popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 677f393462e24fb6_firstz.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\1000004001\FirstZ.exe
Size 2.5MB
Processes 2680 (Hkbsse.exe)
Type PE32+ executable (GUI) x86-64, for MS Windows
MD5 ffada57f998ed6a72b6ba2f072d2690a
SHA1 6857b5f0c40a1cdb0411eb34aa9fe5029bcdb84f
SHA256 677f393462e24fb6dba1a47b39e674f485450f91deee6076ccbad9fd5e05bd12
CRC32 75A335F8
ssdeep 49152:UjBP3/qGrdNJ8VZFhY++Yk/4aLq8wH7mm6qJsSRRjyl:aBPvfrAZF28k/RLbwH7mvcRRjy
Yara
  • PE_Header_Zero - PE File Signature
  • IsPE64 - (no description)
VirusTotal Search for analysis
Name 3acc0b21db1f774d_hkbsse.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\0ae19c9b3d\Hkbsse.exe
Size 416.0KB
Processes 2552 (newalp.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 6093bb59e7707afe20ca2d9b80327b49
SHA1 fd599fa9d5ef5c980a445fc6c19efd1fcb80f2bc
SHA256 3acc0b21db1f774d15a1f1d8080aff0b8f83eefb70c5c673f1c6ed7b676cd6d3
CRC32 D3DAB0C0
ssdeep 12288:5HF6/qNlNVOOLNke4CcabJBP5u2uP/QpGdz1LoI:k0lNVOWNdpbLcQpsVoI
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • Malicious_Packer_Zero - Malicious Packer
  • IsPE32 - (no description)
  • UPX_Zero - UPX packed file
  • Generic_Malware_Zero - Generic Malware
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name 3f6aba2f8a83d640_hkbsse.job
Submit file
Filepath C:\Windows\Tasks\Hkbsse.job
Size 270.0B
Processes 2552 (newalp.exe)
Type VAX-order 68k Blit mpx/mux executable
MD5 fe78d0577ed22cdecc1aa8792a9dbd7c
SHA1 2bd436318ab2462d564dda05e04529948d434759
SHA256 3f6aba2f8a83d640faf40418fd96889a770a5cb62758c673b1c064640407f632
CRC32 856CC51C
ssdeep 6:8HtJgZNXE/E/UEZ+lX1JHly9qetI4y0lp/kct0:WUkE/Q1JFZ4Vict0
Yara None matched
VirusTotal Search for analysis
Name 2c7ea24e3cc74aea_setup2.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\1000002001\setup2.exe
Size 418.0KB
Processes 2680 (Hkbsse.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 1c955f7bc0ed7a361d1c6a37b8627e5c
SHA1 48dc87be53e2e5e73e7aa8cc2372d7c37ed43e98
SHA256 2c7ea24e3cc74aea1241ec7287a97ad12281b1180a0bc946584434e76791f4a3
CRC32 BCA62656
ssdeep 6144:pub8kg9jguz+SH3g2IZZP+ggcW2OdOs0vG0oCoYFEHIT:pub3cjguCSQFPC2IavE4
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • UPX_Zero - UPX packed file
  • Generic_Malware_Zero - Generic Malware
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis