popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 5f0770aa02957201_drsx.zip
Submit file
Filepath C:\Windows\Temp\drsx.zip
Size 769.3KB
Processes 2548 (jf.exe)
Type Zip archive data, at least v2.0 to extract
MD5 db72ca7bef049a385cba09b5365566a7
SHA1 960a64c9ffcedf409b850aebc63f0636860954a1
SHA256 5f0770aa0295720168f2168c12617c191fb359dd43e609daad313577fe2754f7
CRC32 7F5F048B
ssdeep 12288:LGxq5oDJyOKairACyBFwc9ArNMHH9X8io1ljFXqWtgel8v1q9evydHxsGmo+LNuk:qxqqlydrAnBZH98ljxaq9kgxsj78A5
Yara
  • zip_file_format - ZIP file format
VirusTotal Search for analysis
Name 39ec7773c7d1a868_hl.bat
Submit file
Filepath C:\Windows\Temp\drsx\hl.bat
Size 321.0B
Processes 2548 (jf.exe) 2660 (cmd.exe)
Type ASCII text, with CRLF line terminators
MD5 4fc34af646a18eb1a3e2a1a965f076ae
SHA1 a35fa4e4b570210b57ff12446400a0c4e8e2be07
SHA256 39ec7773c7d1a868679137b6947215fff5c4f4b0459781129a3444dc2cb7598e
CRC32 F535F251
ssdeep 6:C2RF426a3Rn26a7jayQGujWhDfU3yt5I3iLsFprt0cRrM26arik+L:zm26ahn26a7jnuqhDG4Vwt5o26a+Z
Yara None matched
VirusTotal Search for analysis
Name a567b24df3d3fde5_svchosi.exe
Submit file
Filepath C:\Windows\Temp\drsx\svchosi.exe
Size 222.0KB
Processes 2548 (jf.exe) 2464 (cmd.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 920af224bbbb5cd4afb8746d39d00dc5
SHA1 89acddc4c42f246f902e41f931ed8d3ee55f2252
SHA256 a567b24df3d3fde51ad12dd0bc67a7afb72694f3aac329fa8aa6b4a3339581ab
CRC32 1E90DB4F
ssdeep 6144:sPiMn0LnVmoCBWxxUCbHoY59XKhbkUTBA5QD9WQxik:sPvn8VoBAUCbIVhwUTi5eWGik
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • UPX_Zero - UPX packed file
  • Generic_Malware_Zero - Generic Malware
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name 29405b4becb37ed6_svchosl.exe
Submit file
Filepath C:\Windows\Temp\drsx\svchosl.exe
Size 7.0KB
Processes 2548 (jf.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 792fd63b00ed2252d8c47dfbae7f9833
SHA1 898dbbab100c81c024e41b3781db9f9f226dff58
SHA256 29405b4becb37ed6d78e27a04893bf4e59a48b31002b8eb044a13126a649d004
CRC32 76B5F25F
ssdeep 96:30lHfIZGdup8JJRLtu7RBYRE9g+eRihiuf3X3X3ff33Pf33Pf33P/vHf33Pf3YWw:309IzqJRA7RB9ghu5nnnnnnwWw
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • Generic_Malware_Zero - Generic Malware
VirusTotal Search for analysis
Name a11278d55dff28d1_svchoxb.exe
Submit file
Filepath C:\Windows\Temp\drsx\svchoxb.exe
Size 1.0MB
Processes 2548 (jf.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 50a8b3cadc02d0d01a5a83936d561a47
SHA1 c5dec54350b27508bece74e743fba4895b0a3601
SHA256 a11278d55dff28d150c595d91bba7ea08bff2f77060abee2b8fc13f638d8fe83
CRC32 193B4AC1
ssdeep 24576:zuQo/4A59ZxgCKCryuT+aNK7rtlWlUxjsEPN8T1t:z8hKYyla2/AUdXPN8T1t
Yara
  • ConfuserEx_Zero - Confuser .NET
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • Malicious_Packer_Zero - Malicious Packer
  • CoinMiner_IN - CoinMiner
  • IsPE32 - (no description)
  • UPX_Zero - UPX packed file
  • Generic_Malware_Zero - Generic Malware
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name eafd78b44daf0dde_sf.dll
Submit file
Filepath C:\Windows\Temp\drsx\sf.dll
Size 230.0KB
Processes 2548 (jf.exe)
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 6909390e8375ce2f787dcaf82e8096f0
SHA1 112afefbaf1d86b84d5f1f0fb133549a00ed56d4
SHA256 eafd78b44daf0dde0d73e4cbb4c7b73ab693ae31e55f141cbe2f0b958e7578d1
CRC32 D7CDB388
ssdeep 6144:FE+MndlWM9ZpwOX0z9MXxasulxu00QTB6rSJbjWsHl:FCnbD9Zpt0z9xl50QTYrkX1Hl
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • Malicious_Packer_Zero - Malicious Packer
  • IsDLL - (no description)
  • anti_vm_detect - Possibly employs anti-virtualization techniques
  • IsPE32 - (no description)
  • UPX_Zero - UPX packed file
  • Generic_Malware_Zero - Generic Malware
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis