popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 0482038dee8cdc39_name.exe
Submit file
Filepath C:\Users\test22\AppData\Local\directory\name.exe
Size 2.0MB
Processes 3008 (PO-LIST.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 e21b8ab721253a904d148587bb256be4
SHA1 36c602234b7a066799d81ec264cb44ac366a0a8e
SHA256 0482038dee8cdc3992533d6d3bfd36123a0efc02809b9c1cb87febef83a3517a
CRC32 0BFBC2C3
ssdeep 49152:6TvC/MTQYxsWR7alUZqvJ+UtB7wxAzbimbJX:KjTQYxsWRpZqvJ+kBGob7bJ
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • Generic_Malware_Zero - Generic Malware
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name a9755036f96b6c9c_name.vbs
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\name.vbs
Size 270.0B
Processes 2216 (name.exe)
Type data
MD5 23c99a82ffbd91db88226e5f2dfbc332
SHA1 7d695601fb45bc378a5942d26530e8895dce44cd
SHA256 a9755036f96b6c9c3517f3bba5995ec5b0c1508dd9a5a7a2908658f9edae33e8
CRC32 1049C2FD
ssdeep 6:DMM8lfm3OOQdUfcls/UEZ+lX1Al1AE6nriIM8lfQVn:DsO+vNls/Q1A1z4mA2n
Yara None matched
VirusTotal Search for analysis
Name dd349c8a60694f35_logs.dat
Submit file
Filepath C:\ProgramData\remcos\logs.dat
Size 260.0B
Processes 2104 (svchost.exe)
Type data
MD5 8862613a73864cb0ee1df6befb8bb0c1
SHA1 66d0bb132b2abc45150d6de00c1eaea1ceafad96
SHA256 dd349c8a60694f35539f83204426e4d1f34f1006f8a1a98097f79353e266b6ed
CRC32 6CEAABE5
ssdeep 6:6lIlQ8Aql55YcIeeDAlOWA4dbJWEogltmgXl1oV:6lYQ8AUec0WNW+ltZI
Yara None matched
VirusTotal Search for analysis
Name 3c7fc890f67d3c88_nonsubmerged
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\nonsubmerged
Size 483.0KB
Processes 3008 (PO-LIST.exe) 2216 (name.exe)
Type data
MD5 1fc80ac34be519e28e3757341f064a64
SHA1 31e4602cd374fb979960f6a8076d0c288904181b
SHA256 3c7fc890f67d3c88fce9b6f028bc4b414be3071cca5047527860f1130ca8e8f7
CRC32 D3A107A9
ssdeep 12288:+i0bJWqZ+b8WmOlde5rlpskX12MiT12qmq/qJXQ:IYbzmIe5rsq4o2yJg
Yara None matched
VirusTotal Search for analysis