Dropped Files | ZeroBOX
Name 718da03f65738072_melt.txt
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\melt.txt
Size 45.0B
Processes 2688 (server.exe) 1264 (server.exe) 2876 (server.exe) 2408 (server.exe) 2076 (server.exe) 2460 (server.exe) 2516 (server.exe) 2164 (server.exe)
Type ASCII text, with no line terminators
MD5 e94c1b716954ec45df34e7d45de7e3e5
SHA1 d579146f010cd1d96eb7af6dcc8474e16dc0939a
SHA256 718da03f65738072c3cb5df79e866d1a817a5bfcfe695674a879d975a86999b9
CRC32 C686F757
ssdeep 3:oNmWxpcL4E2J5xAIjWkAn:oNmQpcLJ23fnA
Yara None matched
VirusTotal Search for analysis
Name a4d2060b27fbf050_Microsoft.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft.exe
Size 93.0KB
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 ceabf00e91c6d219345af40a28da43e8
SHA1 1203c6455e46b4a7007dea71f81849d50e3e48c1
SHA256 a4d2060b27fbf0500f87ddf80278ebd9f7c0861d487250b0048a4fd87fa79b8f
CRC32 22DCE727
ssdeep 768:AY3XiBD7O/pBcxYsbae6GIXb9pDXQzVMBwXCmXxrjEtCdnl2pi1Rz4Rk3B6sGd0F:PipOx6baIa9RtytjEwzGi1dDRmKVgS
Yara
  • PE_Header_Zero - PE File Signature
  • Is_DotNET_EXE - (no description)
  • IsPE32 - (no description)
  • Generic_Malware_Zero - Generic Malware
  • UPX_Zero - UPX packed file
VirusTotal Search for analysis
Name 711a6108ba2ce6ca_fransescopast.txt
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\FransescoPast.txt
Size 6.0B
Processes 2544 (joiner.exe) 2688 (server.exe) 3048 (svchost.exe) 1264 (server.exe) 2700 (svchost.exe) 2876 (server.exe) 2124 (svchost.exe) 2408 (server.exe) 2368 (svchost.exe) 2076 (server.exe) 1336 (svchost.exe) 2460 (server.exe) 1608 (svchost.exe) 2516 (server.exe) 2744 (svchost.exe) 2164 (server.exe)
Type ASCII text, with no line terminators
MD5 3905d7917f2b3429490b01cfb60d8f5b
SHA1 f78a71af8bbf8cc2f6f313549d4da14bd3771359
SHA256 711a6108ba2ce6ca93dd47d6817f2361db10d8ab6eec89460b2dfc2c325efabe
CRC32 873586F3
ssdeep 3:IA:9
Yara None matched
VirusTotal Search for analysis
Name f87e55f1a423b65f_autorun.inf
Submit file
Filepath C:\autorun.inf
Size 55.0B
Processes 2688 (server.exe)
Type Microsoft Windows Autorun file, ASCII text, with CRLF line terminators
MD5 40b1630be21f39cb17bd1963cae5a207
SHA1 63c14bd151d42820dd45c033363fa5b9e1d34124
SHA256 f87e55f1a423b65fd639146f71f6027dbd4d6e69b65d9a17f1744774aa6589e1
CRC32 903049B1
ssdeep 3:It1KV2PHQCyK0x:e1KAwCyD
Yara None matched
VirusTotal Search for analysis
Name 59f6eeca3c022531_app
Submit file
Filepath C:\Users\test22\AppData\Roaming\app
Size 5.0B
Processes 2544 (joiner.exe) 2688 (server.exe) 3048 (svchost.exe) 1264 (server.exe) 2700 (svchost.exe) 2876 (server.exe) 2124 (svchost.exe) 2408 (server.exe) 2368 (svchost.exe) 2076 (server.exe) 1336 (svchost.exe) 2460 (server.exe) 1608 (svchost.exe) 2516 (server.exe) 2744 (svchost.exe) 2164 (server.exe)
Type UTF-8 Unicode (with BOM) text, with no line terminators
MD5 850ad04adc35f6ec7809f0f70de8300c
SHA1 06387beffabdf4ea012664a1d2693862a5e5a181
SHA256 59f6eeca3c022531b409b0dc1ea7c1d244ecc7af5b67a5600470b59cdbc04abe
CRC32 CD62B2AF
ssdeep 3:Yn:Yn
Yara None matched
VirusTotal Search for analysis