popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 8f4c72e3c7de1ab5_qt5core.dll
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\Qt5Core.dll
Size 6.0MB
Processes 2652 (VBDVMGWB.exe)
Type PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5 68e600cb754e04557ef716b9ebc93fe4
SHA1 8302ab611e787c312b971ce05935ff6e956faede
SHA256 8f4c72e3c7de1ab5d894ec7813f65c5298ecafc183f31924b44a427433ffca42
CRC32 826702A0
ssdeep 98304:cE5jJSnL0VxTOnyJJsv6tWKFdu9Cs/CzYnxqfRgw:cE5NSn0xLJJsv6tWKFdu9CMkexqfRF
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • Malicious_Packer_Zero - Malicious Packer
  • IsDLL - (no description)
  • IsPE64 - (no description)
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name 4e775b5fafb4e6d8_easteamproxy.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\EASteamProxy.exe
Size 5.4MB
Processes 2652 (VBDVMGWB.exe)
Type PE32+ executable (GUI) x86-64, for MS Windows
MD5 ad2735f096925010a53450cb4178c89e
SHA1 c6d65163c6315a642664f4eaec0fae9528549bfe
SHA256 4e775b5fafb4e6d89a4694f8694d2b8b540534bd4a52ff42f70095f1c929160e
CRC32 88A4AF98
ssdeep 98304:o/zx+riUDpJowboU+XEsumY2XW6jBYeZ1ER:2x+riUDwUj12X1tY5
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • Malicious_Packer_Zero - Malicious Packer
  • IsPE64 - (no description)
  • Antivirus - Contains references to security software
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name 6fd366a691ed6843_vcruntime140_1.dll
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\vcruntime140_1.dll
Size 48.4KB
Processes 2652 (VBDVMGWB.exe)
Type PE32+ executable (DLL) (console) x86-64, for MS Windows
MD5 cf0a1c4776ffe23ada5e570fc36e39fe
SHA1 2050fadecc11550ad9bde0b542bcf87e19d37f1a
SHA256 6fd366a691ed68430bcd0a3de3d8d19a0cb2102952bfc140bbef4354ed082c47
CRC32 73ACE15B
ssdeep 768:a0Q4HUcGJZekJSam1BbuBSYcCZbiLzlSHji9z4GwZHji9znwT:afnDex5izbiLzlE+z4Gwl+zwT
Yara
  • Win32_Trojan_Gen_1_0904B0_Zero - Win32 Trojan Emotet
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
  • IsPE64 - (no description)
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name e3b7e0392cc48d21_qt5network.dll
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\Qt5Network.dll
Size 1.3MB
Processes 2652 (VBDVMGWB.exe)
Type PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5 6b63ca8c121d546642f9e2793e0862de
SHA1 f3301b0aa224fa406ec27f4ab16983811ab3b47b
SHA256 e3b7e0392cc48d21850c950ac0799624a9268a3f549ca791687f21acc46bbdf7
CRC32 76F8FB1D
ssdeep 24576:MO51NG2bq1mhQpCR4SSUVxiKZivaKau3pUlSuMEFR+PoT0lKU:a4hQoRpSUVYKZqPau3pUlNMEePoT0Y
Yara
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
  • IsPE64 - (no description)
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name 52415829d85c06df_libcrypto-1_1-x64.dll
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\libcrypto-1_1-x64.dll
Size 2.7MB
Processes 2652 (VBDVMGWB.exe)
Type PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5 28dea3e780552eb5c53b3b9b1f556628
SHA1 55dccd5b30ce0363e8ebdfeb1cca38d1289748b8
SHA256 52415829d85c06df8724a3d3d00c98f12beabf5d6f3cbad919ec8000841a86e8
CRC32 78BF5F96
ssdeep 49152:KlOh5PuX2I9Rkf5gnQ7duzGuqFCtLQ2IqNPz38JQ41CPwDv3uFfJ:Q2Irkn2Iqt38C41CPwDv3uFfJ
Yara
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
  • IsPE64 - (no description)
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name 1db3fd414039d3e5_steam_api64.dll
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\steam_api64.dll
Size 291.4KB
Processes 2652 (VBDVMGWB.exe)
Type PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5 6b4ab6e60364c55f18a56a39021b74a6
SHA1 39cac2889d8ca497ee0d8434fc9f6966f18fa336
SHA256 1db3fd414039d3e5815a5721925dd2e0a3a9f2549603c6cab7c49b84966a1af3
CRC32 E36E7B4D
ssdeep 3072:504VEQ2u/niy9UVLCe9ZqdrP+VXvv+sJYB2RHKBi65lhTbCc+hnvvEyP7yq+uei1:QZu/i874ZcrMv2cRh7yqO2CPLHxYq8/B
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
  • IsPE64 - (no description)
  • UPX_Zero - UPX packed file
  • Generic_Malware_Zero - Generic Malware
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name 3f52b33b984df8e5_blackleg.pptx
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\blackleg.pptx
Size 19.6KB
Processes 2652 (VBDVMGWB.exe)
Type data
MD5 52faf44080314d7b1649ff4fa2bd4b38
SHA1 819c0be129bd3e02d3db596b657a990bb82142d3
SHA256 3f52b33b984df8e59dbdf6312f7a165437a2b33ee43c80a1e6a4c913c30d959a
CRC32 7ADC7740
ssdeep 384:OP5U7/ku599QyFp8hNXDSSouzQ5Jut6avnwlRU44yM/AQwJ:Y5U73QywNzRo/5JuoywlRUqRJ
Yara None matched
VirusTotal Search for analysis
Name 114a4c8f8b4cbc79_decibel.mp3
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\decibel.mp3
Size 790.8KB
Processes 2652 (VBDVMGWB.exe)
Type data
MD5 b60be8ff2a7f2a1c8a49f6adc4ccba97
SHA1 d4c9cd22a4efe790d6e6c5fd0cd6385e54a9ca29
SHA256 114a4c8f8b4cbc799f2093d44386d57cac0990719128cd864bac571c63a02b41
CRC32 6863EDF7
ssdeep 24576:QvjixgmybAqRZ0tW0YPxtf+wMHVjcrhziKANUxDk4mkhzW:Femy8qX0tWTf+NHdclgybmkE
Yara None matched
VirusTotal Search for analysis
Name 74892d9b4028c05d_msvcp140.dll
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\msvcp140.dll
Size 564.8KB
Processes 2652 (VBDVMGWB.exe)
Type PE32+ executable (DLL) (console) x86-64, for MS Windows
MD5 1ba6d1cf0508775096f9e121a24e5863
SHA1 df552810d779476610da3c8b956cc921ed6c91ae
SHA256 74892d9b4028c05debaf0b9b5d9dc6d22f7956fa7d7eee00c681318c26792823
CRC32 DEC2AA20
ssdeep 12288:RBSNvy11qsslnxU/1ceqHiNHlOp/2M+UHHZpDLO+r2VhQEKZm+jWodEEVAdm:RBSDOFQEKZm+jWodEE2dm
Yara
  • Win32_Trojan_Gen_1_0904B0_Zero - Win32 Trojan Emotet
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
  • IsPE64 - (no description)
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name a0e43cbc4a2d8d39_libssl-1_1-x64.dll
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\libssl-1_1-x64.dll
Size 669.0KB
Processes 2652 (VBDVMGWB.exe)
Type PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5 4ad03043a32e9a1ef64115fc1ace5787
SHA1 352e0e3a628c8626cff7eed348221e889f6a25c4
SHA256 a0e43cbc4a2d8d39f225abd91980001b7b2b5001e8b2b8292537ae39b17b85d1
CRC32 FFB9A4DF
ssdeep 12288:PcPPRr7K55yAAKDNkk1+cFc+CmRkS9/+wDe1rlXiE4D9u3AG3UQjA5WU2lvz:2N43+cFcmYhXixo7708U2lvz
Yara
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
  • IsPE64 - (no description)
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name 69320f278d90efaa_vcruntime140.dll
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\vcruntime140.dll
Size 106.9KB
Processes 2652 (VBDVMGWB.exe)
Type PE32+ executable (DLL) (console) x86-64, for MS Windows
MD5 49c96cecda5c6c660a107d378fdfc3d4
SHA1 00149b7a66723e3f0310f139489fe172f818ca8e
SHA256 69320f278d90efaaeb67e2a1b55e5b0543883125834c812c8d9c39676e0494fc
CRC32 ACA47BED
ssdeep 1536:BcghDMWyjXZZIzpdbJhKm6Kuzu8fsecbq8uOFQr+zMtY+zA:BVHyQNdbJAKuzRsecbq8uOFvyU
Yara
  • Malicious_Library_Zero - Malicious_Library
  • Win32_Trojan_Gen_1_0904B0_Zero - Win32 Trojan Emotet
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
  • IsPE64 - (no description)
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name a3a1199de32bbbc8_msvcp140_1.dll
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\msvcp140_1.dll
Size 34.9KB
Processes 2652 (VBDVMGWB.exe)
Type PE32+ executable (DLL) (console) x86-64, for MS Windows
MD5 69d96e09a54fbc5cf92a0e084ab33856
SHA1 b4629d51b5c4d8d78ccb3370b40a850f735b8949
SHA256 a3a1199de32bbbc8318ec33e2e1ce556247d012851e4b367fe853a51e74ce4ee
CRC32 6471F291
ssdeep 384:z1vZLMtUYqOoKFYpWcm5gW/ki0pSt+eB+Hj+R9zUkUTRtHRN7SoHR9zui5TJ:zpCtzqOjKYWi0QKHji9zSRtnx9zJTJ
Yara
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
  • IsPE64 - (no description)
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis