popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name e3b0c44298fc1c14_xhdahxs0.tmp
Empty file or file not found
Filepath C:\Users\test22\AppData\Local\Temp\xhdahxs0.tmp
Size 0.0B
Type empty
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
CRC32 00000000
ssdeep 3::
Yara None matched
VirusTotal Search for analysis
Name 6bb90422f5c1dec6_RESEF03.tmp
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\RESEF03.tmp
Size 1.3KB
Processes 2696 (cvtres.exe) 2628 (csc.exe)
Type Intel 80386 COFF object file, not stripped, 3 sections, symbol offset=0x48e, 9 symbols
MD5 bbc6828c4c6d7f565a0e1eb28d53d1b7
SHA1 0b38d8214fd91b6c816849413b77716b368f2a66
SHA256 6bb90422f5c1dec620734ae75b4378d233baeff46f75154d1dd5a279be0aad4b
CRC32 1117FDC7
ssdeep 24:HHFzW92TGrHfwrUeKnxfeI+ycuZhNqakSSPNnqw2d:XT46fKnxm1ulqa3+qwG
Yara None matched
VirusTotal Search for analysis
Name b5e98ec701eb61b1_xhdahxs0.0.cs
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\xhdahxs0.0.cs
Size 101.5KB
Processes 2560 (fg.exe)
Type UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators
MD5 e867111b7ce524871400b4219d1456b8
SHA1 54fcc6b5d81524cf7e5e1e8f3264fa9025370357
SHA256 b5e98ec701eb61b18000d0c3c001101d7c6431e41eb055a538d0b4525da7f1d5
CRC32 B351046A
ssdeep 1536:tWGNGxG/GXGyG4fGRwGK5/GFo5J+42ZyxS61M8NU2Scz:tWGNGxG/GXGyG2GKGK5/G0
Yara
  • hide_executable_file - Hide executable file
VirusTotal Search for analysis
Name dc2253cb99c2078d_CSC96A71BB23CA14576A7F74BE1A2AADC1.TMP
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\CSC96A71BB23CA14576A7F74BE1A2AADC1.TMP
Size 652.0B
Processes 2628 (csc.exe)
Type MSVC .res
MD5 1c7a9cafc5e361d68428aab9b46db3d9
SHA1 2dee0a9b42d7637a1328b7426d83e109e9b1aa73
SHA256 dc2253cb99c2078d0a2c8987787ee806b7bb608f99387c727160ca1c46d9b41e
CRC32 5F2A1BB0
ssdeep 12:DXt4Ii3ntuAHia5YA49aUGiqMZAiN5gryOIqak7YnqqTIbPN5Dlq5J:+RI+ycuZhNqakSSPNnqX
Yara None matched
VirusTotal Search for analysis
Name 5448f1f40d9387c5_xhdahxs0.dll
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\xhdahxs0.dll
Size 41.5KB
Processes 2628 (csc.exe) 2560 (fg.exe)
Type PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 e28baaa1376cf4190e7d52ec0fcf767a
SHA1 c6dda24e568394b4af3a110d69ad21f55da13480
SHA256 5448f1f40d9387c575492f62a0844981943836bc5b8330246fc7cd4e0f580051
CRC32 60F38270
ssdeep 768:KkRPD9OQhx/BV3Tw4xqdVFE9jDFOjhkbbdsfuk4M:Kkd9OW/V3U4x8FE9jDFOju3dsfuk4M
Yara
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
  • Antivirus - Contains references to security software
  • IsPE32 - (no description)
  • OS_Processor_Check_Zero - OS Processor Check
  • UPX_Zero - UPX packed file
  • Is_DotNET_DLL - (no description)
VirusTotal Search for analysis
Name 82c7ac6a02f0c0e2_xhdahxs0.cmdline
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\xhdahxs0.cmdline
Size 188.0B
Processes 2560 (fg.exe)
Type UTF-8 Unicode (with BOM) text, with no line terminators
MD5 16d003903104dda005d8e3451d630368
SHA1 94f98733c7f4e11dae4780ce6b0928bae3716d29
SHA256 82c7ac6a02f0c0e27ce595e26afc1b4ffa782cec35c5023b3a6d4db87197866c
CRC32 6AF5FC3F
ssdeep 3:0HXEXA8F+H2R5BJiWR5mKWLRRmWxpcL4E2J5xAIVkdW3FaiQCIFRVRMxTPImWxpD:pAu+H2L/6K2mQpcLJ23fVktzxszImQpD
Yara None matched
VirusTotal Search for analysis
Name 589be2613be3babe_xhdahxs0.out
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\xhdahxs0.out
Size 444.0B
Processes 2560 (fg.exe)
Type UTF-8 Unicode (with BOM) text, with CRLF, CR line terminators
MD5 8d4f5981c3c4df8d2217c13ecefb2a67
SHA1 3d2fa438e76ea93b39dcdfdf90db75447daf6524
SHA256 589be2613be3babe0393e679a1ea875db806ecf9937fe08de0636734dd170da4
CRC32 EFF5ED61
ssdeep 12:K4OLM9qR37L/6KQOLMatXOLMaO4Ka8GIKO5SBFN+y:K+9qdn6K2+aKa2KoSDQy
Yara None matched
VirusTotal Search for analysis