Dropped Files | ZeroBOX

Name	1838af37f7740452_c214.exe Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\IXP000.TMP\c214.exe
Size	637.0KB
Processes	2544 (goodboy.exe)
Type	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5	`dc89d3df253d2a99c687fdc1175525b0`
SHA1	`4c545dd39023631340eaffe0b970dbd7cd2ed310`
SHA256	`1838af37f774045256981101f05c22cc796088ae6643f7de07b3d6ac19a9b9f3`
CRC32	`D29A657C`
ssdeep	`12288:mp9ZgK/sfdXw3KdFc2Ru4zfrDoD/gxi6ZJUYbF5ZHKFYYYz4ML3Mcei:hwp2RREIlZJUC7KelL3MHi`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature Is_DotNET_EXE - (no description) Win32_Trojan_PWS_Net_1_Zero - Win32 Trojan PWS .NET Azorult IsPE32 - (no description)
VirusTotal	Search for analysis

Name	56d449ae82f8985e_build0~1.exe Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\IXP000.TMP\BUILD0~1.EXE
Size	393.0KB
Processes	2544 (goodboy.exe)
Type	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5	`b15c2d0072df0e7c756c4338f34643dc`
SHA1	`e2a542c27ef62e873eecaf4a5ac2fd35857996c2`
SHA256	`56d449ae82f8985ed268a7ce88d51729f96e22ae023ac7c8b57f32e565670c0d`
CRC32	`F6406972`
ssdeep	`6144:Eltd1lIoPOxhbTFpdMdCqiuQeG3SmGj+NdMbvDfOCkv7gc:eljOR9hiG3TNdWOv7gc`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature Malicious_Packer_Zero - Malicious Packer Is_DotNET_EXE - (no description) Win32_Trojan_PWS_Net_1_Zero - Win32 Trojan PWS .NET Azorult IsPE32 - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis