popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 5baf313e59baf828_mswin.db
Submit file
Filepath C:\ProgramData\Microsoft\Windows\MSWin.db
Size 3.1MB
Processes 2396 (rundll32.exe) 2376 (rundll32.exe)
Type data
MD5 f1968f50f5d16b85df731f1f1467a19a
SHA1 b16748574619cd6e086bb574dc96297c47aa7ff9
SHA256 5baf313e59baf828363634e123dff9c2f5bca9d875335ebb26bff829e917ed17
CRC32 A937DD14
ssdeep 49152:ai5GN3ZzouSMv58tAcjKq5Si5fsURornsJGnPTV7bdAHyiiJMZDfdMjPdoDb:afZzoU5Kjj5zfsKOs8PJbdAYmDFyoDb
Yara None matched
VirusTotal Search for analysis
Name fdeb107f945ee40e_msort.dll
Submit file
Filepath C:\ProgramData\Microsoft\Windows\msort.dll
Size 145.5KB
Processes 2396 (rundll32.exe)
Type PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5 adcf6d87e1d8fd9d5c0293cb070b2277
SHA1 9ad8194c0a4b8a613ccf470a369775b2d30c9edf
SHA256 fdeb107f945ee40e258be5a69a8dc7b1c6be190c7efea20f5a13c059a01c3f87
CRC32 EC9ED5AC
ssdeep 3072:VTKPECC2Oik7G0a3Ro9jp1El41TWrJ9Xf9qeh5XATvzAdnGdbW:G3/tgj/1mu
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • Malicious_Packer_Zero - Malicious Packer
  • IsDLL - (no description)
  • IsPE64 - (no description)
  • UPX_Zero - UPX packed file
  • Generic_Malware_Zero - Generic Malware
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name fa0f64b8c989cdd6_s1.s
Submit file
Filepath C:\ProgramData\Microsoft\Windows\s1.s
Size 24.0B
Processes 2396 (rundll32.exe) 2376 (rundll32.exe)
Type data
MD5 c8824a32eec9cf075620bfbe39293705
SHA1 c9242475846dddf1a7a24dc25e4b6eb3437fd192
SHA256 fa0f64b8c989cdd68497011f7a4f5d1a6968f1798b6abf25d356928efd72e888
CRC32 5F2BDA11
ssdeep 3:Nl5/Bd1n:3
Yara None matched
VirusTotal Search for analysis
Name 9ffddf4ad1717b28_0029.bat
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\0029.bat
Size 77.0B
Processes 2396 (rundll32.exe) 2376 (rundll32.exe)
Type ASCII text, with no line terminators
MD5 2e73de0d6ad4d188cbf2c5084e999d7b
SHA1 3c045c0623e321c54829afd15cbc4f0a33072262
SHA256 9ffddf4ad1717b287d696e99d325238b15b8bbaba30c98de957316b67284cbc7
CRC32 71F713C9
ssdeep 3:VSJJFkBBVIceGAFddGeWLCXGRdZkRErG+fyM1Kd:sQdeGgdEYlaH1q
Yara None matched
VirusTotal Search for analysis