Dropped Burrfers | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
09.20 01:09
setup.exe
09.20 11:09
3uTools.exe
09.20 11:09
66ecb4573225b_vsbhfdg1...
09.20 10:09
66ecb452ba19c_sfbdsgfd...
09.20 10:09
66ecb44c35444_vfdhsgdf...
09.20 10:09
66ec0e61998bf_setup30.exe
09.20 10:09
66ebf725efe38_lyla.exe
09.20 10:09
Desktop_Explorer.exe
09.20 10:09
66ec3528901bb_winupdat...
09.20 10:09
Inquiry-Dubai.js

Latest News
09.21 01:09
Hackaday Podcast Episo...
09.21 01:09
The Russian Bot Army T...
09.21 01:09
Australia’s Labor Part...
09.21 12:09
Inviting the Public to...
09.21 12:09
How Ransomhub Ransomwa...
09.21 12:09
Middle East backdoored...
09.21 12:09
Updated CISA exploited...
09.21 12:09
Several orgs purported...
09.21 12:09
New CISA guidance seek...
09.21 12:09
Lumma Stealer deployed...

Dropped Burrfers | ZeroBOX

Name	9eac6f3f3ddab1c68453cd9799b65d8ae507b0d2
Size	378.0KB
Type	PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
MD5	`20fc412f3595c78a3f7a32a152d7e8d5`
SHA1	`9eac6f3f3ddab1c68453cd9799b65d8ae507b0d2`
SHA256	`34fd62cb4564bc30c71236c8be957b61f60f52431f28ecd90c839b8ade46c71c`
CRC32	`C51F0F13`
ssdeep	`6144:YroBDqHIhvsQgla9DSOvBZDOchQNo5W/BHj0R1qqDX37WGt:Yro0o1hIE2W8No5x4qF`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature Is_DotNET_EXE - (no description) IsPE32 - (no description) RedLine_Stealer_b_Zero - RedLine stealer Win32_Trojan_PWS_Net_1_Zero - Win32 Trojan PWS .NET Azorult
VirusTotal	Search for analysis

Name	e54ae667b424a1c74e5027271182905cd7962cd5
Size	350.5KB
Type	data
MD5	`113b064ad315d0433c60117f8b551de7`
SHA1	`e54ae667b424a1c74e5027271182905cd7962cd5`
SHA256	`1ad1243c7b2dd50fef3db02bf1d4b271988b01cdaa2421271294b8fc5107c978`
CRC32	`92EA8112`
ssdeep	`6144:ZroBDqHIhvsQgla9DSOvBZDOchQNo5W/BHj0R1qqDX:Zro0o1hIE2W8No5x4q`
Yara	Malicious_Library_Zero - Malicious_Library RedLine_Stealer_b_Zero - RedLine stealer
VirusTotal	Search for analysis

Name	bb7417519af9dba4d20a3f1a9561cda489801a32
Size	26.5KB
Type	data
MD5	`7153f23ccfdc5b2a4c5b88507cbcd1a8`
SHA1	`bb7417519af9dba4d20a3f1a9561cda489801a32`
SHA256	`978a29bcafe805a6c73ce83da3a21329d3ba14182f5c69ff8961814a0d40f439`
CRC32	`EBD4F4EB`
ssdeep	`384:x5R+U5RXVyDm6P2emCm5R19ebjwej2Q7VHENE2K8W:x5R+U5RE7ueDm5R1Ibjw02Q2Ndr`
Yara	None matched
VirusTotal	Search for analysis

Name	496453b90921b2f466df5740285cb4eb6ebe5186
Size	102.0KB
Type	PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
MD5	`367863025d5f685f57a96c36eb66f380`
SHA1	`496453b90921b2f466df5740285cb4eb6ebe5186`
SHA256	`85d41135e1aaa22ba7f3b369fbddc0f77117f2a2680b666396bb606781f435dd`
CRC32	`E4C86190`
ssdeep	`1536:h3+jQ5wRQijrmxmN2sAHeZREtO+9sh3eJG53G73mxdvdqTlU4:lwSyrDssA+/EY6232GhNvMW4`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE32 - (no description) Is_DotNET_DLL - (no description)
VirusTotal	Search for analysis

Name	21cc8cddf2597b58c5a57982a1ac7620b45fa030
Size	1.6MB
Type	PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
MD5	`3aea9f9e344232891b1a3b1253edb193`
SHA1	`21cc8cddf2597b58c5a57982a1ac7620b45fa030`
SHA256	`ce9e79cd84031338da3e02ec127104fa58efacd4564e0d9d547230dde9082a0e`
CRC32	`96207F09`
ssdeep	`24576:iX9t7VkNbjhf65VXmWoHhRM1TlHx8SOcUQdhASax:k5UV65VXGHhyt52SOcBySax`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE32 - (no description) Is_DotNET_DLL - (no description)
VirusTotal	Search for analysis