popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 6b14fb4f8d6a5f0e_glen
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\Glen
Size 5.9KB
Processes 2552 (ArchitectureTvs.exe)
Type data
MD5 265451ee742997a60541393fd9d07eeb
SHA1 4d45080da3d6aaf2c1f3e754123ffe63a8d366a9
SHA256 6b14fb4f8d6a5f0eb8be3b5af8710e876cf10aba7509b63319f3accc55e300c5
CRC32 7D28191E
ssdeep 96:exgUzr4tgOwVAfBzDICS09CAi6R7u+IhsObfS+NsPvj6ooxdofjxP3yGj1H039LG:UHAeOqAFDw09CV/2nPvj6DdMP3r1HI5G
Yara None matched
VirusTotal Search for analysis
Name cb9a2082701aa3e5_ge
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\Ge
Size 53.0KB
Processes 2552 (ArchitectureTvs.exe)
Type data
MD5 256db8674f411d03dfb791e0333cd13b
SHA1 a6b6456b22da054bc323d05aa92fa99750071ff6
SHA256 cb9a2082701aa3e50be7d70d546cf36b399ed16720bec4788d4d6ce26bf6c375
CRC32 C98ED86B
ssdeep 1536:VAHr7L0VMHP4YbSOTF8FwCfII52pxlarDjNa5QysK:VAvL0mHx+OIHgrwrD5aKE
Yara None matched
VirusTotal Search for analysis
Name 3058f5ea6628e433_b
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\390438\B
Size 406.6KB
Processes 2056 (cmd.exe)
Type data
MD5 41cd16d01f2d0c89fe851c61c369cdff
SHA1 7fdda4e60c2d8b44511a7c14bff96fdd42ae2674
SHA256 3058f5ea6628e4337da1c11d0f247d70b37e773a07f242c4c45a8d3f650520c5
CRC32 2579BF1A
ssdeep 6144:xOCou76ux3WjRChBwycVzk48fFlP7xNCNAvpq5StADOOlmFattlMMsUQUqIgMQ4G:xPbTGj0hBwycVg48PTSAPtatINLUs
Yara None matched
VirusTotal Search for analysis
Name 5d6aa947fa2d7d42_task
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\Task
Size 87.0KB
Processes 2552 (ArchitectureTvs.exe)
Type data
MD5 f685a896ba66d54152c67f25d7d59009
SHA1 da1dec796b8a4b2aa7c2be1eb0a2a4e1cd04aa6d
SHA256 5d6aa947fa2d7d4211fdd1ffb1be0f06fa5d32bd946133893933abcefa5054cc
CRC32 36794A41
ssdeep 1536:CrbgmtAhBlSE2iUBcDTwnG33Kzh0L/PX4gEIkurANlhGX28bql:0XtAhBw/KciKziL4ghfAv8l6
Yara None matched
VirusTotal Search for analysis
Name d5365a9ef949bbab_purchased
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\Purchased
Size 25.6KB
Processes 2552 (ArchitectureTvs.exe)
Type data
MD5 7941983631960c231e46153eb16b84eb
SHA1 0dd412188fdb85adee7c44a8b1ee6147223a7e61
SHA256 d5365a9ef949bbab66a6b2fcc8b10ac3b930e35056e1749571a17339eb866caf
CRC32 4F10A4B2
ssdeep 768:fs5AJMabNHuyleNFruMG7vvIdAqrAFuhR:Hd1K/o7vvkATaR
Yara None matched
VirusTotal Search for analysis
Name d8b7c7178fbadbf1_germany.pif
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\390438\Germany.pif
Size 872.7KB
Processes 2656 (cmd.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 18ce19b57f43ce0a5af149c96aecc685
SHA1 1bd5ca29fc35fc8ac346f23b155337c5b28bbc36
SHA256 d8b7c7178fbadbf169294e4f29dce582f89a5cf372e9da9215aa082330dc12fd
CRC32 388D364B
ssdeep 12288:WpV0etV7qtINsegA/rMyyzlcqakvAfcN9b2MyZa31tqoPTdFbgawV2501:WTxz1JMyyzlohMf1tN70aw8501
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • Generic_Malware_Zero - Generic Malware
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name b7c1437767048deb_comparative
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\Comparative
Size 866.8KB
Processes 2552 (ArchitectureTvs.exe)
Type data
MD5 4986c0093a74dc1fd1248ac3dff673c2
SHA1 6b09b7dcc3590a4d1bd44295df17dbf2fb5a21c7
SHA256 b7c1437767048debafc1c457046fce2b0c24c385f706fed3a2db80a52f1b30e3
CRC32 77A32B21
ssdeep 12288:aV0etV7qtINsegA/rMyyzlcqakvAfcN9b2MyZa31tqoPTdFbgawV2501:Ixz1JMyyzlohMf1tN70aw8501
Yara
  • Malicious_Library_Zero - Malicious_Library
  • Generic_Malware_Zero - Generic Malware
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name 7691a5dcf5feac63_sv
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\Sv
Size 86.0KB
Processes 2552 (ArchitectureTvs.exe)
Type data
MD5 a15ae60660733779c2a865d6e23372fe
SHA1 4e7eeaa592190a9be28d64aed3b0c2ce98c7e88f
SHA256 7691a5dcf5feac639fb8a4d033c5362278609d0c303b93cf8bcb7c71d3fd663a
CRC32 2CCA6B18
ssdeep 1536:R28Z2FCyn4z9IwGVdhYpwYIP5BFKQoKUnW3oLiERmKSYWxDMQjMp99idL8:R28sFCM6VehYp/0UQUW3oLi1U6MQjE2y
Yara None matched
VirusTotal Search for analysis
Name e3b0c44298fc1c14_nskEE38.tmp
Empty file or file not found
Filepath C:\Users\test22\AppData\Local\Temp\nskEE38.tmp
Size 0.0B
Type empty
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
CRC32 00000000
ssdeep 3::
Yara None matched
VirusTotal Search for analysis
Name 65419c7b450bae14_assistance
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\Assistance
Size 74.0KB
Processes 2552 (ArchitectureTvs.exe)
Type data
MD5 d56bdcd441a1e3f7139a9b59f1828769
SHA1 0c6f5bb4eb76d1cd18c15ad35d7f66ded7352847
SHA256 65419c7b450bae1477eda780daf181596fe1c28d36c51af63b0bba9fe222190b
CRC32 4BEACBFE
ssdeep 1536:xOC96eoYH+uwBYJ5L52LpqwARDx0Lm/3WjRsHi68LBQ8CN:xOCRoYeu8I56tUxf/3WjCHw4
Yara None matched
VirusTotal Search for analysis
Name 5e1f5af280656b5a_copies
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\Copies
Size 81.0KB
Processes 2552 (ArchitectureTvs.exe)
Type DOS executable (COM, 0x8C-variant)
MD5 ff41324ffd18d6c7a3420c7fd575d552
SHA1 4a568499ffd5877bdcf8500e8aa5d3d6a85a28de
SHA256 5e1f5af280656b5aa37d5862232449823969de6b8a946077b4769e0b381bbf99
CRC32 1F9C659E
ssdeep 1536:52xcszSHGGYU6oa67/zvPZSZaUGu1/sp2rJE46xgRgu:52xcsuHGNdoNBS4UGu/sp2GhyR/
Yara None matched
VirusTotal Search for analysis
Name 08626b5fd31e351d_front.bat
Submit file
Filepath c:\users\test22\appdata\local\temp\front.bat
Size 27.8KB
Processes 2552 (ArchitectureTvs.exe) 2656 (cmd.exe)
Type ASCII text, with very long lines, with CRLF line terminators
MD5 cc128544d613accfd61fc2d3b8ef1292
SHA1 439bcb88a7b95f40a8a665ce8acf9ecba14f86be
SHA256 08626b5fd31e351d0fef59a11dbc1b570a7c9bf642cf8e865a405f9700c29b6d
CRC32 7A9D853C
ssdeep 768:Z8h5eltPBO1VTOnrjwKHgQTdEP4X9k+FGglVV1FcUVKg:Z24ltPBOTKnrjwKHjuPYx4E
Yara
  • ftp_command - ftp command
VirusTotal Search for analysis