Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

Dropped Files | ZeroBOX

Name	9c715feef321ee70_RECORD Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI10202\cryptography-41.0.7.dist-info\RECORD
Size	14.8KB
Processes	1020 (miner_kill.exe)
Type	ASCII text, with CRLF line terminators
MD5	`5e9fe04d9b7c72a0ceab82279dc041a7`
SHA1	`55bd916f8aa7a96c4749f573224aedef19d19ad4`
SHA256	`9c715feef321ee70d54257485fae3461b5a848032b1a13cde408b68633dc2811`
CRC32	`25A56208`
ssdeep	`384:3XpaU/ZfaigianJN5/6T2UbycOx6uvnbLEG:3MUxfzhctJEG`
Yara	None matched
VirusTotal	Search for analysis

Name	c3964fc08e4ca8bc__rust.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI10202\cryptography\hazmat\bindings\_rust.pyd
Size	6.4MB
Processes	1020 (miner_kill.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`486085aac7bb246a173ceea0879230af`
SHA1	`ef1095843b2a9c6d8285c7d9e8e334a9ce812fae`
SHA256	`c3964fc08e4ca8bc193f131def6cc4b4724b18073aa0e12fed8b87c2e627dc83`
CRC32	`1EFB11DC`
ssdeep	`98304:EzN+T+xtLlk0PPMAiGoTzeDy3x8lGBlWi9Nk:E5Y6Jk0PPMtfTzp3x8c`
Yara	PE_Header_Zero - PE File Signature Malicious_Packer_Zero - Malicious Packer IsDLL - (no description) IsPE64 - (no description) UPX_Zero - UPX packed file Generic_Malware_Zero - Generic Malware OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	012866b68f458ec2_libcrypto-1_1.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI10202\libcrypto-1_1.dll
Size	3.2MB
Processes	1020 (miner_kill.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`bf83f8ad60cb9db462ce62c73208a30d`
SHA1	`f1bc7dbc1e5b00426a51878719196d78981674c4`
SHA256	`012866b68f458ec204b9bce067af8f4a488860774e7e17973c49e583b52b828d`
CRC32	`346F46EB`
ssdeep	`49152:Y4TKuk29SIU6i5fOjPWl+0rOh5PKToEGG9I+q4dNQbZQm9aGupuu9LoeiyPaRb84:YiV+CGQ4dtBMeiJRb8+1CPwDv3uFZjN`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	f845f90d0ccd1901_WHEEL Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI10202\cryptography-41.0.7.dist-info\WHEEL
Size	100.0B
Processes	1020 (miner_kill.exe)
Type	ASCII text
MD5	`4b432a99682de414b29a683a3546b69f`
SHA1	`f59c5016889ee5e9f62d09b22aefbc2211a56c93`
SHA256	`f845f90d0ccd190128c8bf7d43ed0fd3e0fe0976dfa9a7de9da01e89243f51f9`
CRC32	`3BF10555`
ssdeep	`3:RtEeX7MWcSlVlbY3KgP+tkKc/SKQLn:RtBMwlVCxWKxDQLn`
Yara	None matched
VirusTotal	Search for analysis

Name	63b81af5d3576473_select.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI10202\select.pyd
Size	26.1KB
Processes	1020 (miner_kill.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`6ae54d103866aad6f58e119d27552131`
SHA1	`bc53a92a7667fd922ce29e98dfcf5f08f798a3d2`
SHA256	`63b81af5d3576473c17ac929bea0add5bf8d7ea95c946caf66cbb9ad3f233a88`
CRC32	`C6999D54`
ssdeep	`768:6kYtqIDCNdwhBfAqXuqzz5H1IGqGbWDG4y4:6TnDCNCh93X7zzR1IGqG2y4`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	f7a00ba343d6f1ea__cffi_backend.cp38-win_amd64.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI10202\_cffi_backend.cp38-win_amd64.pyd
Size	177.0KB
Processes	1020 (miner_kill.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`77b5d28b725596b08d4393786d98bd27`
SHA1	`e3f00478de1d28bc7d2e9f0b552778be3e32d43b`
SHA256	`f7a00ba343d6f1ea8997d95b242fbbd70856ec2b98677d5f8b52921b8658369c`
CRC32	`9F0FAB2C`
ssdeep	`3072:8pixG4j9Sfl+l1wYz6GQXuyLe//qaVnTOk0Dxl4l5S7QkSTLkKzdsR8LXnfQ:8pOYfl41w8pSe/7nTw74btkSTLLzdsOL`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	9459d246df7a3c63__ctypes.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI10202\_ctypes.pyd
Size	120.6KB
Processes	1020 (miner_kill.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`f1e33a8f6f91c2ed93dc5049dd50d7b8`
SHA1	`23c583dc98aa3f6b8b108db5d90e65d3dd72e9b4`
SHA256	`9459d246df7a3c638776305cf3683946ba8db26a7de90df8b60e1be0b27e53c4`
CRC32	`CD37C62B`
ssdeep	`3072:qpG85kJGmH3c+5M333KvUPzeENGLf3Tz4ccUZw1IGVPE:qDSGT+5+KMPzyLf3TEcKu`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	0f84e9f0d0bf44d1_unicodedata.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI10202\unicodedata.pyd
Size	1.0MB
Processes	1020 (miner_kill.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`4c0d43f1a31e76255cb592bb616683e7`
SHA1	`0a9f3d77a6e064baebacacc780701117f09169ad`
SHA256	`0f84e9f0d0bf44d10527a9816fcab495e3d797b09e7bbd1e6bd666ceb4b6c1a8`
CRC32	`5669A82F`
ssdeep	`12288:EGe9qQOZ67191SnFRFotduNFBjCmN/XlyCAx9++bBlhJk93cgewrxEeBc0bB:EGe9GK4oYhCc/+9nbDhG2wrxc0bB`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	9442dc4682948567__lzma.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI10202\_lzma.pyd
Size	246.6KB
Processes	1020 (miner_kill.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`37057c92f50391d0751f2c1d7ad25b02`
SHA1	`a43c6835b11621663fa251da421be58d143d2afb`
SHA256	`9442dc46829485670a6ac0c02ef83c54b401f1570d1d5d1d85c19c1587487764`
CRC32	`8CA2A197`
ssdeep	`6144:bkHDwqjhhwYbOqQNEkT/4OQhJwAbHoqLNvka/gOFhUw6b4qCNxkV/3OdhAWwPbGE:bd7/IbtSKOt`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	36738e6971d2f20d_METADATA Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI10202\cryptography-41.0.7.dist-info\METADATA
Size	5.2KB
Processes	1020 (miner_kill.exe)
Type	ASCII text, with CRLF line terminators
MD5	`137d13f917d94c83137a0fa5ae12b467`
SHA1	`01e93402c225bf2a4ee59f9a06f8062cb5e4801e`
SHA256	`36738e6971d2f20db78433185a0ef7912a48544aa6ff7006505a7dc785158859`
CRC32	`7FF10F57`
ssdeep	`96:DxapqZink/QIHQIyzQIZQILuQIR8vtklGovxNx6sWwCvCCcTKvIrrg9BMM6VwDjz:sJnkoBs/sqLz8cTKvIrrUiM6VwDjyeWs`
Yara	None matched
VirusTotal	Search for analysis

Name	ceebae7b8927a322_INSTALLER Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI10202\cryptography-41.0.7.dist-info\INSTALLER
Size	4.0B
Processes	1020 (miner_kill.exe)
Type	ASCII text
MD5	`365c9bfeb7d89244f2ce01c1de44cb85`
SHA1	`d7a03141d5d6b1e88b6b59ef08b6681df212c599`
SHA256	`ceebae7b8927a3227e5303cf5e0f1f7b34bb542ad7250ac03fbcde36ec2f1508`
CRC32	`C2971FC7`
ssdeep	`3:Mn:M`
Yara	None matched
VirusTotal	Search for analysis

Name	1f908e12fba42af4_base_library.zip Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI10202\base_library.zip
Size	822.0KB
Processes	1020 (miner_kill.exe)
Type	Zip archive data, at least v2.0 to extract
MD5	`e187fce3f6d3f4ba450630147421a885`
SHA1	`18241f2097f7d53cfb6b118fae1f9cd31d169d07`
SHA256	`1f908e12fba42af4ad0ade6fa7f1dbc617afe7837271911056af266d895e596a`
CRC32	`EF633E16`
ssdeep	`24576:fhidp/tosQNRs54PK4IMEVw59bfCEA3TR32Q:fhidp/tosQNRs54PK4Ia96h`
Yara	zip_file_format - ZIP file format
VirusTotal	Search for analysis

Name	cf9d37fa81407afe_cacert.pem Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI10202\certifi\cacert.pem
Size	283.5KB
Processes	1020 (miner_kill.exe)
Type	ASCII text
MD5	`302b49c5f476c0ae35571430bb2e4aa0`
SHA1	`35a7837a3f1b960807bf46b1c95ec22792262846`
SHA256	`cf9d37fa81407afe11dcc0d70fe602561422aa2344708c324e4504db8c6c5748`
CRC32	`0C4B9BCA`
ssdeep	`6144:QW1H/M8fRR1jplkXURrVADwYCuCigT/Q5MSRqNb7d8iu5Np:QWN/TRJLWURrI55MWavdF0L`
Yara	None matched
VirusTotal	Search for analysis

Name	e3b0c44298fc1c14_py.typed Empty file or file not found
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI10202\certifi\py.typed
Size	0.0B
Type	empty
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
CRC32	`00000000`
ssdeep	`3::`
Yara	None matched
VirusTotal	Search for analysis

Name	aac73b3148f6d1d7_LICENSE.APACHE Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI10202\cryptography-41.0.7.dist-info\LICENSE.APACHE
Size	11.1KB
Processes	1020 (miner_kill.exe)
Type	ASCII text
MD5	`4e168cce331e5c827d4c2b68a6200e1b`
SHA1	`de33ead2bee64352544ce0aa9e410c0c44fdf7d9`
SHA256	`aac73b3148f6d1d7111dbca32099f68d26c644c6813ae1e4f05f6579aa2663fe`
CRC32	`A82B48BD`
ssdeep	`192:nUDG5KXSD9VYUKhu1JVF9hFGvV/QiGkS594drFjuHYx5dvTrLh3kTSEnQHbHR:UIvlKM1zJlFvmNz5VrlkTS0QHt`
Yara	None matched
VirusTotal	Search for analysis

Name	1ce7ba99e817c1c2_libssl-1_1.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI10202\libssl-1_1.dll
Size	670.0KB
Processes	1020 (miner_kill.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`fe1f3632af98e7b7a2799e3973ba03cf`
SHA1	`353c7382e2de3ccdd2a4911e9e158e7c78648496`
SHA256	`1ce7ba99e817c1c2d71bc88a1bdd6fcad82aa5c3e519b91ebd56c96f22e3543b`
CRC32	`3CFBE118`
ssdeep	`12288:3L6MSpHovlo4qL7a3ZV9CblMOoAXToRtrBZf3Fb85BO9K9pB3TLPDdOU2lvz8:wIAL7a3heSFZf2Pq63HJOU2lvz`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	4aa1bbde1621c49e__queue.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI10202\_queue.pyd
Size	27.6KB
Processes	1020 (miner_kill.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`44b72e0ad8d1e1ec3d8722088b48c3c5`
SHA1	`e0f41bf85978dd8f5abb0112c26322b72c0d7770`
SHA256	`4aa1bbde1621c49edab4376cf9a13c1aa00a9b0a9905d9640a2694ef92f77d5e`
CRC32	`BD0A7116`
ssdeep	`384:bp/aC60HGTPk/ltSA/6rCbCnA/cEXEz65D1IGqUrnYPLxDG4y8xxzzI:bH60HGw/b/6rCb9iKD1IGqUrWDG4yCI`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	587c4f3092b5f3e3__socket.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI10202\_socket.pyd
Size	77.1KB
Processes	1020 (miner_kill.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`d6bae4b430f349ab42553dc738699f0e`
SHA1	`7e5efc958e189c117eccef39ec16ebf00e7645a9`
SHA256	`587c4f3092b5f3e34f6b1e927ecc7127b3fe2f7fa84e8a3d0c41828583bd5cef`
CRC32	`133D7C2B`
ssdeep	`1536:KzMe79sDb+eGm08Vr5lcDAB9/s+7+pkaOz3CkNA9y1IGVwCyMPbi:de79u8/GFmAB9/se+pROz3jN1IGVw+Pm`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	3e0c7c091a948b82_LICENSE Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI10202\cryptography-41.0.7.dist-info\LICENSE
Size	197.0B
Processes	1020 (miner_kill.exe)
Type	ASCII text
MD5	`8c3617db4fb6fae01f1d253ab91511e4`
SHA1	`e442040c26cd76d1b946822caf29011a51f75d6d`
SHA256	`3e0c7c091a948b82533ba98fd7cbb40432d6f1a9acbf85f5922d2f99a93ae6bb`
CRC32	`E20CE982`
ssdeep	`3:hWDncJhByZmJgXPForADu1QjygQuaAJygT2d5GeWreLRuOFEXAYeBKmJozlMHuO:h9Co8FyQjkDYc5tWreLBF/pn2mH1`
Yara	None matched
VirusTotal	Search for analysis

Name	3692fc8e70e6e299__hashlib.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI10202\_hashlib.pyd
Size	44.6KB
Processes	1020 (miner_kill.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`a6448bc5e5da21a222de164823add45c`
SHA1	`6c26eb949d7eb97d19e42559b2e3713d7629f2f9`
SHA256	`3692fc8e70e6e29910032240080fc8109248ce9a996f0a70d69acf1542fca69a`
CRC32	`886107C3`
ssdeep	`768:8skeCps0iszzPFrGE/CBAdIPGV03ju774xxIGsIx7WDG4yw:81eCpLzDBZ+AdIPmYju7OxIGsIxWyw`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	eaeefa6722c45e48__ssl.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI10202\_ssl.pyd
Size	115.1KB
Processes	1020 (miner_kill.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`8ee827f2fe931163f078acdc97107b64`
SHA1	`149bb536f3492bc59bd7071a3da7d1f974860641`
SHA256	`eaeefa6722c45e486f48a67ba18b4abb3ff0c29e5b30c23445c29a4d0b1cd3e4`
CRC32	`1C0EA2FF`
ssdeep	`3072:x3xozhUCVgMUGSo5iY0nx2bsxSV3QilzQmxLZIG47HZ:p6zh72PGz0nxrmVG`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	c55821f5fdb0064c__bz2.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI10202\_bz2.pyd
Size	82.1KB
Processes	1020 (miner_kill.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`3dc8af67e6ee06af9eec52fe985a7633`
SHA1	`1451b8c598348a0c0e50afc0ec91513c46fe3af6`
SHA256	`c55821f5fdb0064c796b2c0b03b51971f073140bc210cbe6ed90387db2bed929`
CRC32	`58AC6183`
ssdeep	`1536:SSpo7/9ZwseNsUQJ8rbXis0WwOpcAE+8aoBnuRtApxbBVZIG4VJyI:SSW7lZws+bLwOpvEZa+uRWVVZIG4VF`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	8c1f7f64579d01fe_libffi-7.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI10202\libffi-7.dll
Size	32.0KB
Processes	1020 (miner_kill.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`4424baf6ed5340df85482fa82b857b03`
SHA1	`181b641bf21c810a486f855864cd4b8967c24c44`
SHA256	`8c1f7f64579d01fedfde07e0906b1f8e607c34d5e6424c87abe431a2322eba79`
CRC32	`9CAA678B`
ssdeep	`384:JYnlpDwZH1XYEMXvdQOsNFYzsQDELCvURDa7qscTHstU0NsICwHLZxXYPoBhT/A4:JYe0Vn5Q28J8qsqMttktuTSTWDG4yhRe`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	d96858e433f45917_python3.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI10202\python3.dll
Size	57.6KB
Processes	1020 (miner_kill.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`7acec875d5672e7aa148b8c40df9aa49`
SHA1	`96b8cfabe0cfa3df32995919ac77cfdeec26f1f2`
SHA256	`d96858e433f45917499dbf5e052e56f079ff9ae259fd3caa025c3b1daf852891`
CRC32	`587012E5`
ssdeep	`768:oS99q+0o22ByfbEap+VCBQ53gUiT5pLFdBk4/yFi1nuVwWBjChtFyrUdmd9RSxDD:79xiEAnUvdK1IGV0QyrI`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	28d693f929f62b8b_top_level.txt Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI10202\cryptography-41.0.7.dist-info\top_level.txt
Size	13.0B
Processes	1020 (miner_kill.exe)
Type	ASCII text
MD5	`e7274bd06ff93210298e7117d11ea631`
SHA1	`7132c9ec1fd99924d658cc672f3afe98afefab8a`
SHA256	`28d693f929f62b8bb135a11b7ba9987439f7a960cc969e32f8cb567c1ef79c97`
CRC32	`3CE4B7A0`
ssdeep	`3:cOv:Nv`
Yara	None matched
VirusTotal	Search for analysis

Name	a66444a08a8b9cea__psutil_windows.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI10202\psutil\_psutil_windows.pyd
Size	65.5KB
Processes	1020 (miner_kill.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`01f9d30dd889a3519e3ca93fe6efee70`
SHA1	`ebf55adbd8cd938c4c11d076203a3e54d995aeff`
SHA256	`a66444a08a8b9ceafa05daefeb32aa1e65c8009a3c480599f648fa52a20afb7d`
CRC32	`F7739BD2`
ssdeep	`1536:ZhseNxkc7Xva0Y420G1UD+dS4gBeLmRy:Z1kcbi0Y42bUD+dS4oeiRy`
Yara	PE_Header_Zero - PE File Signature Malicious_Packer_Zero - Malicious Packer IsDLL - (no description) IsPE64 - (no description) UPX_Zero - UPX packed file Generic_Malware_Zero - Generic Malware OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	bf5ff4603557c995_VCRUNTIME140.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI10202\VCRUNTIME140.dll
Size	87.6KB
Processes	1020 (miner_kill.exe)
Type	PE32+ executable (DLL) (console) x86-64, for MS Windows
MD5	`0e675d4a7a5b7ccd69013386793f68eb`
SHA1	`6e5821ddd8fea6681bda4448816f39984a33596b`
SHA256	`bf5ff4603557c9959acec995653d052d9054ad4826df967974efd2f377c723d1`
CRC32	`E7A4822C`
ssdeep	`1536:EFmmAQ77IPzHql9a2k+2v866Xc/0i+N1WtYil42TZiCvecbtjawN+o/J:EQmI+NnXertP42xvecbtjd+ox`
Yara	Malicious_Library_Zero - Malicious_Library Win32_Trojan_Gen_1_0904B0_Zero - Win32 Trojan Emotet PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	59ab345c565304f6_python38.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI10202\python38.dll
Size	4.0MB
Processes	1020 (miner_kill.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`d2a8a5e7380d5f4716016777818a32c5`
SHA1	`fb12f31d1d0758fe3e056875461186056121ed0c`
SHA256	`59ab345c565304f638effa7c0236f26041fd06e35041a75988e13995cd28ace9`
CRC32	`CC439FA5`
ssdeep	`49152:wV6CJES/Za2BaobNruDPYRQYK8JCNNtkAz+/Q46VqNo9NYxwCFIInKHJCMjntPNj:MxB/aDUQNtufeNFIKHoMjzkDU`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) anti_vm_detect - Possibly employs anti-virtualization techniques UPX_Zero - UPX packed file Generic_Malware_Zero - Generic Malware OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	602c4c7482de6479_LICENSE.BSD Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI10202\cryptography-41.0.7.dist-info\LICENSE.BSD
Size	1.5KB
Processes	1020 (miner_kill.exe)
Type	ASCII text
MD5	`5ae30ba4123bc4f2fa49aa0b0dce887b`
SHA1	`ea5b412c09f3b29ba1d81a61b878c5c16ffe69d8`
SHA256	`602c4c7482de6479dd2e9793cda275e5e63d773dacd1eca689232ab7008fb4fb`
CRC32	`692B704D`
ssdeep	`24:MjUnoorbOFFTJJyRrYFTjzMbmqEvBTP4m96432s4EOkUTKQROJ32s3yxsITf+3tY:MkOFJSrYJsaN5P406432svv32s3EsIqm`
Yara	None matched
VirusTotal	Search for analysis