81e_999999.exe Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\999999.exe
Size	48.1KB
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`2b6bdd0a18e76a5df3a867a49f951125`
SHA1	`f0286405e8c8efb11ad4d30b29f32268ea747c09`
SHA256	`b6e1c130d2b9f81e9457197727bb12e29093f29bf80408c2351bbad8cf821d4f`
CRC32	`1EE8FF0F`
ssdeep	`768:zynb12Aw5J6HC4kq5Jp9bjAzhyY55J+NStcEeUlyqgZl4p67ahPC:Ub1MsHz3JDwhyWr+N95OTga6Z`
Yara	Malicious_Library_Zero - Malicious_Library hide_executable_file - Hide executable file PE_Header_Zero - PE File Signature IsPE32 - (no description)
VirusTotal	Search for analysis

Name	03bc8caca1bab6d1_27714954.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\27714954.dll
Size	25.5KB
Processes	1540 (999999.exe)
Type	PE32 executable (DLL) (console) Intel 80386, for MS Windows
MD5	`da3dd69dae8627334a8479f60eeb082e`
SHA1	`35c550902e5c0e6297785c367c2d638dda23404e`
SHA256	`03bc8caca1bab6d14d7eac1dde331df3be91aec47c51c7ddf6646deab028d17e`
CRC32	`4469BE8B`
ssdeep	`384:8T9IWqIwt10zr6lXYhCRdkyurLmC2S1xJrQcWrH/RUAMO0MY0holUxHd+q4tKDES:8ht+Izr6pqRrLuS1vzWpaGZHdSYDG`
Yara	Win_Backdoor_Farfli - gives threat-actors several options of gaining access to the affected system. Malicious_Library_Zero - Malicious_Library IsDLL - (no description) PE_Header_Zero - PE File Signature IsPE32 - (no description) UPX_Zero - UPX packed file Generic_Malware_Zero - Generic Malware OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis