popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name df822725545120d1_3007f[1].hta
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\3007f[1].hta
Size 20.6KB
Processes 2808 (mshta.exe)
Type HTML document, ASCII text, with very long lines
MD5 d7690e8539ac10edbe4099d361fb7cb5
SHA1 0df26021a3b98128ce5db21f4226bc5659e0f6d3
SHA256 df822725545120d197a5feaef16dbd3734fd5b309af756d5ed60ff5bb75c422d
CRC32 7BB30DDB
ssdeep 384:JxeybNYQfgumexCObRi0+LliKAbc+9nTi2jRdA646n442glEiEQa4015pHO:nbNtgumexCV0+Ll/Abc+9nTi2jRdAlCr
Yara None matched
VirusTotal Search for analysis
Name ace74890b732a42e_23.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\23.exe
Size 28.0KB
Processes 2948 (powershell.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 367009ea6fe948f4c0773f4cd1274a5f
SHA1 a6b7c4cf0f6875a8d62f30696bbeed4db98a6798
SHA256 ace74890b732a42e4d481744266121b1bca84a36c730dc563813e26f781a7512
CRC32 47AC6746
ssdeep 384:YwP/ceGdmYbLNqFWDyLzTvnMoCp57QcB/Po9LqHzH7v:YZedpZc+92Hzb
Yara
  • Admin_Tool_IN_Zero - Admin Tool Sysinternals
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • UPX_Zero - UPX packed file
VirusTotal Search for analysis
Name 122928a9e076b99d_a62b1888e79d2aaa.customdestinations-ms
Submit file
Filepath c:\users\test22\appdata\roaming\microsoft\windows\recent\customdestinations\a62b1888e79d2aaa.customdestinations-ms
Size 6.9KB
Processes 2672 (powershell.exe)
Type data
MD5 0911d958fe4c7038f22ed8a735522a62
SHA1 7c03cec42abce27f9e3ed8d5348d83168128d27d
SHA256 122928a9e076b99d9d4817356e3ff55e3c330d5f13ef30f44a06ef37650e97b0
CRC32 21DCDFCA
ssdeep 48:OsHlRH9pRhL2bcdJ9usHlRH9pRhL2bcEHydJ9obuM4b3+SogZolxwUQlUVul:1rHX+QfrHX+cEHGuj47HwxGlUVul
Yara None matched
VirusTotal Search for analysis
Name b7c225ef3cc3e875_d93f411851d7c929.customdestinations-ms
Submit file
Filepath c:\users\test22\appdata\roaming\microsoft\windows\recent\customdestinations\d93f411851d7c929.customdestinations-ms
Size 7.8KB
Processes 2948 (powershell.exe)
Type data
MD5 81ca4510272caf505e8091e9a28cb716
SHA1 71414aeec9f1e4a6f5a461b01700cc9cc992cd9e
SHA256 b7c225ef3cc3e87506150eb140e7b9cc127a3469c50a808854acac71a53d98bf
CRC32 FC31E90F
ssdeep 96:EtuCcBGCPDXBqvsqvJCwoRtuCcBGCPDXBqvsEHyqvJCwor/47HwxGlUVul:EtCgXoRtCgbHnorLxY
Yara
  • Antivirus - Contains references to security software
  • Generic_Malware_Zero - Generic Malware
VirusTotal Search for analysis