Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
09.22 06:09
audiodg.exe
09.22 06:09
psfod.exe
09.22 06:09
73EtsZxIoDetWTu.exe
09.22 06:09
otqp9.exe
09.22 06:09
xx.exe
09.22 06:09
fck.exe
09.22 06:09
LummaC222222.exe
09.22 06:09
seethebestwayforunders...
09.22 06:09
Name.exe
09.22 06:09
needmoney.exe

Latest News
09.23 02:09
Brass Propeller Gets I...
09.23 01:09
트리니티소프트, 애플리케이션 보안 분야에...
09.23 01:09
텔레그램 사용자 정책 위반 사칭 피싱 사...
09.23 01:09
SKYBOX 통합보안위험관리 솔루션, 다...
09.23 12:09
카스퍼스키, 클라우드·엔드포인트·OT 보...
09.22 11:09
Lula Seeks to Lead Pus...
09.22 11:09
Emoji-Erweiterung: Ach...
09.22 11:09
Slack wird noch smarte...
09.22 11:09
지란지교데이터, 개인정보 비식별화와 AI...
09.22 11:09
Robotic Touch Using a ...

Dropped Files | ZeroBOX

Name	9f2981a7cc4d40a2_060a2033.exe Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\060A2033.exe
Size	4.0B
Processes	2696 (LYMDYKd.exe)
Type	Non-ISO extended-ASCII text, with no line terminators
MD5	`20879c987e2f9a916e578386d499f629`
SHA1	`c7b33ddcc42361fdb847036fc07e880b81935d5d`
SHA256	`9f2981a7cc4d40a2a409dc895de64253acd819d7c0011c8e80b86fe899464e31`
CRC32	`58507E80`
ssdeep	`3:Wln:in`
Yara	PE_Header_Zero - PE File Signature
VirusTotal	Search for analysis

Name	ebcbe6c511033dfc_uninstall.exe Submit file
Filepath	C:\Program Files\7-Zip\Uninstall.exe
Size	31.5KB
Processes	2696 (LYMDYKd.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`306877e19c6a4ba277dda495a7ad4c7d`
SHA1	`b97e21e0e02a9c210f46a6b0a6b6d5aaf49b4bf2`
SHA256	`ebcbe6c511033dfc099579fa5118ab945e3f0e6b32050f3df97d96636ddbde32`
CRC32	`E745BE45`
ssdeep	`768:tT+am8riRCqsu/Xa1F4QGPL4vzZq2o9W7GsxBbPr:qomCEi1FTGCq2iW7z`
Yara	Malicious_Library_Zero - Malicious_Library Network_Downloader - File Downloader ASPack_Zero - ASPack packed file PE_Header_Zero - PE File Signature IsPE32 - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	a0b25eae50ddd909_cli.exe Submit file
Filepath	C:\Python27\Lib\site-packages\setuptools\cli.exe
Size	80.5KB
Processes	2696 (LYMDYKd.exe)
Type	PE32 executable (console) Intel 80386, for MS Windows
MD5	`c9786a1206c010ac3afdf1a7c6f60d59`
SHA1	`08e2264f246a8105892b4ed2d1f2974b8fca5af6`
SHA256	`a0b25eae50ddd90949596cb42f29014efc1db1b434f7197048af2566c753daf9`
CRC32	`D8B48E00`
ssdeep	`1536:RfnLq01weW5yX3jFxv49Nu4GhQBqGCq2iW7z:Y3ysTGhQsGCH`
Yara	Malicious_Library_Zero - Malicious_Library Network_Downloader - File Downloader ASPack_Zero - ASPack packed file PE_Header_Zero - PE File Signature IsPE32 - (no description) UPX_Zero - UPX packed file Generic_Malware_Zero - Generic Malware
VirusTotal	Search for analysis

Name	0d367cbc76e67039_t32.exe Submit file
Filepath	C:\Python27\Lib\site-packages\pip\_vendor\distlib\t32.exe
Size	107.0KB
Processes	2696 (LYMDYKd.exe)
Type	PE32 executable (console) Intel 80386, for MS Windows
MD5	`53c18b6add361a4be275ae750eb706ed`
SHA1	`19564ae5883c0b391b37bcea6be9e0424a81544b`
SHA256	`0d367cbc76e6703943d26d1abd7c60fa1c895c3e66f3d1fb0ddda670ab2dbb7c`
CRC32	`0179FD21`
ssdeep	`1536:BA7DoMCOeTFj5m+UcYmTuw32JEHCSBKb5l8lTfNYFfHYTogGwGCq2iW7z:iDwNmnHMCZUTfNCfHYTo0GCH`
Yara	Malicious_Library_Zero - Malicious_Library Network_Downloader - File Downloader ASPack_Zero - ASPack packed file PE_Header_Zero - PE File Signature IsPE32 - (no description) UPX_Zero - UPX packed file Generic_Malware_Zero - Generic Malware OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	ea23c12446b47124_inject-x86.exe Submit file
Filepath	C:\tmpuvzci8\bin\inject-x86.exe
Size	42.5KB
Processes	2696 (LYMDYKd.exe)
Type	PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
MD5	`0d05461b98d08458f33676e26263569b`
SHA1	`ed4c29822a71429c0b6ecd43826f79090766e486`
SHA256	`ea23c12446b47124ee183d3a90e2225a5e3ee526a64e51f0e62248032a9488ec`
CRC32	`A7C506A1`
ssdeep	`768:zqBJoSRaQuRo5dxbTapfQGPL4vzZq2o9W7GsxBbPr:2sYaxj4GCq2iW7z`
Yara	Network_Downloader - File Downloader ASPack_Zero - ASPack packed file PE_Header_Zero - PE File Signature IsPE32 - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	e498160716b75412_pafish.exe Submit file
Filepath	C:\util\pafish.exe
Size	91.5KB
Processes	2696 (LYMDYKd.exe)
Type	PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows
MD5	`ecf3bcb51da518172508eb11319a771e`
SHA1	`9ac0d103f00c4822af23376fa6baa27ad485597c`
SHA256	`e498160716b75412c6a8437645e3dfb91c162d4119d570b2b09865ec37e0b1cd`
CRC32	`DE1455D6`
ssdeep	`1536:/I05L48IVDAQVzZpJyrOM1GhFNkYL2BxNRj0xGCq2iW7z:/I05LBIDAuztyrOMGTkrNRjgGCH`
Yara	Malicious_Library_Zero - Malicious_Library Network_Downloader - File Downloader ASPack_Zero - ASPack packed file PE_Header_Zero - PE File Signature anti_vm_detect - Possibly employs anti-virtualization techniques IsPE32 - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	f96db022302dc9ea_is32bit.exe Submit file
Filepath	C:\tmpuvzci8\bin\is32bit.exe
Size	30.5KB
Processes	2696 (LYMDYKd.exe)
Type	PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
MD5	`ccf9709e717658fb6a015a17ebfc3ca5`
SHA1	`578f7c4118ecdc6921bc540c01d3ac50843b8960`
SHA256	`f96db022302dc9eaf4229633895c231813dfbe2063022122eaa7b676df43c3fe`
CRC32	`30390EE2`
ssdeep	`768:5LdgZAsxrw8fQGPL4vzZq2o9W7GsxBbPr:5pG4GCq2iW7z`
Yara	Network_Downloader - File Downloader ASPack_Zero - ASPack packed file PE_Header_Zero - PE File Signature IsPE32 - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	5875ed5574d2940c_wininst-6.0.exe Submit file
Filepath	C:\Python27\Lib\distutils\command\wininst-6.0.exe
Size	80.0KB
Processes	2696 (LYMDYKd.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`315705534d228ded7a1224f4e586a869`
SHA1	`892dae279191e2d83b5e53e914a187135269993f`
SHA256	`5875ed5574d2940c69f8009c3495412023a88b979a980187ddc4282682e6d356`
CRC32	`82BD171B`
ssdeep	`1536:/JvJnBpwdaMIOOnToIfiV6pdQblGCq2iW7z:/JvxKaCqTBfioo5GCH`
Yara	Malicious_Library_Zero - Malicious_Library Network_Downloader - File Downloader ASPack_Zero - ASPack packed file PE_Header_Zero - PE File Signature IsPE32 - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	0a2adc5f8a491ce4_execsc.exe Submit file
Filepath	C:\tmpuvzci8\bin\execsc.exe
Size	28.5KB
Processes	2696 (LYMDYKd.exe)
Type	PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows
MD5	`ff884409a074dec5d93ed03dba5b6897`
SHA1	`a5210baa76994dd916d2a231f4ab01fd7a1f11e2`
SHA256	`0a2adc5f8a491ce40c4a43f323a68af6ca90946febb8f76b7eea230fabe1468a`
CRC32	`75A8782D`
ssdeep	`768:JHJcD4xNQ+rfQGPL4vzZq2o9W7GsxBbPr:807QY4GCq2iW7z`
Yara	Network_Downloader - File Downloader ASPack_Zero - ASPack packed file PE_Header_Zero - PE File Signature IsPE32 - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	4db7f5ea70a2c3c3_w32.exe Submit file
Filepath	C:\Python27\Lib\site-packages\pip\_vendor\distlib\w32.exe
Size	103.5KB
Processes	2696 (LYMDYKd.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`f70fdddad75b8abee03354cc861007e3`
SHA1	`9b9450b69dacc526061457ee18d60df591790b1a`
SHA256	`4db7f5ea70a2c3c32bbcbe72245da1d29edf038dcb35221fb36929d17d992d67`
CRC32	`76AA7327`
ssdeep	`1536:ButZMKW/pJ4IOPkibTKzOUblUjYbgKbddYInG+cFfHYTo3wGCq2iW7z:B2MLuSyMt79G+ufHYTogGCH`
Yara	Malicious_Library_Zero - Malicious_Library Network_Downloader - File Downloader ASPack_Zero - ASPack packed file PE_Header_Zero - PE File Signature IsPE32 - (no description) UPX_Zero - UPX packed file Generic_Malware_Zero - Generic Malware OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	4354970ccc7cd6bb_LYMDYKd.exe Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\LYMDYKd.exe
Size	15.5KB
Processes	2632 (jiali.exe) 2896 (cmd.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`56b2c3810dba2e939a8bb9fa36d3cf96`
SHA1	`99ee31cd4b0d6a4b62779da36e0eeecdd80589fc`
SHA256	`4354970ccc7cd6bb16318f132c34f6a1b3d5c2ea7ff53e1c9271905527f2db07`
CRC32	`7886C245`
ssdeep	`384:7XZQaD7U8iu4YsAa7ZA0UvH2lsRv21yW7GbAxur6+Y9PffPz:1QGPL4vzZq2o9W7GsxBbPr`
Yara	Network_Downloader - File Downloader ASPack_Zero - ASPack packed file PE_Header_Zero - PE File Signature IsPE32 - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	8546058265d60c9d_hnce2pprconv80.exe Submit file
Filepath	C:\Program Files (x86)\Hnc\PDF80\x86\HNCE2PPRCONV80.exe
Size	620.0KB
Processes	2696 (LYMDYKd.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`34467e0c44e48e53c8e9d8b634002181`
SHA1	`c377b68cc16aa5d82cbe1b6458fa7209d223e78a`
SHA256	`8546058265d60c9dc1a63084b72612686db697269edb9ee764cf77f2ed233a43`
CRC32	`1EFE234F`
ssdeep	`6144:IK/nM2iORJL8/D/4hc/ulK8bsaW72GqL7TMgObgXqm/VkRPwyC:IK/dLG/9/oK8waw2G4wUqm/VkRPwy`
Yara	Malicious_Packer_Zero - Malicious Packer Malicious_Library_Zero - Malicious_Library Network_Downloader - File Downloader ASPack_Zero - ASPack packed file PE_Header_Zero - PE File Signature IsPE32 - (no description) UPX_Zero - UPX packed file Generic_Malware_Zero - Generic Malware OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	f8fd058d3bbdd842_hnce2pprconv80.exe Submit file
Filepath	C:\Program Files (x86)\Hnc\PDF80\x64\HNCE2PPRCONV80.exe
Size	620.0KB
Processes	2696 (LYMDYKd.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`96e5c7cc8b4fcbb005147e5ff709ca49`
SHA1	`60e99c3885f63e21836f7ee87f474f9368dbbed2`
SHA256	`f8fd058d3bbdd842092385f8c024409aa85a8c6825755ed4fec7c16114f2b009`
CRC32	`00AD7A80`
ssdeep	`6144:CK/nM2iORJL8/D/4hc/ulK8bsaWX6JeL7TMgObgXqm/VkRPwyO:CK/dLG/9/oK8waA6ewUqm/VkRPwy`
Yara	Malicious_Packer_Zero - Malicious Packer Malicious_Library_Zero - Malicious_Library Network_Downloader - File Downloader ASPack_Zero - ASPack packed file PE_Header_Zero - PE File Signature IsPE32 - (no description) UPX_Zero - UPX packed file Generic_Malware_Zero - Generic Malware OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	81803b48ca3d5ebb_is32bit.exe Submit file
Filepath	C:\tmptqb9ww\bin\is32bit.exe
Size	30.5KB
Processes	2696 (LYMDYKd.exe)
Type	PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
MD5	`6b80f317186a35de0f21dca5c15d5a37`
SHA1	`9100ff46a00dc384121c44f21c3a861554269767`
SHA256	`81803b48ca3d5ebb80eb821d36e76f5e1872a2f97d0d18d5d2843c27e31c7b51`
CRC32	`7ECCDAF9`
ssdeep	`768:5LdgZAsxrwMeQGPL4vzZq2o9W7GsxBbPr:5pqlGCq2iW7z`
Yara	Network_Downloader - File Downloader ASPack_Zero - ASPack packed file PE_Header_Zero - PE File Signature IsPE32 - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	3d4702ab1d4ecccc_inject-x86.exe Submit file
Filepath	C:\tmptqb9ww\bin\inject-x86.exe
Size	42.5KB
Processes	2696 (LYMDYKd.exe)
Type	PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
MD5	`828e746ad37852824342b81da4473868`
SHA1	`93331a35a42cef71f05f5672513ef07b156eeaad`
SHA256	`3d4702ab1d4eccccdbaf72cddc3e33a1d3638212a82a6a1c33e9e9c68fc25877`
CRC32	`B7F0D9AE`
ssdeep	`768:zqBJoSRaQuRo5dxbTaKeQGPL4vzZq2o9W7GsxBbPr:2sYax0lGCq2iW7z`
Yara	Network_Downloader - File Downloader ASPack_Zero - ASPack packed file PE_Header_Zero - PE File Signature IsPE32 - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	c213a0c0d9723eca_wininst-8.0.exe Submit file
Filepath	C:\Python27\Lib\distutils\command\wininst-8.0.exe
Size	80.0KB
Processes	2696 (LYMDYKd.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`70d8102648e571b8a2c6d29a6c38c47b`
SHA1	`3c5a4c2c90215215c0cba992a19d55d9d1e6688e`
SHA256	`c213a0c0d9723eca27f533b1416b45e9575c992cfa6c2ba2fac6dbcf21bc1a54`
CRC32	`E3DC5D12`
ssdeep	`1536:fHB0UxMkzOt7HcvJGt5AdHIOWnToIf12ZGJGCq2iW7z:fhAWJGSCTBf12ZOGCH`
Yara	Malicious_Library_Zero - Malicious_Library Network_Downloader - File Downloader ASPack_Zero - ASPack packed file PE_Header_Zero - PE File Signature IsPE32 - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	4f20c49359a09c86_gui-32.exe Submit file
Filepath	C:\Python27\Lib\site-packages\setuptools\gui-32.exe
Size	80.5KB
Processes	2696 (LYMDYKd.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`e83a73073d88467f5612a6667cdbd7e6`
SHA1	`8059ddbc384f721418ed1c211321e4119217d500`
SHA256	`4f20c49359a09c8648c5434a0ba78132180e6001161cb8bcea8527d5d06b69a4`
CRC32	`BA834498`
ssdeep	`1536:Yg/6/tM8NXDjPX0QWlfGMckTQKqGCq2iW7z:Hk3U8kTQ1GCH`
Yara	Malicious_Library_Zero - Malicious_Library Network_Downloader - File Downloader ASPack_Zero - ASPack packed file PE_Header_Zero - PE File Signature IsPE32 - (no description) UPX_Zero - UPX packed file Generic_Malware_Zero - Generic Malware
VirusTotal	Search for analysis

Name	1f17a318aa817a43_gui.exe Submit file
Filepath	C:\Python27\Lib\site-packages\setuptools\gui.exe
Size	80.5KB
Processes	2696 (LYMDYKd.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`837b24c8c761c8799d24b459f2426590`
SHA1	`d0f0c4facdeb0af93a49cb32a3212a6c487d6783`
SHA256	`1f17a318aa817a439a9e8e24fd9bfc616163ceb79807579a659ec4412f053fbf`
CRC32	`CCD9CD7A`
ssdeep	`1536:Yg/6/tM8NXDjPX0QWlfGMckTQFmGCq2iW7z:Hk3U8kTQwGCH`
Yara	Malicious_Library_Zero - Malicious_Library Network_Downloader - File Downloader ASPack_Zero - ASPack packed file PE_Header_Zero - PE File Signature IsPE32 - (no description) UPX_Zero - UPX packed file Generic_Malware_Zero - Generic Malware
VirusTotal	Search for analysis

Name	113528adbbf5f745_TemporaryFile Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\16862359\TemporaryFile\TemporaryFile
Size	892.0KB
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`a38a05e4a9dbfc6e7b6608b7f48d909c`
SHA1	`72013c52a8d0572c803f7f7240d84c4819e307c7`
SHA256	`113528adbbf5f74519d59a556e232e43f87e067ebe229ce0698bb9cd2a3656b0`
CRC32	`85387865`
ssdeep	`12288:v5mcnXTgXcH3y4gE94PDheqjwLpL/duo6F+tdjBgj3V6XEHNYEu0l8+zXw:v55ksXy4gE47he4wtL/xExlzX`
Yara	Malicious_Packer_Zero - Malicious Packer Malicious_Library_Zero - Malicious_Library DllRegisterServer_Zero - execute regsvr32.exe PE_Header_Zero - PE File Signature IsPE32 - (no description) UPX_Zero - UPX packed file Generic_Malware_Zero - Generic Malware OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	c49271b21406df2b_wininst-7.1.exe Submit file
Filepath	C:\Python27\Lib\distutils\command\wininst-7.1.exe
Size	84.0KB
Processes	2696 (LYMDYKd.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`1de948e6089d803a6bd966bd5d956f28`
SHA1	`1145ab4ca93303ae992cebe070f5faa4eca891f2`
SHA256	`c49271b21406df2bafb18dca4361b50715b178df2c52ca79c48414efeb5e81a3`
CRC32	`A0C589B7`
ssdeep	`1536:Qf88qP2CsRdxgwGGCIOunToIfiWdNWJGCq2iW7z:Qf8l2CHRGgKTBfik+GCH`
Yara	Malicious_Library_Zero - Malicious_Library Network_Downloader - File Downloader ASPack_Zero - ASPack packed file PE_Header_Zero - PE File Signature IsPE32 - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	51b34c7f39d6f0b4_execsc.exe Submit file
Filepath	C:\tmptqb9ww\bin\execsc.exe
Size	28.5KB
Processes	2696 (LYMDYKd.exe)
Type	PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows
MD5	`78a4379664a11223ae2854696f701884`
SHA1	`d23dc49018ed7b07734529f30e8ec30a338a5427`
SHA256	`51b34c7f39d6f0b4525ff99f85db2adb09f294bdbe22f0501b198e762e0b3a59`
CRC32	`EDEC6C69`
ssdeep	`768:JHJcD4xNQ+KeQGPL4vzZq2o9W7GsxBbPr:807Q1lGCq2iW7z`
Yara	Network_Downloader - File Downloader ASPack_Zero - ASPack packed file PE_Header_Zero - PE File Signature IsPE32 - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	0f6aec682e8edaa0_cli-32.exe Submit file
Filepath	C:\Python27\Lib\site-packages\setuptools\cli-32.exe
Size	80.5KB
Processes	2696 (LYMDYKd.exe)
Type	PE32 executable (console) Intel 80386, for MS Windows
MD5	`9f0608798a19d0f1512d19fc5d1a7ece`
SHA1	`495842e3c337d21b6d204e097df1d13ac23a6a30`
SHA256	`0f6aec682e8edaa007409ae4a2b3ec4ebf9ac7518dc6f2ae453f9f3285be56e8`
CRC32	`6F144358`
ssdeep	`1536:RfnLq01weW5yX3jFxv49Nu4GhQKoGCq2iW7z:Y3ysTGhQfGCH`
Yara	Malicious_Library_Zero - Malicious_Library Network_Downloader - File Downloader ASPack_Zero - ASPack packed file PE_Header_Zero - PE File Signature IsPE32 - (no description) UPX_Zero - UPX packed file Generic_Malware_Zero - Generic Malware
VirusTotal	Search for analysis

Name	b84214403bb73cc8_wininst-9.0.exe Submit file
Filepath	C:\Python27\Lib\distutils\command\wininst-9.0.exe
Size	208.0KB
Processes	2696 (LYMDYKd.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`7c36e8c859d2df195651f1e18175ad7a`
SHA1	`088a72d3fd73a790897df515e426a48479612410`
SHA256	`b84214403bb73cc80081de03c38be3d8c9933b444c264a8a3f74b9c81f722077`
CRC32	`367DA25D`
ssdeep	`3072:7Jw8KYg5zA5GsMYSxSJiN/vGss9kTBf9pAXAtPOYQwtGCH:7035iMhL/vGsbTBl2wOsY`
Yara	Malicious_Library_Zero - Malicious_Library Network_Downloader - File Downloader ASPack_Zero - ASPack packed file PE_Header_Zero - PE File Signature IsPE32 - (no description) UPX_Zero - UPX packed file Generic_Malware_Zero - Generic Malware
VirusTotal	Search for analysis

Name	535126a4cc2e60c2_3a691239.bat Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\3a691239.bat
Size	192.0B
Processes	2696 (LYMDYKd.exe) 2896 (cmd.exe)
Type	ASCII text, with CRLF line terminators
MD5	`9de409daa1877376dca0bd0174043531`
SHA1	`b10c29071489cdc979fa19980731ceb6850fe0a2`
SHA256	`535126a4cc2e60c2e40e6439e482f7c7614b5de939250a5db5e9e88bd130c403`
CRC32	`E3E32F58`
ssdeep	`3:jdKZOmWxpcL4E2J5xAI9BkbMD2UmWxpcL4E2J5xAI9Bk1KReJsjIdKZOmWxpcL49:jdKomQpcLJ23f96MD2UmQpcLJ23f9g/L`
Yara	None matched
VirusTotal	Search for analysis