popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 31bedac9dd68bbdf_293362953530131.jpg
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\293362953530131.jpg
Size 248.7KB
Processes 2936 (None)
Type ASCII text
MD5 adddc8de24cd2f0869181f8e3c37bdd0
SHA1 9211a72834d6299dd500e17d84476d11d81651d0
SHA256 31bedac9dd68bbdfc417b6df1b9f0cc89c366d82979339d7bb9cafa632f10ce3
CRC32 B2F3D9C0
ssdeep 3072:L3PjumqEeYr1OYRUBq9lvgDOcFZF6YzHhTgUTx:L3P5qEiYmVOkZF6wHhk2
Yara
  • Generic_Malware_Zero - Generic Malware
VirusTotal Search for analysis
Name 9226e296d57b778b_d93f411851d7c929.customdestinations-ms
Submit file
Filepath c:\users\test22\appdata\roaming\microsoft\windows\recent\customdestinations\d93f411851d7c929.customdestinations-ms
Size 7.8KB
Processes 2276 (powershell.exe)
Type data
MD5 4fc82bebc45b1f3e0778acd53938c544
SHA1 db7b9cb6c6a58a7e04110865daae7f2d21269d68
SHA256 9226e296d57b778b6cbf0ed46e8853e549049e09514e6964fc6be4a8144770ca
CRC32 C56942B7
ssdeep 96:ctuCeGCPDXBqvsqvJCwo5tuCeGCPDXBqvsEHyqvJCworQ7Hwx2lUVul:ctvXo5tvbHnor7xI
Yara
  • Antivirus - Contains references to security software
  • Generic_Malware_Zero - Generic Malware
VirusTotal Search for analysis
Name a9220271c0eb79e5_d93f411851d7c929.customDestinations-ms~RF194a655.TMP
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d93f411851d7c929.customDestinations-ms~RF194a655.TMP
Size 7.8KB
Type data
MD5 b0c9ff441742f3847ea27da9dee7f2cd
SHA1 c42a1eb32ba953a0ce5d8635caabf71b5b281495
SHA256 a9220271c0eb79e5750e0d0e62058ecac560e09cdf9e82ef61aeeabada5d48a4
CRC32 0BBCAB1A
ssdeep 96:RutuCOGCPDXBqvsqvJCwo+utuCOGCPDXBqvsEHyqvJCworSP7Hwxf2lUVul:UtvXoxtvbHnorrxQ
Yara
  • Antivirus - Contains references to security software
  • Generic_Malware_Zero - Generic Malware
VirusTotal Search for analysis
Name dc130b4e51508fe8_tbtnds.dat
Submit file
Filepath C:\Users\test22\tbtnds.dat
Size 4.0KB
Processes 1020 (sysarddrvs.exe)
Type data
MD5 eee5858a682c4f16d61458e135d95853
SHA1 5512676bcc88f701107d5008a14483abf4bf7e34
SHA256 dc130b4e51508fe89b2c9d1f1a70867686c8d4f047e603c40e841ed12a320944
CRC32 730E760C
ssdeep 96:MM7PhXpOn2kEHkQutfzUoVx4xESTN5tXfzv160LX/26ivHB:MM7Pllk/2TV1Nj/2nvh
Yara None matched
VirusTotal Search for analysis
Name 1ad62a9896f6d167_158876794.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\158876794.exe
Size 21.5KB
Processes 1020 (sysarddrvs.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 7e4c3d61e4b69489be953d5066da19cf
SHA1 5620f984929996eff62a81df560f8abcef2a3653
SHA256 1ad62a9896f6d167b7a4e627808039b77a3ee7dadb1288b4bc03e2305254662e
CRC32 92E6B624
ssdeep 384:ANbmea1s9vIgBUUY4045dTxJj7pav8U9c+yweeeeeeeeWeeeee9MMp:L6GrA0edr5a0U1TeeeeeeeeWeeeee
Yara
  • Malicious_Library_Zero - Malicious_Library
  • Admin_Tool_IN_Zero - Admin Tool Sysinternals
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • UPX_Zero - UPX packed file
VirusTotal Search for analysis