popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 81e31780a5f20782_y-cleaner.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\GY6s92RSeAf327rE2wrBw\Y-Cleaner.exe
Size 987.5KB
Processes 2540 (AcroRd32.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 f49d1aaae28b92052e997480c504aa3b
SHA1 a422f6403847405cee6068f3394bb151d8591fb5
SHA256 81e31780a5f2078284b011c720261797eb8dd85e1b95a657dbce7ac31e9df1f0
CRC32 BF7BD674
ssdeep 24576:oKvQFvJPmvQFv9qO7cvDFoiqO7UaaalF0vwqO7VWGZKl2HP:oKvgRPmvg0OIvRGOh0vJOZWGwl2HP
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • Is_DotNET_EXE - (no description)
  • IsPE32 - (no description)
VirusTotal Search for analysis
Name 0374b9945c617a65_ycl.lnk
Submit file
Filepath C:\Users\test22\Desktop\YCL.lnk
Size 2.0KB
Processes 2540 (AcroRd32.exe)
Type MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Icon number=0, Archive, ctime=Tue Feb 11 19:17:02 2025, mtime=Tue Feb 11 19:17:02 2025, atime=Tue Feb 11 19:17:02 2025, length=1011200, window=hide
MD5 bc863b52d394ddc0a7ff03b6f00c17ff
SHA1 cc10874621afd37da71dadd99c193dddb66690db
SHA256 0374b9945c617a657b67323f7e88b74c7bb48c39a4b3d57e1e5a33e88a685868
CRC32 016A8DCA
ssdeep 24:8xokHsERddERVCWLcHzNRr7tnd4N4yO4Zr7tMq4z6PyV:8ikHs1RkHpR3TQtZ3SqvyV
Yara
  • Antivirus - Contains references to security software
  • Lnk_Format_Zero - LNK Format
  • lnk_file_format - Microsoft Windows Shortcut File Format
VirusTotal Search for analysis
Name f1b3e0f2750a9103_bunifu_ui_v1.5.3.dll
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\GY6s92RSeAf327rE2wrBw\Bunifu_UI_v1.5.3.dll
Size 236.5KB
Processes 2540 (AcroRd32.exe)
Type PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 2ecb51ab00c5f340380ecf849291dbcf
SHA1 1a4dffbce2a4ce65495ed79eab42a4da3b660931
SHA256 f1b3e0f2750a9103e46a6a4a34f1cf9d17779725f98042cc2475ec66484801cf
CRC32 8476A72A
ssdeep 6144:SIQpxILDXGGMO7Ice9C5kQw2hWHcHTykhb:SIQpxILDXGGlET9n/cHG
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
  • ILProtector_Packer - ILProtector Packer
  • IsPE32 - (no description)
  • UPX_Zero - UPX packed file
  • Is_DotNET_DLL - (no description)
VirusTotal Search for analysis