popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name be9862ad765af7e7_66b382f122c02_stk.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\66b382f122c02_stk.exe
Size 6.5MB
Type MS-DOS executable, MZ for MS-DOS
MD5 f2908c73543719738bea99c02fdafe00
SHA1 2fc8790129fa21cb76642cbd7ab04fc1783e911b
SHA256 be9862ad765af7e71a322549640747a6952c4e8bc18b6568c4781df33f0bbfd6
CRC32 EF4D266A
ssdeep 196608:HSpxdHp8lQbLfamxV06mpg2fsT0A0F+kuwN9:4HamxVBmpdfsT0q4
Yara
  • PE_Header_Zero - PE File Signature
  • MPRESS_Zero - MPRESS packed file
  • IsPE32 - (no description)
VirusTotal Search for analysis
Name ec5cf1ac26c3b937_todelete
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\twekgmwoe\todelete
Size 82.0B
Processes 1572 (66b382f122c02_stk.exe)
Type ASCII text, with no line terminators
MD5 45e1e70c4797c586bfdfd5d4b165173e
SHA1 e09c0703563f3c4b07e856f5d3fe1dec51691590
SHA256 ec5cf1ac26c3b937795c0432f18f540d81866101b5c061abf0c7caa6abed1372
CRC32 3C2FBC13
ssdeep 3:4o55jAX+PzRXp+ViEkD5xAkpk6FAADp/4n:4sDbRXp+NkDv5ael/4n
Yara None matched
VirusTotal Search for analysis
Name 2fa884e971ebe7ce_powerexpertnnt.lnk
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerExpertNNT.lnk
Size 1.1KB
Processes 1572 (66b382f122c02_stk.exe)
Type MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Archive, ctime=Sat Aug 10 20:21:44 2024, mtime=Sat Aug 10 20:21:44 2024, atime=Mon Sep 26 19:57:22 2022, length=6845440, window=hide
MD5 7427ceb72a8e9ab86dc646ac9356fd7d
SHA1 6825bbe86c894cb222dcef69c7e3f2905ab56ef7
SHA256 2fa884e971ebe7ce6a0131420bb06606211d9be5c35096d00ac5fd764eb9ebb0
CRC32 3F5DDE8D
ssdeep 24:8bsERdeREhpbHOT9NH5zNRnmVi4Hes6PyR:8bsBREhpCT9rpRV9yR
Yara
  • lnk_file_format - Microsoft Windows Shortcut File Format
  • Lnk_Format_Zero - LNK Format
VirusTotal Search for analysis
Name e9b46bc46e9bec06_powerexpertnnt.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\PowerExpertNNT\PowerExpertNNT.exe
Size 6.2MB
Processes 1572 (66b382f122c02_stk.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 dc074ad153c3355dcf323db77863b404
SHA1 ae3cd6238550adca3a2809a302d536dce90957fa
SHA256 e9b46bc46e9bec0632d4e5311e5f79329ddba93416479bd9a2b9d57f13e7c898
CRC32 4006D317
ssdeep 98304:ssRWMlKfFfdLLuA6quwceROHDNfjZa+SVlzVORsb98+L4Ow9fFrSfGk:ssRWMsWAe/eROH5A+S3Qs/Lm99rSe
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • UPX_Zero - UPX packed file
  • Generic_Malware_Zero - Generic Malware
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name 26010b360952e8b9_slrmrjyhe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\twekgmwoe\slrmrjyhe
Size 79.0B
Processes 2344 (66b382f122c02_stk.exe)
Type data
MD5 ee211b8bdef12d45e521a86c4b6f4490
SHA1 e0aadf1d6cb0fffa6221124c205f9377d5ef1174
SHA256 26010b360952e8b95734cc815f9bb4dfe16e5f729c98a29966a3428421b2f55a
CRC32 930D7AB8
ssdeep 3:7OoQGlhYpyuc8vYoQGlzVguhn:rQoEnQoZx
Yara None matched
VirusTotal Search for analysis