popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 4ca4330d480fed0a__$temp
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\_$temp
Size 247.5KB
Processes 2552 (Lab03-01R.exe)
Type data
MD5 5e41cc6f642991adf8f217105efa04ac
SHA1 94a511f21aea09a9d298c6ca25a86cd5f5d79ff2
SHA256 4ca4330d480fed0ae469d1dc98bf190a4ef7545e4f16c3f2b387987127e839c4
CRC32 999B3474
ssdeep 6144:Qo5NNhsa8wSa/9vKviU8PzxBeyrE4cylDUwMsTdR:1p8wSMvKviU8rxEAxDUtsTf
Yara None matched
VirusTotal Search for analysis
Name 4e54a0a029535048_(empty).lnk
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\(Empty).lnk
Size 1.9KB
Processes 2552 (Lab03-01R.exe) 2684 (GoogleUp-date.exe)
Type MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Icon number=0, Archive, ctime=Wed Sep 25 23:08:14 2024, mtime=Wed Sep 25 23:08:14 2024, atime=Tue Jan 17 01:35:37 2012, length=53248, window=hidenormalshowminimized
MD5 584618fbffddf2938bdbf284282deee1
SHA1 eea4e8ae91d180f2ca34aa4b133bf520f5426aec
SHA256 4e54a0a029535048b0327daa2abdf8a038d18556f2039842ad8ad5db39367bf2
CRC32 23E9C739
ssdeep 24:8rLPsERdglRL93zNRcSeNY6ee6PyoiliCO4Zzqe:8nsHlRJ3pRDeNY6eFyFZzqe
Yara
  • lnk_file_format - Microsoft Windows Shortcut File Format
  • Lnk_Format_Zero - LNK Format
VirusTotal Search for analysis
Name e3b0c44298fc1c14___tmp_rar_sfx_access_check_8461625
Empty file or file not found
Filepath C:\Users\test22\AppData\Local\Temp\__tmp_rar_sfx_access_check_8461625
Size 0.0B
Type empty
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
CRC32 00000000
ssdeep 3::
Yara None matched
VirusTotal Search for analysis
Name 8be3af7338f6607b_googleup-date.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\GoogleUp-date.exe
Size 52.0KB
Processes 2552 (Lab03-01R.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 01a959985af72a4e39d1145244564f8c
SHA1 8367ac4eafd235cba90773f3b2edc08256dd7d4d
SHA256 8be3af7338f6607bbfe26aaea5cb0b0d3f74884011c9393c501021bc633c8340
CRC32 9BF247A4
ssdeep 768:JYvt5BDKok/Ce1zMiIZry0QHHHLubrBC3:Ist1brnybrS
Yara
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • UPX_Zero - UPX packed file
VirusTotal Search for analysis
Name 525b9cf1d0ac62c8_~DFCF0FFAE07BE4B0AC.TMP
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\~DFCF0FFAE07BE4B0AC.TMP
Size 2.5KB
Type Composite Document File V2 Document, Cannot read section info
MD5 5b95c50e974ad7c064cbbf6da30e344e
SHA1 5a66e0099e265806e6f0ce158e624632dd284066
SHA256 525b9cf1d0ac62c8ab9de139e40f594a72442c6132d58f2c48c1dfa09bbab1d3
CRC32 7562849D
ssdeep 12:rl3baFQMPltD7ONw/9ip755555555555555t:rYyw9i
Yara
  • Microsoft_Office_File_Zero - Microsoft Office File
VirusTotal Search for analysis