popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name b6c1221f46b095bf_unins000.dat
Submit file
Filepath C:\Users\test22\AppData\Local\unins000.dat
Size 3.6KB
Processes 2876 (FunnyJellyfish.tmp)
Type data
MD5 d5908e47e649a29e4b76c2f03b34198a
SHA1 f359a565c6b7ef50fd3e73a395c783d6b3aed30e
SHA256 b6c1221f46b095bfe753e12d96a934076def30e78141c555a77aaf8a4e05d497
CRC32 E177C144
ssdeep 96:h44NWzpZn3PCdfc1AGlEDA4MZAe2LEHh5:hxYpZ3yf7fDSmEHz
Yara None matched
VirusTotal Search for analysis
Name a4c86fc4836ac728__setup64.tmp
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\is-U9E68.tmp\_isetup\_setup64.tmp
Size 6.0KB
Processes 2876 (FunnyJellyfish.tmp)
Type PE32+ executable (console) x86-64, for MS Windows
MD5 4ff75f505fddcc6a9ae62216446205d9
SHA1 efe32d504ce72f32e92dcf01aa2752b04d81a342
SHA256 a4c86fc4836ac728d7bd96e7915090fd59521a9e74f1d06ef8e5a47c8695fd81
CRC32 B1C5F7C5
ssdeep 96:sfkcXegaJ/ZAYNzcld1xaX12pS5SKvkc:sfJEVYlvxaX12EF
Yara
  • IsPE64 - (no description)
  • PE_Header_Zero - PE File Signature
  • UPX_Zero - UPX packed file
VirusTotal Search for analysis
Name 90c4a61af494b63e_FunnyJellyfish.tmp
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\is-L4CRD.tmp\FunnyJellyfish.tmp
Size 1.1MB
Processes 2828 (FunnyJellyfish.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 14c6fa8e50b4147075eb922bd0c8b28d
SHA1 0faad18b0e26ce3b5c364621a4f0aee9db56a9a7
SHA256 90c4a61af494b63ecfe1226714175675a4e49e57d50718491b3bc8fe29dd8fc7
CRC32 84D8FE8D
ssdeep 24576:MYwCLCUplZhgjXj8YcgoniqO3CBiO0jaS+EtjC67V5MNx9XU:3GUhni7iSFCQGu
Yara
  • Malicious_Library_Zero - Malicious_Library
  • IsPE32 - (no description)
  • PE_Header_Zero - PE File Signature
  • Win32_Trojan_Gen_1_0904B0_Zero - Win32 Trojan Emotet
  • Win32_Trojan_Emotet_2_Zero - Win32 Trojan Emotet
  • Generic_Malware_Zero - Generic Malware
  • UPX_Zero - UPX packed file
  • mzp_file_format - MZP(Delphi) file format
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name 9884e9d1b4f8a873__shfoldr.dll
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\is-U9E68.tmp\_isetup\_shfoldr.dll
Size 22.8KB
Processes 2876 (FunnyJellyfish.tmp)
Type PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows
MD5 92dc6ef532fbb4a5c3201469a5b5eb63
SHA1 3e89ff837147c16b4e41c30d6c796374e0b8e62c
SHA256 9884e9d1b4f8a873ccbd81f8ad0ae257776d2348d027d811a56475e028360d87
CRC32 AE2C3EC2
ssdeep 384:+Vm08QoKkiWZ76UJuP71W55iWHHoSHigH2euwsHTGHVb+VHHmnH+aHjHqLHxmoq1:2m08QotiCjJuPGw4
Yara
  • IsDLL - (no description)
  • IsPE32 - (no description)
  • PE_Header_Zero - PE File Signature
VirusTotal Search for analysis
Name 78ef7eacffaba55e_delightfulcard.dll
Submit file
Filepath c:\users\test22\appdata\roaming\delightfulcard.dll
Size 2.6MB
Processes 2876 (FunnyJellyfish.tmp)
Type PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
MD5 985fef2b6872a1a94726dc3b7f1439de
SHA1 e221a5c4f2f222b665c932ab9b1f66189cee3315
SHA256 78ef7eacffaba55e653195fe37846375aeb51b164d80ad312afda54163da0622
CRC32 784A9C2F
ssdeep 49152:pOAiK+31ytqeiF6cDVYVuSFbnJpxEqyIStLZoxKurA8UlgdNbt7Wf9rhhJrNM1yE:H01ytqeiF6AY5sqyHh+rAlhJrGjc+60T
Yara
  • Malicious_Library_Zero - Malicious_Library
  • Malicious_Packer_Zero - Malicious Packer
  • IsDLL - (no description)
  • IsPE64 - (no description)
  • DllRegisterServer_Zero - execute regsvr32.exe
  • Admin_Tool_IN_Zero - Admin Tool Sysinternals
  • PE_Header_Zero - PE File Signature
  • Generic_Malware_Zero - Generic Malware
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name 77c0125a8d229031_unins000.exe
Submit file
Filepath c:\users\test22\appdata\local\unins000.exe
Size 1.1MB
Processes 2876 (FunnyJellyfish.tmp)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 a6837b868f2058e91aad605f9fdc67c6
SHA1 a509d384ab39762dda2dafca998f8910e035b364
SHA256 77c0125a8d22903148b96e6ccb75d955155867d4f66e5a291232f394fefe6aae
CRC32 A0847A45
ssdeep 24576:kYwCLCUplZhgjXj8YcgoniqO3CBiO0jaS+EtjC67V5MNx9X+:fGUhni7iSFCQGM
Yara
  • Malicious_Library_Zero - Malicious_Library
  • IsPE32 - (no description)
  • PE_Header_Zero - PE File Signature
  • Win32_Trojan_Gen_1_0904B0_Zero - Win32 Trojan Emotet
  • Win32_Trojan_Emotet_2_Zero - Win32 Trojan Emotet
  • Generic_Malware_Zero - Generic Malware
  • UPX_Zero - UPX packed file
  • mzp_file_format - MZP(Delphi) file format
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis