popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 7bf20f5902436cb9_Readme.txt
Submit file
Filepath C:\Windows\SysWOW64\Readme.txt
Size 1.3KB
Processes 2544 (GHO%E9%95%9C%E5%83%8F%E5%AE%89%E8%A3%85%E5%99%A8.EXE)
Type Little-endian UTF-16 Unicode text, with CRLF, CR line terminators
MD5 51f89930257df2da61e68e29f331cb29
SHA1 6945afe2a7154b04d6940fd6105d6b45eb60b872
SHA256 7bf20f5902436cb98093c83135e6daaf9a31d8dd09191b8802dc75b83341a244
CRC32 FDAA7C83
ssdeep 24:Q1Cwe2Sy5+WVi1b+4LDVdaSDVnUoqDVfMkKDC+aCm2fC6uHurw4ni6FCKXQHhpRI:gCweeYR7d9UoyUa+buHqwMFCKX6pKkOp
Yara None matched
VirusTotal Search for analysis
Name c1863cecf48d4e0d_showdrive.exe
Submit file
Filepath C:\Windows\SysWOW64\SHOWDRIVE.EXE
Size 28.0KB
Processes 2544 (GHO%E9%95%9C%E5%83%8F%E5%AE%89%E8%A3%85%E5%99%A8.EXE)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 9dcc76e36021f25312903377500566e2
SHA1 c74d638a38e3b842b8a06958e96b11081de8d1e4
SHA256 c1863cecf48d4e0dc26326081a6bc6d6975e86d9b395fa6e49eaec632ad1c5b7
CRC32 18108A83
ssdeep 384:+i2eLT45S78RGml9eZGtOeOcR+wScyK+ivfAW5oZV:+i2c45ZRcuPtV+efF5oZ
Yara
  • Malicious_Library_Zero - Malicious_Library
  • IsPE32 - (no description)
  • PE_Header_Zero - PE File Signature
VirusTotal Search for analysis
Name 9f8439a9217a1f1e_autF33A.tmp
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\autF33A.tmp
Size 23.5KB
Processes 2544 (GHO%E9%95%9C%E5%83%8F%E5%AE%89%E8%A3%85%E5%99%A8.EXE)
Type PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows
MD5 c3429879521305de064a0952dab5eb6a
SHA1 167e21603daacb16801e0e3cc1693d2da4d65cc4
SHA256 9f8439a9217a1f1e2aa46e611a8e38b591500f986c484ec179cfef712cbff707
CRC32 E9E5E92A
ssdeep 384:3kc5/kH+JAPqtaYTAx6LyZdp1dwlenlvj2WeXxRD8aKdedTdL9/nxyXEnbKBkMHr:3ka/7OPH0Ax7/p1dM1BRDbKoTdL9/gU+
Yara
  • IsPE32 - (no description)
  • PE_Header_Zero - PE File Signature
VirusTotal Search for analysis
Name ea4462900c1c91b3_autF230.tmp
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\autF230.tmp
Size 14.4KB
Processes 2544 (GHO%E9%95%9C%E5%83%8F%E5%AE%89%E8%A3%85%E5%99%A8.EXE)
Type data
MD5 3bb5717a144bbe6f55a957fddfc05509
SHA1 b7dfb0573f3146bd6f962cca6467cc693c02ea31
SHA256 ea4462900c1c91b3143733b07720e8f9d8f52f016d85f36aa7ee99897545dc2a
CRC32 743E4993
ssdeep 384:KLGeymV4qt5X7xX1KaXbQn2vbMU1y9FA5195rWPw:nmuuDKObQ2NkFAfww
Yara None matched
VirusTotal Search for analysis
Name 30c1749086634548_autF8F9.tmp
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\autF8F9.tmp
Size 786.0B
Processes 2544 (GHO%E9%95%9C%E5%83%8F%E5%AE%89%E8%A3%85%E5%99%A8.EXE)
Type data
MD5 7d85006156fd4d12f821e5efa04242ac
SHA1 ea119c897c242aea4d648be58246cd4ef2802c3b
SHA256 30c17490866345484249a7d0da14bafa5a092f31b45d6003e141026d80d4585e
CRC32 3E7FC301
ssdeep 24:nWAamCCcKCdYhE7+MVZvfwS5djr7yoHGB7Mb:OLNBdY417HrDHJmc
Yara None matched
VirusTotal Search for analysis
Name 118901d6aa43cd63_dspt1.txt
Submit file
Filepath C:\Windows\SysWOW64\dspt1.txt
Size 239.0B
Type ASCII text, with CRLF line terminators
MD5 b402b993d23af09de5e42eb4bd62617e
SHA1 7a899f7aeae10c7eb0325eb43fa71f89559a9d8a
SHA256 118901d6aa43cd638047d744dc99a3795affb346898912a77cb61fd3a7ad34ee
CRC32 098032C9
ssdeep 6:rFFG0iEQ/QW/mdNPHNxjy/YFW0NNxjy/2PXc:jGP5/QWeHtxjyQW0jxjyQc
Yara None matched
VirusTotal Search for analysis
Name 7f417123cef26455_dspt.txt
Submit file
Filepath C:\Windows\SysWOW64\dspt.txt
Size 158.0B
Type ASCII text, with CRLF line terminators
MD5 161bff6e3751f092ec42c63a75404c19
SHA1 32213089e463a6d278714e400bebafbafdda4281
SHA256 7f417123cef264556757737f54ed706853205264001a9c3bb5aad8ef452bb629
CRC32 7DE6C165
ssdeep 3:ybRQFXpSAFVTYA3XrUMV16MFFFF1QdQHS49UFWUaaXFy/FWn/Fjn:T/pV06rnS49Uba6Fy/FW/Z
Yara None matched
VirusTotal Search for analysis