Dropped Files | ZeroBOX

Name	51c062ad953a0862_cce3fe3b0d8d805f.timestamp Submit file
Filepath	C:\ProgramData\Oracle\Java\.oracle_jre_usage\cce3fe3b0d8d805f.timestamp
Size	57.0B
Processes	2000 (java.exe) 2136 (javaw.exe)
Type	ASCII text, with CRLF line terminators
MD5	`ab093c5e0df9ad17509411a5f7499f55`
SHA1	`acc405e3c98af6f7fa2c7eb1c23f6f339fa8c8ac`
SHA256	`51c062ad953a0862ff306a9b7be1bd8dd011e3c53cdf66da7e4e9719759142fb`
CRC32	`5849DFD3`
ssdeep	`3:oFj4I5vpN3VEp:oJ5X3V0`
Yara	None matched
VirusTotal	Search for analysis

Name	f1225df0c346e0d4_jna5717180362363948917.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\jna--877171118\jna5717180362363948917.dll
Size	207.0KB
Processes	2136 (javaw.exe)
Type	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5	`856291fc5f373c1368a70b6bf31697ce`
SHA1	`d03cb1df184c322cd8285f7cee50c5f861e24116`
SHA256	`f1225df0c346e0d4fde129771a7ce81c6a23e01950ae59f38fde86e626d8cd59`
CRC32	`F4AB3820`
ssdeep	`6144:p2fC4fC1yjN1+XIrCY2X2RivXs9G6qFyWc:p+C2C1yjN1+X/XcWc`
Yara	Malicious_Library_Zero - Malicious_Library Admin_Tool_IN_Zero - Admin Tool Sysinternals PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE32 - (no description) Generic_Malware_Zero - Generic Malware UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	092f73b6547a6509_jnativehook-2545430567938135033.x86.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\JNativeHook-2545430567938135033.x86.dll
Size	61.0KB
Processes	2136 (javaw.exe)
Type	PE32 executable (DLL) (console) Intel 80386, for MS Windows
MD5	`e15b1d7acc4e2e8093789cc3e0073275`
SHA1	`7dc8e1f206faa540cfb3bcb55a4388d7df75bdd5`
SHA256	`092f73b6547a650980af9cb7ed6ff6b2dab03af7ba51cbe4e9c7ae96da2e8129`
CRC32	`E7152848`
ssdeep	`768:XEUMnAGoCVN555XelYFY8qobiXCqIP0Lz0L:JMA5iDHIYfbldn`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE32 - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis