popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 349fc35e55f320d3_lebuildacrypt.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\LeBuildACrypt.exe
Size 3.1MB
Processes 2904 (LeBuildACrypt.sfx.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 15328395fe79efaf44ba4b2bb5a575b6
SHA1 c471f904eb08ce454b79b7edc447bb9050e32d67
SHA256 349fc35e55f320d320e7c8ff859eded274a0ce0dc4d9119d261d0acbfb119d4d
CRC32 EF198D17
ssdeep 49152:+vkt62XlaSFNWPjljiFa2RoUYIdjRJ6vbR3LoGd8THHB72eh2NT:+v462XlaSFNWPjljiFXRoUYIdjRJ6B
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • Is_DotNET_EXE - (no description)
  • IsPE32 - (no description)
  • Win32_Trojan_PWS_Net_1_Zero - Win32 Trojan PWS .NET Azorult
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name 6654861c57e73539_start.vbs
Submit file
Filepath C:\Users\test22\AppData\Roaming\start.vbs
Size 776.0B
Processes 2556 (NamzScript.exe)
Type ASCII text, with CRLF line terminators
MD5 10ae00ecb3729e03bd0389c11e72b216
SHA1 ea72c5605698a092d43006d7d112c8e3673df9de
SHA256 6654861c57e73539fc7e4905bfe9b87fef72f116787614e0de7d7ba766ca8336
CRC32 B6F451D9
ssdeep 24:uhZcmeAqaAwAahe0uxZwuwMuHwlrdKGXJAzqreE7:uhZgmf0RPxJdz22
Yara None matched
VirusTotal Search for analysis
Name e3b0c44298fc1c14___tmp_rar_sfx_access_check_15663703
Empty file or file not found
Filepath C:\Users\test22\AppData\Roaming\__tmp_rar_sfx_access_check_15663703
Size 0.0B
Type empty
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
CRC32 00000000
ssdeep 3::
Yara None matched
VirusTotal Search for analysis
Name dfd10e96c229c380_lebuildacrypt.sfx.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\LeBuildACrypt.sfx.exe
Size 1.4MB
Processes 2556 (NamzScript.exe)
Type PE32+ executable (GUI) x86-64, for MS Windows
MD5 a5b3ad0813e227ab86523c052020d63d
SHA1 8d14cd27bfe4f954d2e0500d9e00ab7f68534ecc
SHA256 dfd10e96c229c3803f50343a586b8fcc04f1f53e336864ed9774f003b069315c
CRC32 95CB92B4
ssdeep 24576:xuDXTIGaPhEYzUzA0/0Ei5Sk05dEB1hmlv2Zj6hDI5PNWqwQWi9eT/SkhRljr3:kDjlabwz9va4Q1gOZGxIVIQBe7xr3
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsPE64 - (no description)
  • UPX_Zero - UPX packed file
  • Generic_Malware_Zero - Generic Malware
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis