popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name e3b0c44298fc1c14_C07C.tmp
Empty file or file not found
Filepath C:\Users\test22\AppData\Local\Temp\C07C.tmp
Size 0.0B
Type empty
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
CRC32 00000000
ssdeep 3::
Yara None matched
VirusTotal Search for analysis
Name b362bcabe14080e0_coccocsetup.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\CocCocSetup.exe
Size 1010.2KB
Processes 1820 (Coc%20Coc.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 14cd371655509a7b59c0297e886b793f
SHA1 86102e951397b6c697cdcc5363d9e78b4fee21f1
SHA256 b362bcabe14080e09142514e6d867b16345c801c306d8b77868b323ed03e94b0
CRC32 9CCBBF6B
ssdeep 24576:8yn6GSLBgkONrnYkY3+rWqZtxKTEynyb9xcYjF5S:P64kmrv1NMEGybJB5S
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • Win32_Trojan_Emotet_2_Zero - Win32 Trojan Emotet
  • IsPE32 - (no description)
  • Generic_Malware_Zero - Generic Malware
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name e3df5de8d2221dd3_setup.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\setup.exe
Size 3.7MB
Processes 1820 (Coc%20Coc.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 bffd87c157f19834c73d14240cea6025
SHA1 bb30b17e7ec5225e35b4993339650d9dd70a5c60
SHA256 e3df5de8d2221dd3061eeb011c1d849edef4a609d29c542cb5cf3d82afede465
CRC32 AFE9B73D
ssdeep 98304:y6666666666666666666666666666666x666666666666666fwwwwwwwwwwwwwwH:TsBYnlrhcNlI1vQWIi7rrTmRhLIKtopm
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • Malicious_Packer_Zero - Malicious Packer
  • IsPE32 - (no description)
  • Generic_Malware_Zero - Generic Malware
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name befc7ec9f3f4db78_portable_util.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\portable_util.exe
Size 2.6MB
Processes 1820 (Coc%20Coc.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 68e2c71187e1d5b07d9e76c71d27b2d6
SHA1 de984e4bb73cef8f9db3325218e2d1126d12f29c
SHA256 befc7ec9f3f4db7875c7c7cb5d76ce0a424f95ac3cbf5ca98c8b59b19e2d89d8
CRC32 611E5FDB
ssdeep 49152:zl6666666666666666666666666666666x666666666666666fwwwwwwwwwwwwwK:R666666666666666666666666666666P
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • Malicious_Packer_Zero - Malicious Packer
  • IsPE32 - (no description)
  • Generic_Malware_Zero - Generic Malware
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name 72572317f1b18b33_C07E.bat
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\C07C.tmp\C07D.tmp\C07E.bat
Size 391.0B
Processes 1820 (Coc%20Coc.exe)
Type ASCII text, with CRLF line terminators
MD5 37b1b79bd305ad40763f735f6bdc5492
SHA1 3dbcd6540a68974280c4f24abf80a3519e6797ed
SHA256 72572317f1b18b3348c3cf7de977b8742b0b47fd79b92576d7e4787b588fa08b
CRC32 15385ECD
ssdeep 6:NUMkJgkbrih4pkbr9Bu87CM3arWeBcFa2KRM63ZALVMc6mwVWf/4AAWS:NUhJFSqKaaeBMFKRM4Aqc6VY/N+
Yara None matched
VirusTotal Search for analysis