Dropped Files | ZeroBOX
Name 3d701ea1ddc78f91_delegation
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\Delegation
Size 96.0KB
Processes 800 (SoftShipment.exe)
Type data
MD5 e82a72cae193b8525a968245fe8934cc
SHA1 ecf3f5f44da5329ccd4b463b10ed94ec01931e52
SHA256 3d701ea1ddc78f91919e733b8e8992c708a43b40dd58ce46e0500a6684456b06
CRC32 C508B176
ssdeep 1536:dysFxAoztAXHVFiKgWNRNDulP8KPfW9R6iIYqL3xs5RFxEAnF3n+B6i8B4DoGv+k:tVzWFgrsRNwfqR6X3xs55hn4l8B4UGvV
Yara None matched
VirusTotal Search for analysis
Name e3b0c44298fc1c14_nsuC232.tmp
Empty file or file not found
Filepath C:\Users\test22\AppData\Local\Temp\nsuC232.tmp
Size 0.0B
Type empty
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
CRC32 00000000
ssdeep 3::
Yara None matched
VirusTotal Search for analysis
Name aaf0659f2bff0060_www
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\Www
Size 75.0KB
Processes 800 (SoftShipment.exe)
Type data
MD5 d7db0c4f504d819de277753119685589
SHA1 1f0ba5806397f008569baf6f45cda258aaa5f5e0
SHA256 aaf0659f2bff006009684c04963ce6b4fd996fc341c96e1db85ce9ea5332dab4
CRC32 B6DEDEB4
ssdeep 1536:yx1aGdugYo6pnDu4aBSdJwi2eRX6d1Tfqh92RbLcsEkgD58mQlZn5OntuVWDSdAP:yH/riK4aw8qy1OhsRbLfglfi5OnYYDSi
Yara None matched
VirusTotal Search for analysis
Name 2b3f63621c8ae1eb_uniprotkb
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\Uniprotkb
Size 71.0KB
Processes 800 (SoftShipment.exe)
Type data
MD5 69d07759583afa982405cedf0b879b8e
SHA1 89ede2ba195dd80766efb53b801b20c76ad2584e
SHA256 2b3f63621c8ae1eb1bc3dfc4683ec983277ac17aea03acecebc54969a723ab72
CRC32 56695B9A
ssdeep 1536:37rjGdHC4Vm9Q3eNKc/2q28kEOg0rSgrsFTHlafDYFLQ:LPGxCPRNKc/L2bE2s5HlabYBQ
Yara None matched
VirusTotal Search for analysis
Name 7b39896a8d5a68e5_victor
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\Victor
Size 16.5KB
Processes 800 (SoftShipment.exe)
Type data
MD5 c823e5a74879da9cbff89361425b11b3
SHA1 44c18751a84ab6b9f700f0307e12192dba18e860
SHA256 7b39896a8d5a68e5f3da8ec64f9ceab3f533d05fdb18754db5b0a48ed308341b
CRC32 5AF050B0
ssdeep 384:9PaEHLHEm3U5M8XudIjThrq8vXvCcQ5VNQyFnA:QULHZ3U5JA2drq8vXvNQ5VNK
Yara None matched
VirusTotal Search for analysis
Name d8b7c7178fbadbf1_voyuer.pif
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\10518\Voyuer.pif
Size 872.7KB
Processes 2164 (cmd.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 18ce19b57f43ce0a5af149c96aecc685
SHA1 1bd5ca29fc35fc8ac346f23b155337c5b28bbc36
SHA256 d8b7c7178fbadbf169294e4f29dce582f89a5cf372e9da9215aa082330dc12fd
CRC32 388D364B
ssdeep 12288:WpV0etV7qtINsegA/rMyyzlcqakvAfcN9b2MyZa31tqoPTdFbgawV2501:WTxz1JMyyzlohMf1tN70aw8501
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • Generic_Malware_Zero - Generic Malware
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name 432a473f21a57610_killing.bat
Submit file
Filepath c:\users\test22\appdata\local\temp\killing.bat
Size 11.3KB
Processes 800 (SoftShipment.exe) 2164 (cmd.exe)
Type ASCII text, with very long lines, with CRLF line terminators
MD5 632076e43ff6f1c2ec3fc59d2ac115c5
SHA1 84567549ca5422d2c16b1d34a310fbe75b25ef08
SHA256 432a473f21a57610df93773a79ae94365d6c2b6aa1555123bfdd658a6f28cf2f
CRC32 E99D2F4D
ssdeep 192:8SIaqMu2NEzZGq/SOBae+Mi7wfbQTU8ZluwBOq9rtlwNpMp87KcXmqCgKo7P+1/q:PNNqHJrieQT5ZluwBb4N77KcXmhgKo75
Yara None matched
VirusTotal Search for analysis
Name 745fd43e4d459c6f_c
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\10518\c
Size 412.5KB
Processes 2592 (cmd.exe)
Type data
MD5 0a40d3e8ce3acaf75c3869e63d06bac7
SHA1 e49a22c125982fba56a87f0b0b445893c33f4a96
SHA256 745fd43e4d459c6f24baa00482a5981581b89fe019a0de4ec63ab124ca74f410
CRC32 22CB7042
ssdeep 12288:Q66aS0kCoyqTH3ebpqzvQSjPTnWfUHi5O9Md:Q6FS0kxJiI7a4i5O6
Yara None matched
VirusTotal Search for analysis
Name d1812729d79680d6_diseases
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\Diseases
Size 867.2KB
Processes 800 (SoftShipment.exe)
Type data
MD5 d857861493ebefa86a1e73c6df657e94
SHA1 fee325dcc7cc239bc0ccb891d6f1fba217773bd0
SHA256 d1812729d79680d65002aab3836d732f5ebdff0468d134654406a085cccc7be6
CRC32 5A845657
ssdeep 12288:zV0etV7qtINsegA/rMyyzlcqakvAfcN9b2MyZa31tqoPTdFbgawV2501:Jxz1JMyyzlohMf1tN70aw8501
Yara
  • Malicious_Library_Zero - Malicious_Library
  • Generic_Malware_Zero - Generic Malware
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name 5b4799ea6f20b4b5_socket
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\Socket
Size 5.5KB
Processes 800 (SoftShipment.exe)
Type data
MD5 ab55fc08eaef2f50565980b99511f625
SHA1 fa950698e02f3d56378c451e0d85ef4300e056e8
SHA256 5b4799ea6f20b4b5cf53a328e52a7ed1982e0c1a797ceed9f8a05d89985ba3bc
CRC32 54C26162
ssdeep 96:rE7bxgUzr4tgOwVAfBzDICS09CAi6R7u+IhsObfS+NsPvj6ooxdofjxP3yGj1H0B:rIHAeOqAFDw09CV/2nPvj6DdMP3r1HIx
Yara None matched
VirusTotal Search for analysis
Name 83d0683945dcf827_cherry
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\Cherry
Size 84.0KB
Processes 800 (SoftShipment.exe)
Type data
MD5 4950c42897e4b4be654bf6a0d6ad1874
SHA1 0f38103d753e0c7d29b290b1b3b47c855d9e1cf7
SHA256 83d0683945dcf8275e79d63424f3cf793820b9437a41e239d2bc758e25473110
CRC32 4E4E6970
ssdeep 1536:e+3Gl2SbEBuJYVSji43A+DuKDXbCRDr2gBe3WJ3gYLKr:QwB0X3A+DuKDXbCRDvQ3WJc
Yara None matched
VirusTotal Search for analysis
Name 603230f8180f5d1d_explains
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\Explains
Size 70.0KB
Processes 800 (SoftShipment.exe)
Type data
MD5 d32cbd96f1a1a04ddcc9a1a208fb81e5
SHA1 c615142b35fa027f477cda7a31a5983fc27c7435
SHA256 603230f8180f5d1d68621254976467acef4eaed5dd4193aa6c03f7384ad27dd1
CRC32 ECBB224E
ssdeep 1536:XtYFiLUMkLwsskyt+jj4PXSVjPyscGpR1e9Nh1zlwjzlbwVSvB:X3UMkLws5fjj4fSVjPnpR1Yxgzb
Yara None matched
VirusTotal Search for analysis