popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name b80fd59d1e1921f8_wallet.hhc
Submit file
Filepath C:\ProgramData\chm\wallet.hhc
Size 605.0B
Processes 2908 (hh.exe)
Type HTML document, ISO-8859 text, with CRLF line terminators
MD5 000c37fbeab3a21f91c9674c695ad799
SHA1 ee296a7e81d357cd7ae1cf91121ad0cee12b1202
SHA256 b80fd59d1e1921f884e63c2c9a3b04b3aa23a990bcfe85a2d18b95cad2be3c0f
CRC32 CCF09EE7
ssdeep 12:J04pcKd0Mo1b97QSZSd6RZFVBWFV0oYlylYlkPHPhSZA4RC2QbUh:XPQ7bkvXPvpy
Yara None matched
VirusTotal Search for analysis
Name 6eec926e1e70542a_cloud.exe
Submit file
Filepath C:\ProgramData\chm\src\cloud.exe
Size 973.6KB
Processes 2908 (hh.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 27a074cd4f7908bbc73efd5262351449
SHA1 d38bb4aa05392cab9db0576a91b1c70c165a9e20
SHA256 6eec926e1e70542a355a8be392a4d948610adcce4faa7484e551d4cea5f8f0b1
CRC32 7DCF7C9E
ssdeep 24576:thHQR/5alj3DSudvGM3MXTVhtSQWGtxVR/Db:thHQV5oBdqTDtSQWGtfVDb
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • Win32_Trojan_Gen_1_0904B0_Zero - Win32 Trojan Emotet
  • IsPE32 - (no description)
  • Generic_Malware_Zero - Generic Malware
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name f691f268a219b497_wallet.hhk
Submit file
Filepath C:\ProgramData\chm\wallet.hhk
Size 285.0B
Processes 2908 (hh.exe)
Type HTML document, ASCII text, with CRLF line terminators
MD5 d19276ff4440e4d83773681a0f1186fb
SHA1 ba413d7285bdf92f4d50cfb9ac53b52eb4e9d0ca
SHA256 f691f268a219b497893f9c99d7feb9f89a28562f29cc8db282dc7c1d847189b2
CRC32 CD02BEFD
ssdeep 6:pn08lEo8McKlv00VShF1b97+vXRWHZSvxHcqcCb4d52uUxb:J04pcKd0Mo1b97QSZSvzc4IxUh
Yara None matched
VirusTotal Search for analysis
Name 9dc91d2305216d6c_page_1.html
Submit file
Filepath C:\ProgramData\chm\page_1.html
Size 44.1KB
Processes 2908 (hh.exe)
Type HTML document, ISO-8859 text, with very long lines
MD5 d67e61d28b8f29756a56c3ff1b28423c
SHA1 1c14a290c6f7e258b365d32636b249bde2138cd7
SHA256 9dc91d2305216d6cd4e2edd9156c58dc3e0e59197851659550befa486c13a905
CRC32 462F51A0
ssdeep 768:rNevoIKvu6Td/G0+LLJydFSOFcEcJ9OtA5zhEZ6Ka9x85PsF++ND:MiZM9IFSKsXOu5z+Z6pm4D
Yara None matched
VirusTotal Search for analysis