Dropped Files | ZeroBOX
Name 995dd4d7597c76c7_tmpC6A6.tmp.bat
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\tmpC6A6.tmp.bat
Size 153.0B
Processes 2544 (None) 3044 (cmd.exe)
Type DOS batch file, ASCII text, with CRLF line terminators
MD5 982e3b745faefb068e0a8b5c06f1522b
SHA1 485348c332153e5afa157bd3b134db20453f3466
SHA256 995dd4d7597c76c7f8380df2be261f81d2fbd862cf100a3579b8d7f85c8fca1f
CRC32 2619A7BA
ssdeep 3:mKDDCMNqTtvL5omWxpcL4EaKC5dodASmqRDmWxpcL4E2J5xAInTRIMTkT8HVZPy:hWKqTtT6mQpcLJaZ5LSmq1mQpcLJ23fU
Yara None matched
VirusTotal Search for analysis
Name 1b9e97ba99aed432_discord.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\Discord.exe
Size 47.5KB
Processes 2544 (None)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 17bbb12504a20c0c2544c8dac52ed0a1
SHA1 ff9c5d849ee5817d47e1339b7a7c266119352d45
SHA256 1b9e97ba99aed432ccc47149bc929f9ad64a16241ac168017205312075600a52
CRC32 CD81388A
ssdeep 768:MuyJNTAoZjRWUJd9bmo2qLPqjtXVcPICdOYV8AbTkByRPZmRMBDZ0x:MuyJNTAGL2LTCdOajbQARPZmRKd0x
Yara
  • PE_Header_Zero - PE File Signature
  • Malicious_Packer_Zero - Malicious Packer
  • Is_DotNET_EXE - (no description)
  • Win32_Trojan_PWS_Net_1_Zero - Win32 Trojan PWS .NET Azorult
  • AsyncRat - AsyncRat Payload
  • IsPE32 - (no description)
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis