popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 677f393462e24fb6_firstz.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\1000004001\FirstZ.exe
Size 2.5MB
Processes 2132 (Hkbsse.exe)
Type PE32+ executable (GUI) x86-64, for MS Windows
MD5 ffada57f998ed6a72b6ba2f072d2690a
SHA1 6857b5f0c40a1cdb0411eb34aa9fe5029bcdb84f
SHA256 677f393462e24fb6dba1a47b39e674f485450f91deee6076ccbad9fd5e05bd12
CRC32 75A335F8
ssdeep 49152:UjBP3/qGrdNJ8VZFhY++Yk/4aLq8wH7mm6qJsSRRjyl:aBPvfrAZF28k/RLbwH7mvcRRjy
Yara
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature
VirusTotal Search for analysis
Name 4f9b66b4ef707a1a_hkbsse.job
Submit file
Filepath C:\Windows\Tasks\Hkbsse.job
Size 270.0B
Processes 1188 (NewLatest.exe)
Type VAX-order 68k Blit mpx/mux executable
MD5 035bdf60b053b4a93a7c9d980ed79da6
SHA1 d018bc26973612bae2783f4bb309b99c37c3224e
SHA256 4f9b66b4ef707a1a36bf13bf4b0d5127554166defe98e805778730394a5871bf
CRC32 3F767BE8
ssdeep 3:YCQjbytRt//u2sl/nEIduhOEjlpQlyEXlxlXVl5TJ6lVylXUvhAttCRdk2z0nliz:qeXE/E/UEZ+lX1K+EetI4y0lnt0
Yara None matched
VirusTotal Search for analysis
Name 488385cd54d14790_hkbsse.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\b66a8ae076\Hkbsse.exe
Size 415.0KB
Processes 1188 (NewLatest.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 07101cac5b9477ba636cd8ca7b9932cb
SHA1 59ea7fd9ae6ded8c1b7240a4bf9399b4eb3849f1
SHA256 488385cd54d14790b03fa7c7dc997ebea3f7b2a8499e5927eb437a3791102a77
CRC32 270C3494
ssdeep 12288:5fSPtGpmLb84Jjzo6yrBuKuJ+ITOC0Ud:UtGpmf8edykhV0Ud
Yara
  • Malicious_Packer_Zero - Malicious Packer
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • UPX_Zero - UPX packed file
  • Generic_Malware_Zero - Generic Malware
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name eb74efaf4832a808_b2c2c1.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\1000003001\b2c2c1.exe
Size 455.5KB
Processes 2132 (Hkbsse.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 f8ec725e4b969f157fd70166e73a56a3
SHA1 8bc092817245f2727154454e0011a8d6704e2eb7
SHA256 eb74efaf4832a80809815051fc97704819fbc4b1d57f07faf39746a02ed1dd10
CRC32 BB2F5D20
ssdeep 12288:DDFoUhzIra7duGLyU99EsNOt44wvprxZD3d//:eUhzoaR1Np4w75N3
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis