popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name fd6691e8929d88f0_windows.lnk
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Templates\Windows.lnk
Size 1.0KB
Processes 1280 (winX32.exe) 2260 (winX32.exe)
Type MS Windows shortcut, Item id list present, Has Relative path, ctime=Sun Dec 31 15:32:08 1600, mtime=Sun Dec 31 15:32:08 1600, atime=Sun Dec 31 15:32:08 1600, length=0, window=hide
MD5 78437cb9044fdd241f81e87d77bb2799
SHA1 75bba425987b03fcd704fee18cb7d6d60152f7f0
SHA256 fd6691e8929d88f028e0286f1b64686ea3a82e5178142682aedb4441e61038ec
CRC32 0555F2AB
ssdeep 12:8gl0oRY3HV7GovHSLcrOk3pQVcz3ilpBJrQE+1g3CNfBP/v4t2YLEPKzlX8:8fZ9MsOApQtBJrQE+1U2ddPy
Yara
  • lnk_file_format - Microsoft Windows Shortcut File Format
  • Lnk_Format_Zero - LNK Format
VirusTotal Search for analysis
Name 2328e7f81d21eb20_windows.lnk
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Windows.lnk
Size 1.2KB
Processes 1280 (winX32.exe) 2260 (winX32.exe)
Type MS Windows shortcut, Item id list present, Has Relative path, ctime=Sun Dec 31 15:32:08 1600, mtime=Sun Dec 31 15:32:08 1600, atime=Sun Dec 31 15:32:08 1600, length=0, window=hide
MD5 5e656ccc346e76f47b5de93338e25ee1
SHA1 d83228731f84bc26afddb87edb5add078be38618
SHA256 2328e7f81d21eb20a1c1f9048b8bf46b94f8918d3f86eccce594732386d4f3e3
CRC32 28D48484
ssdeep 24:8YZ9MsOApQDgCu+VBctMDBJrQE+1ud0qPy:8XsOAMgCdVqMdJrqYy
Yara
  • lnk_file_format - Microsoft Windows Shortcut File Format
  • Lnk_Format_Zero - LNK Format
VirusTotal Search for analysis
Name ca569ad2e113c57c_winx32.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\winX32.exe
Size 27.0KB
Processes 1280 (winX32.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 eee37f6f66eafa13d9555dfc9ccb3805
SHA1 c9b2dd6b4bd464cb767b5ff1260dc07e223cd0b8
SHA256 ca569ad2e113c57c5ddeb1770ae4d63f579df3504306097ff8a16b1cb37dcaa9
CRC32 A0A49D93
ssdeep 384:fL1M2XwBNOaLNOFE/Av2yeCP1BBvMl7AQk93vmhm7UMKmIEecKdbXTzm9bVhcaM4:Te220M0Wl7A/vMHTi9bD
Yara
  • PE_Header_Zero - PE File Signature
  • Is_DotNET_EXE - (no description)
  • IsPE32 - (no description)
VirusTotal Search for analysis