popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name e3b0c44298fc1c14___tmp_rar_sfx_access_check_22862781
Empty file or file not found
Filepath C:\Users\test22\AppData\Local\Temp\RarSFX0\__tmp_rar_sfx_access_check_22862781
Size 0.0B
Type empty
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
CRC32 00000000
ssdeep 3::
Yara None matched
VirusTotal Search for analysis
Name e0a2d125bdcb1cec_kita.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\RarSFX1\kita.exe
Size 3.2MB
Processes 2840 (kita.sfx.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 4c29222b601f7ea15921b57dd50a0637
SHA1 f6e1f7b2a8a532d7fe8aa467ac8754dc95e696ff
SHA256 e0a2d125bdcb1cecce4ffd2a9ad9457018d031c356dffea335de9068b7bb0f89
CRC32 466FDE3C
ssdeep 49152:EvrI22SsaNYfdPBldt698dBcjH9a0O8oG3/THHB72eh2NT:EvU22SsaNYfdPBldt6+dBcjHQ0V
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • Is_DotNET_EXE - (no description)
  • Win32_Trojan_PWS_Net_1_Zero - Win32 Trojan PWS .NET Azorult
  • IsPE32 - (no description)
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name 2c07c4b67ed287ed_rbx3.bat
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\RarSFX0\rbx3.bat
Size 29.0B
Processes 2576 (rbx.exe)
Type ASCII text, with no line terminators
MD5 c97dd039255b64ab3945aed576185297
SHA1 6757a9176778791e6ee8b0fc55617204ae60ba32
SHA256 2c07c4b67ed287ed68230a8249a01e5731e63a047975c852d83b5142e2907352
CRC32 069C354C
ssdeep 3:SCFIVUGqRAoA:SCyVUGqRAoA
Yara None matched
VirusTotal Search for analysis
Name f548f412a7ab882a_kita.sfx.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\RarSFX0\kita.sfx.exe
Size 1.5MB
Processes 2576 (rbx.exe)
Type PE32+ executable (GUI) x86-64, for MS Windows
MD5 919a1008bf8159fa542d539928cbc5c6
SHA1 1f286934ff7699e4977bda011cb710dbf993406e
SHA256 f548f412a7ab882a758044293209f6d7d0529dfe8de1237e9bd65606735742d7
CRC32 C4728BD2
ssdeep 49152:nEuq64YK0Wok5T0RtW7GEHDqbV830gmDF:nFqIRpoT0bW7GEIiMF
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsPE64 - (no description)
  • Generic_Malware_Zero - Generic Malware
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis