Dropped Files | ZeroBOX

Name	d3813e88d7e7bbd3_msi.centralserver.job Submit file
Filepath	C:\Windows\Tasks\MSI.CentralServer.job
Size	306.0B
Processes	2556 (cp.exe)
Type	VAX-order 68k Blit mpx/mux executable
MD5	`68c94904ad3d42ede0a447305fb6b01e`
SHA1	`3099f2b66b5d6fc49ea223ecc9f3902489f4be0e`
SHA256	`d3813e88d7e7bbd3c2842b2f320c37400f5cdd93ae0967aaf27af51189fbfc80`
CRC32	`ED27D92F`
ssdeep	`6:GJfoFDZXE/m/UEZ+lX1MAgIYQ4lq02VatI4y0l/mt0:culkm/Q12Iolq14V/mt0`
Yara	None matched
VirusTotal	Search for analysis

Name	21c23083404349db_msi.centralserver.exe Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\One_Dragon_Center\MSI.CentralServer.exe
Size	1.8MB
Processes	2556 (cp.exe)
Type	PE32 executable (console) Intel 80386, for MS Windows
MD5	`97256cf11c9109c24fde65395fef1306`
SHA1	`e60278d8383912f03f25e3f92bf558e2a33f229d`
SHA256	`21c23083404349dbc8e7094338acaa07ea5a7e3a442bb81a528e06c175b8d934`
CRC32	`EF915676`
ssdeep	`24576:rGpVQOAoqyDshVag6Vu4luUR/oF1av5H/BNMVMmFTMqITdpE4bTJ5/kOG01N74:rBoqyDBVZAoCyQzITdpBvJ5U01K`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature Malicious_Packer_Zero - Malicious Packer IsPE32 - (no description) UPX_Zero - UPX packed file Generic_Malware_Zero - Generic Malware OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis