popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 718da03f65738072_melt.txt
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\melt.txt
Size 45.0B
Processes 2536 (Server.exe) 2912 (server.exe)
Type ASCII text, with no line terminators
MD5 e94c1b716954ec45df34e7d45de7e3e5
SHA1 d579146f010cd1d96eb7af6dcc8474e16dc0939a
SHA256 718da03f65738072c3cb5df79e866d1a817a5bfcfe695674a879d975a86999b9
CRC32 C686F757
ssdeep 3:oNmWxpcL4E2J5xAIjWkAn:oNmQpcLJ23fnA
Yara None matched
VirusTotal Search for analysis
Name 3bf2449588aaea6f_Microsoft Corporation.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Corporation.exe
Size 93.0KB
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 25443271763910e38d74296d29f48071
SHA1 269a7dd9ff1d0076a65630715f5bd4600a33bb0d
SHA256 3bf2449588aaea6f7b7f984af24bd889ee438bb33d9331f5990ef9b6184695e8
CRC32 2431368B
ssdeep 768:IY3zetD9O/pBcxYsbae6GIXb9pDX2b98PL0OXLeuXxrjEtCdnl2pi1Rz4Rk3QsG7:jenOx6baIa9RPj00ljEwzGi1dDoDvgS
Yara
  • PE_Header_Zero - PE File Signature
  • Is_DotNET_EXE - (no description)
  • IsPE32 - (no description)
  • Generic_Malware_Zero - Generic Malware
  • UPX_Zero - UPX packed file
VirusTotal Search for analysis
Name 711a6108ba2ce6ca_fransescopast.txt
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\FransescoPast.txt
Size 6.0B
Processes 2536 (Server.exe) 2800 (svchost.exe) 2912 (server.exe) 2072 (svchost.exe) 2068 (server.exe)
Type ASCII text, with no line terminators
MD5 3905d7917f2b3429490b01cfb60d8f5b
SHA1 f78a71af8bbf8cc2f6f313549d4da14bd3771359
SHA256 711a6108ba2ce6ca93dd47d6817f2361db10d8ab6eec89460b2dfc2c325efabe
CRC32 873586F3
ssdeep 3:IA:9
Yara None matched
VirusTotal Search for analysis
Name f87e55f1a423b65f_autorun.inf
Submit file
Filepath C:\autorun.inf
Size 55.0B
Processes 2536 (Server.exe)
Type Microsoft Windows Autorun file, ASCII text, with CRLF line terminators
MD5 40b1630be21f39cb17bd1963cae5a207
SHA1 63c14bd151d42820dd45c033363fa5b9e1d34124
SHA256 f87e55f1a423b65fd639146f71f6027dbd4d6e69b65d9a17f1744774aa6589e1
CRC32 903049B1
ssdeep 3:It1KV2PHQCyK0x:e1KAwCyD
Yara None matched
VirusTotal Search for analysis
Name 80ad1cc7b3a784da_app
Submit file
Filepath C:\Users\test22\AppData\Roaming\app
Size 5.0B
Processes 2536 (Server.exe) 2800 (svchost.exe) 2912 (server.exe) 2072 (svchost.exe) 2068 (server.exe)
Type UTF-8 Unicode (with BOM) text, with no line terminators
MD5 d43c5b07c128b116b7bc8faf7b8efa9d
SHA1 dd3540ad4ae14b21b665d108cf4570c2dfa6a6fa
SHA256 80ad1cc7b3a784dad618a445af0c8cf3efa903f82a814756f2aaa7b57f45791f
CRC32 4D70D254
ssdeep 3:k:k
Yara None matched
VirusTotal Search for analysis