popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name e3b0c44298fc1c14___tmp_rar_sfx_access_check_31263359
Empty file or file not found
Filepath C:\Users\test22\AppData\Local\Temp\__tmp_rar_sfx_access_check_31263359
Size 0.0B
Type empty
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
CRC32 00000000
ssdeep 3::
Yara None matched
VirusTotal Search for analysis
Name 44e8aa0601fffe82_590aee7bdd69b59b.customDestinations-ms~RF1dd85f8.TMP
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-ms~RF1dd85f8.TMP
Size 7.8KB
Type data
MD5 ee6cfd78f72f03663db2a7df0c696dd7
SHA1 56126e81a5f6577f8e24a890185d0c9eb600fa02
SHA256 44e8aa0601fffe82c494bbc7d7280aa3bc5e90effe2aee2d716d5716e1d6b568
CRC32 F27137C4
ssdeep 96:EtuCcBGCPDXBqvsqvJCwoRtuCcBGCPDXBqvsEHyqvJCworu4tDHXyGlUVul:EtCgXoRtCgbHnorBTyY
Yara
  • Antivirus - Contains references to security software
  • Generic_Malware_Zero - Generic Malware
VirusTotal Search for analysis
Name a92133787af66e6d_liu5jhg.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\liu5jhg.exe
Size 2.7MB
Processes 2628 (Okfgjrg5d8gt.exe)
Type PE32+ executable (GUI) x86-64, for MS Windows
MD5 952f360a4651f948be3a673178631641
SHA1 60e58b89cfce587aa121baf431d55cbbecd21545
SHA256 a92133787af66e6d68a301ef087e4116f5cab3f538d8ec5e5e0eb95cecc68ea8
CRC32 81A9D667
ssdeep 49152:NIKC+8eUs/UMBF1XX5QmZLPa16xzqD6Kdaf3DTOWzYuloalhHg4e:NlC+i0bBHXGgjaQx+OhfzTxzdloaD
Yara
  • PE_Header_Zero - PE File Signature
  • IsPE64 - (no description)
VirusTotal Search for analysis
Name de83dd82da3ebaa2_sdfg5fee.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\sdfg5fee.exe
Size 2.4MB
Processes 2628 (Okfgjrg5d8gt.exe)
Type PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
MD5 8e40252356a6fb3f8f52d1effa2c2c3c
SHA1 3bf5461b591a53dcb48ea2dc6535cd90aa786c4e
SHA256 de83dd82da3ebaa2c09fd75a7307ad5e2031ad8c911cd75753ffef3eb1571f0a
CRC32 ED31CF34
ssdeep 49152:4elUnBKWqx6g25uMThhswijSEGQpETFkNL:45BKtxo5fQIwuhk
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsPE64 - (no description)
  • Generic_Malware_Zero - Generic Malware
VirusTotal Search for analysis
Name 19fd26fa3f76141c_iujtyjythyt.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\iujtyjythyt.exe
Size 502.0KB
Processes 2628 (Okfgjrg5d8gt.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 ea001f076677c9b0dd774ae670efdf63
SHA1 37a4466f3c38b60a30fc1073b9d0b2d2d0e692e5
SHA256 19fd26fa3f76141cc05ef0c0c96ea91dcf900e760b57195f216a113b1cf69100
CRC32 45B90708
ssdeep 6144:tTEgdc0YNX7IxUpGREWve13+7LOUs6f6YMZlfdwcEysb8F92tw+gcTR3O:tTEgdfYWxUkQ61yeC3gtLgcdO
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • Win32_Trojan_PWS_Net_1_Zero - Win32 Trojan PWS .NET Azorult
  • Is_DotNET_EXE - (no description)
  • IsPE32 - (no description)
  • OS_Processor_Check_Zero - OS Processor Check
  • UPX_Zero - UPX packed file
VirusTotal Search for analysis