Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

Dropped Files | ZeroBOX

Name	98e4f904f7de1644_autoit3.exe Submit file
Filepath	C:\ProgramData\wvtynvwe\AutoIt3.exe
Size	925.1KB
Processes	184 (Rage.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`0adb9b817f1df7807576c2d7068dd931`
SHA1	`4a1b94a9a5113106f40cd8ea724703734d15f118`
SHA256	`98e4f904f7de1644e519d09371b8afcbbf40ff3bd56d76ce4df48479a4ab884b`
CRC32	`879B4719`
ssdeep	`24576:fYgAon+KfqNbXD2XJ2PH1ddATgs/u2kaCB+l:f37+KSbq5e1diEnHaCK`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsPE32 - (no description) UPX_Zero - UPX packed file Generic_Malware_Zero - Generic Malware OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	0d65174f3d8e4d8b_werviuybe.erv Submit file
Filepath	C:\ProgramData\wvtynvwe\werviuybe.erv
Size	607.5KB
Processes	184 (Rage.exe)
Type	data
MD5	`160f088e0c2cfc575144baf3c6490757`
SHA1	`ba3b72efa7ac73bc530b512103fc4f35b78b5d9d`
SHA256	`0d65174f3d8e4d8bc12fad4110930c1eb4e711285366cb68a703684b0325d5e3`
CRC32	`FC488EBE`
ssdeep	`12288:DchkQgw6LFW6dEfmeW7ixERPvLYP7hNaWTZmarRsR4o60h/fKJmk8SP8:4hyblaf2iivi3a4c49yYP8`
Yara	None matched
VirusTotal	Search for analysis

Name	49eb3055447db8ce_clxs.a3x Submit file
Filepath	C:\ProgramData\wvtynvwe\clxs.a3x
Size	245.0KB
Processes	184 (Rage.exe)
Type	data
MD5	`0f310d0dd203531155edb3816d108f7b`
SHA1	`5bb3eed68d98fe1d6b58593a9f94dd836910141b`
SHA256	`49eb3055447db8ce038e572ff2a8b48234e14590064efb9857bbf4779bccbcc0`
CRC32	`22FFD68D`
ssdeep	`6144:ZJF8chnNsqla1cCrZlnrfH59NHE28pqRXoYWHnTfE:7FfhnNq19ND7HE28sWdno`
Yara	None matched
VirusTotal	Search for analysis

Name	e3b0c44298fc1c14_nsnC2ED.tmp Empty file or file not found
Filepath	C:\Users\test22\AppData\Local\Temp\nsnC2ED.tmp
Size	0.0B
Type	empty
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
CRC32	`00000000`
ssdeep	`3::`
Yara	None matched
VirusTotal	Search for analysis

Name	153f2d0e2960ca4d_wercejx.a3x Submit file
Filepath	C:\ProgramData\wvtynvwe\wercejx.a3x
Size	810.0B
Processes	184 (Rage.exe)
Type	data
MD5	`d05b9a6c0174ad4c6a05720c2d44501b`
SHA1	`cabe5cd3bd6eeca163d4c95c43ce5026ba277753`
SHA256	`153f2d0e2960ca4d2308a6ec33df33c5f05acfa1d99445c75b9ae14539db2232`
CRC32	`B99311DC`
ssdeep	`24:MydjnKgYFhOZsLyFze7F9PxLsPtTuPagzj:MydzZGycDq5uyg`
Yara	None matched
VirusTotal	Search for analysis

Name	268ade4ed11213fa_435687634234262.exe Submit file
Filepath	C:\ProgramData\435687634234262.exe
Size	607.5KB
Processes	2104 (AutoIt3.exe)
Type	data
MD5	`dbf76f233efeb642bdf11a19274f1024`
SHA1	`de7704f63f2d59545348665a81cf8c04dce3b5e4`
SHA256	`268ade4ed11213fafad41161a2a3465972269ef1132095e798fe1e59ff15054c`
CRC32	`EBE41FEE`
ssdeep	`12288:VmDWsllXiXi1W6/qvdYO0q2OIaFdI0bYkqmYdGGWQYt:VmVlXiAO+nOIaHYdGac`
Yara	None matched
VirusTotal	Search for analysis