popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 912fe5024c06fbb6_autBF64.tmp
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\autBF64.tmp
Size 12.6KB
Processes 1540 (taskhostw.exe)
Type data
MD5 a9350f97650a3d649560abaa38ccbe7c
SHA1 c01dde0ac867bbe9ed8d93713c993751e8b1fed6
SHA256 912fe5024c06fbb6643cc0afc64414ecdda4a251cc6d1f5805960b544b73c53a
CRC32 2ADDABA9
ssdeep 192:TP936RuGCkiaFqfIh11paNCIegDLay+QeRwKLR8cWP2kc67QNjpgDUeq6Ga:YRFqfIfaRHayZwLR8rJc67QNjpgg2v
Yara None matched
VirusTotal Search for analysis
Name d98fa625a92c7904_name.exe
Submit file
Filepath C:\Users\test22\AppData\Local\directory\name.exe
Size 1.2MB
Processes 1540 (taskhostw.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 6539c2c942c9aa3ab9c7fe14fccf0b4e
SHA1 f4a663d69419e1cdef4d31ae003c89f6c19f23c0
SHA256 d98fa625a92c790403ee5f8be928948855ea23a892321cc7d219895d3f5b1c36
CRC32 54476D03
ssdeep 24576:WCdxte/80jYLT3U1jfsWaNuPcgCOCYdVtL/JAc/RhmTO/wQ:fw80cTsjkWaNecFOCYDljmyL
Yara
  • Process_Snapshot_Kill_Zero - Process Kill Zero
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • FindFirstVolume_Zero - FindFirstVolume Zero
  • CryptGenKey_Zero - CryptGenKey Zero
  • Device_Check_Zero - Device Check Zero
  • IsPE32 - (no description)
  • Generic_Malware_Zero - Generic Malware
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name d7c56ffc8a357e73_autBF24.tmp
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\autBF24.tmp
Size 391.0KB
Processes 1540 (taskhostw.exe)
Type data
MD5 336dc045c8c6a4764b31d43fd360b020
SHA1 0dbee41f0bf6fef4f8c7bd47c6fd386cb572067b
SHA256 d7c56ffc8a357e732d1922254d35ac9ef9fa39b15f0c4509e5d0cf17ccb64ec4
CRC32 19FA3073
ssdeep 12288:mwkhSXui11zbhQKe0I5igjSUNjgoDVSFnq:m251z25ZeUNjg+Vz
Yara None matched
VirusTotal Search for analysis
Name a9755036f96b6c9c_name.vbs
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\name.vbs
Size 270.0B
Processes 2076 (name.exe)
Type data
MD5 23c99a82ffbd91db88226e5f2dfbc332
SHA1 7d695601fb45bc378a5942d26530e8895dce44cd
SHA256 a9755036f96b6c9c3517f3bba5995ec5b0c1508dd9a5a7a2908658f9edae33e8
CRC32 1049C2FD
ssdeep 6:DMM8lfm3OOQdUfcls/UEZ+lX1Al1AE6nriIM8lfQVn:DsO+vNls/Q1A1z4mA2n
Yara None matched
VirusTotal Search for analysis
Name 4dc4dea969f1a530_teres
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\teres
Size 28.0KB
Processes 1540 (taskhostw.exe) 2076 (name.exe)
Type ASCII text, with very long lines, with no line terminators
MD5 8286378171e4c2b52782449814a06653
SHA1 f950aea27b1c5416406c248a41253679ed182bfa
SHA256 4dc4dea969f1a530d82d02ed8d72be00404f8e32973430dc55eae380f95d92da
CRC32 E8EB7CED
ssdeep 768:3B/xREbEXiee0eaPQjby+l5xB3FG60914KhOG7sDUjb6Rc1P:TubEXiegNl5xqbb4KhODUjbKqP
Yara None matched
VirusTotal Search for analysis
Name 604a0cc31ba6d875_citlaltpetl
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\Citlaltpetl
Size 483.0KB
Processes 1540 (taskhostw.exe) 2076 (name.exe)
Type data
MD5 68e968b0759cf46217226477c26c2fb0
SHA1 acbb76b2c0808f932d217ae73184ba14b18d27b8
SHA256 604a0cc31ba6d8753e394982e8b84a59b260179b2313f314cac53ceb663c996b
CRC32 392D8550
ssdeep 12288:iU98JzlqYLe9tSpC5R8F0B5hAKmUAhVAoMIAj:2s2e9tS08FK5MUN1j
Yara None matched
VirusTotal Search for analysis