popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 237d1bca6e056df5_informationcheck.exe
Submit file
Filepath C:\Users\Public\InformationCheck.exe
Size 872.7KB
Processes 2624 (66f95555bb57c_zKODjTqg.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 c56b5f0201a3b3de53e561fe76912bfd
SHA1 2a4062e10a5de813f5688221dbeb3f3ff33eb417
SHA256 237d1bca6e056df5bb16a1216a434634109478f882d3b1d58344c801d184f95d
CRC32 76090EE7
ssdeep 12288:6pVWeOV7GtINsegA/hMyyzlcqikvAfcN9b2MyZa31twoPTdFxgawV2M01:6T3E53Myyzl0hMf1tr7Caw8M01
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • Generic_Malware_Zero - Generic Malware
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name 14dbedd4ca6b8105_profiledetails.ps1
Submit file
Filepath C:\Users\Public\ProfileDetails.ps1
Size 362.0B
Processes 2624 (66f95555bb57c_zKODjTqg.exe)
Type ASCII text, with CRLF line terminators
MD5 6afaf3595e0862d7526c8472a47d6c02
SHA1 a42e017f329c3f02ab321b294e85ef206e9ffa0f
SHA256 14dbedd4ca6b8105920d3ccaf46b83bd96c4c53db9a3989e9c42807155383eb2
CRC32 72D663BF
ssdeep 6:gsvOEOlAzgDaAId25PaH9Ayz1gY1PaHzPMKds48QLh8JdWzH6mLF7djIXIINOQbf:xvN3rAymYEzdHGHWzH6mL5dsfHb5MnAV
Yara None matched
VirusTotal Search for analysis
Name 44e8aa0601fffe82_590aee7bdd69b59b.customdestinations-ms
Submit file
Filepath c:\users\test22\appdata\roaming\microsoft\windows\recent\customdestinations\590aee7bdd69b59b.customdestinations-ms
Size 7.8KB
Processes 2724 (powershell.exe)
Type data
MD5 ee6cfd78f72f03663db2a7df0c696dd7
SHA1 56126e81a5f6577f8e24a890185d0c9eb600fa02
SHA256 44e8aa0601fffe82c494bbc7d7280aa3bc5e90effe2aee2d716d5716e1d6b568
CRC32 F27137C4
ssdeep 96:EtuCcBGCPDXBqvsqvJCwoRtuCcBGCPDXBqvsEHyqvJCworu4tDHXyGlUVul:EtCgXoRtCgbHnorBTyY
Yara
  • Antivirus - Contains references to security software
  • Generic_Malware_Zero - Generic Malware
VirusTotal Search for analysis
Name f1945cd6c19e56b3_details.au3
Submit file
Filepath C:\Users\Public\Details.au3
Size 3.0B
Processes 2724 (powershell.exe)
Type UTF-8 Unicode text, with no line terminators
MD5 ecaa88f7fa0bf610a5a26cf545dcd3aa
SHA1 57218c316b6921e2cd61027a2387edc31a2d9471
SHA256 f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
CRC32 011097E1
ssdeep 3:g:g
Yara None matched
VirusTotal Search for analysis