popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 9e6e4772050998a5_readme.txt
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\_Files_\readme.txt
Size 10.0B
Type ASCII text, with no line terminators
MD5 eb6b6c90251ab33cee784713c451e6d8
SHA1 451685e9efac4a6dc1fee73ec53ffb6b2c4c38b5
SHA256 9e6e4772050998a5c0dc3c61acf3dab0a7e594566171fa5746d6b62f9598efb6
CRC32 22598B08
ssdeep 3:IS:7
Yara None matched
VirusTotal Search for analysis
Name 4fb4496aead93bba_cred64.dll
Submit file
Filepath C:\Users\test22\AppData\Roaming\110809d565579c\cred64.dll
Size 1.2MB
Processes 2184 (Utsysc.exe)
Type PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5 c7612ef960097ff466e641c7fe0cd5d3
SHA1 06849181c7ed4a8b44440f66583e6d1c11308916
SHA256 4fb4496aead93bba8589248a89030c9ba1fb033aa505d8a14295b7ae511e2486
CRC32 47599B4D
ssdeep 24576:axYTyT6AMgQZvBHa726ZwccIIF1cV6n6zyYqOFzd6:fAMgQ7672swJIR06wb
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
  • IsPE64 - (no description)
  • UPX_Zero - UPX packed file
  • Generic_Malware_Zero - Generic Malware
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name 8813a622ec135335_clip64.dll
Submit file
Filepath C:\Users\test22\AppData\Roaming\110809d565579c\clip64.dll
Size 102.0KB
Processes 2184 (Utsysc.exe)
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 83a532c46261758c3d74cc11fc0f20ef
SHA1 eb3827d8cdf46f80241eac73da136a5d72b5d301
SHA256 8813a622ec13533542655e87e56d5746332d3df3dcdb6c2a993a8d2b21e2583d
CRC32 3CF9F86E
ssdeep 3072:sYHZ5o8D+sjrW2sosmrtuQRYKr77BUQYW0Z:scDoBkPsituQR5uW0Z
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
  • Win_Amadey_Zero - Amadey bot
  • IsPE32 - (no description)
  • UPX_Zero - UPX packed file
  • Generic_Malware_Zero - Generic Malware
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name 6338b823d5172f03_utsysc.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\466504e025\Utsysc.exe
Size 260.0KB
Processes 1044 (amadey.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 107c3b33e05d1d569cccc2052e56055e
SHA1 e843ffcb2d67ec5778a66abce8ee3d162831dd90
SHA256 6338b823d5172f0321814534c1d7aff08a60132c62de48c2752c2c7dfc191228
CRC32 B09810CA
ssdeep 6144:og7RU92ushCQjrnlNTnbWRp1MHuqbMlAOxyYizl7:mTshCQjrnlluMHuqberyT7
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • Malicious_Packer_Zero - Malicious Packer
  • IsPE32 - (no description)
  • UPX_Zero - UPX packed file
  • Generic_Malware_Zero - Generic Malware
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name e86353197a153163_832866432405
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\832866432405
Size 85.0KB
Processes 2184 (Utsysc.exe)
Type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1024x768, frames 3
MD5 d6b01952a7c14fa7d0b9a657d8956658
SHA1 93ee79644c81aa00d74386cf911b8baa01b2dd6a
SHA256 e86353197a15316384f34d14e171264722cdd7a9f7c70aed4292ac29565c02e3
CRC32 D24099BC
ssdeep 1536:08qQRlKOtginlqeQf4gq7W9r8Wa8+3vMqHILIIsw/jUrBt5mw:NRlk8lqjQg/N8WA0qoLhd/jUFt5p
Yara
  • JPEG_Format_Zero - JPEG Format
VirusTotal Search for analysis