popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name e3b0c44298fc1c14_nsjCBC7.tmp
Empty file or file not found
Filepath C:\Users\test22\AppData\Local\Temp\nsjCBC7.tmp
Size 0.0B
Type empty
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
CRC32 00000000
ssdeep 3::
Yara None matched
VirusTotal Search for analysis
Name 81c243d9d1c354f5_nor
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\Nor
Size 73.0KB
Processes 1280 (66fad513a308f_SubstituteAgain.exe#abd)
Type data
MD5 39cbcfac2af36a2416f01bc5484ba6fb
SHA1 40539b7615b117975af6738a743b03664fafd072
SHA256 81c243d9d1c354f57ce78a36e709124a6bfe9b94e6088d9b009360abac470b7c
CRC32 8BA4B619
ssdeep 1536:I8bkEdnx/UbQFsydVs3v8TlaBYO43phAMm6tfw+0qxY5bEFRV96PVpT:vQEdnxsbUU3v8T8BaAx6ti5bEHmT
Yara None matched
VirusTotal Search for analysis
Name 371864dd007175af_cookies
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\Cookies
Size 85.0KB
Processes 1280 (66fad513a308f_SubstituteAgain.exe#abd)
Type data
MD5 a9cbb34f39acff0a54b517a4a7ee0f57
SHA1 843476e1ba47c45c788a92cbf098ded54bcaa7a8
SHA256 371864dd007175af0f5bc8a786a3b23414050ff65711cf8adc5e3a4b1f96ba80
CRC32 CD00B8F8
ssdeep 1536:mGOL3uPACb+GVsFPMaVyYiQ3oFsjNYZYWVQXRbXxhfdRLr3V20t+A7432RV6FoJC:q+PhSGuPMK38saZYWVQXtRr2q432eFo8
Yara None matched
VirusTotal Search for analysis
Name bb19ff3fa75174d7_fence
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\Fence
Size 86.0KB
Processes 1280 (66fad513a308f_SubstituteAgain.exe#abd)
Type data
MD5 dd70a769b3ab4f5f1aa5081a8d8df383
SHA1 e8d6d12e1f6aba647da1379968ef121fc41e7c35
SHA256 bb19ff3fa75174d76e10f7fb7df41f9b8eacabd6fe2e4e2eb4e1791d1ab1e6d8
CRC32 C7301A27
ssdeep 1536:urfUtfwI22UiOTDBxofDWCOrKeKVdGHn1173IQlhRy6yiCFuplk1xcaTWeKLHqCM:If2z2sOTD/60rKbdGlRiiC4plhjLKjDH
Yara None matched
VirusTotal Search for analysis
Name 54095dc56ad3c26e_labor
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\Labor
Size 867.5KB
Processes 1280 (66fad513a308f_SubstituteAgain.exe#abd)
Type data
MD5 69cd8cf03b80b94bb36b06cfbb262489
SHA1 ff6d9f64d1c496c4d721690cb102c588c17917ad
SHA256 54095dc56ad3c26ef12a465bd279418011b89caef55bd06977d03db436a1f359
CRC32 B46EADDF
ssdeep 12288:rV0etV7qtINsegA/rMyyzlcqakvAfcN9b2MyZa31tqoPTdFbgawV2501:xxz1JMyyzlohMf1tN70aw8501
Yara
  • Malicious_Library_Zero - Malicious_Library
  • Generic_Malware_Zero - Generic Malware
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name d8b7c7178fbadbf1_cal.pif
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\550360\Cal.pif
Size 872.7KB
Processes 2156 (cmd.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 18ce19b57f43ce0a5af149c96aecc685
SHA1 1bd5ca29fc35fc8ac346f23b155337c5b28bbc36
SHA256 d8b7c7178fbadbf169294e4f29dce582f89a5cf372e9da9215aa082330dc12fd
CRC32 388D364B
ssdeep 12288:WpV0etV7qtINsegA/rMyyzlcqakvAfcN9b2MyZa31tqoPTdFbgawV2501:WTxz1JMyyzlohMf1tN70aw8501
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • Generic_Malware_Zero - Generic Malware
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name aecc6992193d8ef2_t
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\550360\t
Size 441.3KB
Processes 2604 (cmd.exe)
Type data
MD5 2ee1a892d0c2ff0947ff93687fd27277
SHA1 062ca51b95e04495c5dd2872294b36a4703c91d5
SHA256 aecc6992193d8ef20a9188de2fadda74b95acafa4cc4d72fec9735d72b72fdb0
CRC32 9DCAE8B1
ssdeep 12288:ncHzLSB1P017/GiQCZjQO+OSO+GqUxX3J:n8L2Z017XZjSOSdIX5
Yara None matched
VirusTotal Search for analysis
Name 719f8df256ee2e4b_interactions
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\Interactions
Size 50.0KB
Processes 1280 (66fad513a308f_SubstituteAgain.exe#abd)
Type data
MD5 562f141d3a29c6dd533776ec5f4a46ea
SHA1 a036e120df20d9d5d84db52ca4664ea682886170
SHA256 719f8df256ee2e4bea4fdee798ac799366aa2a2f8fae55febcdfaadfaf7b4a53
CRC32 B30C56F0
ssdeep 1536:9x5fb1GXCOp82nPUkYYAYuAY2o5H/2H8l4s81Eac:6yOyfjzSYd
Yara None matched
VirusTotal Search for analysis
Name eab8d7155ca478fc_contribute
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\Contribute
Size 5.1KB
Processes 1280 (66fad513a308f_SubstituteAgain.exe#abd)
Type data
MD5 7ec18996d0a46060a9179be7dd014ea9
SHA1 e29fc68e3473465ac376b88d36976da3865771d3
SHA256 eab8d7155ca478fcd3f3de68e1356c1bb427e07a8dc1de5b12be8cc1ddfc26c6
CRC32 3A39D278
ssdeep 96:cJxgUzr4tgOwVAfBzDICS09CAi6R7u+IhsObfS+NsPvj6ooxdofjxPe:c/HAeOqAFDw09CV/2nPvj6DdMPe
Yara None matched
VirusTotal Search for analysis
Name 4ebd3e25b2d20e57_monitoring
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\Monitoring
Size 49.3KB
Processes 1280 (66fad513a308f_SubstituteAgain.exe#abd)
Type data
MD5 8b3a8fc121a54a950eedc122c09932eb
SHA1 1f1bf25db09d268ca4c86b42ec1923e5e03bb275
SHA256 4ebd3e25b2d20e571c5eb5acf9384dd6f1ec99c66c0002cb4687d6d05a43c897
CRC32 A21F68EE
ssdeep 768:vrj/I7MB3HHOH65nmOI7ZrSYFbksGtbN+gygmU0Bb+uA70gDvV8rtSRI:vrj/sOI7ZrjAVygmUw270gDNmSRI
Yara None matched
VirusTotal Search for analysis
Name d78a6785ced2c748_doctor
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\Doctor
Size 98.0KB
Processes 1280 (66fad513a308f_SubstituteAgain.exe#abd)
Type data
MD5 15f7084287fb38b518d002292a314075
SHA1 b370f5e35dbc8c9f149201abfc3d5d9d5db018b6
SHA256 d78a6785ced2c7484ccb093d29ebb5418c302801eb43dfc13285d70ca6845d97
CRC32 40933422
ssdeep 3072:fcTraIsSgDIP+lPwQnO2/EdP+r+IwWhWa4:fc9sSgs2lPw6O2c2qUhK
Yara None matched
VirusTotal Search for analysis
Name fe384870caee86a6_tough.bat
Submit file
Filepath c:\users\test22\appdata\local\temp\tough.bat
Size 9.6KB
Processes 1280 (66fad513a308f_SubstituteAgain.exe#abd) 2156 (cmd.exe)
Type ASCII text, with very long lines, with CRLF line terminators
MD5 84ea26756b40c084b69b45404ec99a0e
SHA1 70acb464e077d018fd13b250fb86d057c27eafc1
SHA256 fe384870caee86a6007c5ac37a1f15324090db94746496977f69c2eaa9e54490
CRC32 5C52477E
ssdeep 192:HWbIcIlYBfixTpj+8BWmCmVL9iOsDxObhFQLCH+RmLY3350Ol9:HeIlYy+ff/O0x+V+AGTl9
Yara None matched
VirusTotal Search for analysis