popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 5f6b7dde80e70c30_CSC9F0AC9541EC84AF689C65D5E6FDB7F4B.TMP
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\CSC9F0AC9541EC84AF689C65D5E6FDB7F4B.TMP
Size 652.0B
Processes 2060 (csc.exe)
Type MSVC .res
MD5 2cd4941b90394e3c6789b08f7317719b
SHA1 3bf0d4f3a3e7f2e4a788a5741bc8cfcf05dcb11a
SHA256 5f6b7dde80e70c30f3295d1e6e7942692b225dc654fd2a11a55d2d8b627d8e79
CRC32 957B8D23
ssdeep 12:DXt4Ii3ntuAHia5YA49aUGiqMZAiN5gryAak7YnqqWPN5Dlq5J:+RI+ycuZhNeakSWPNnqX
Yara None matched
VirusTotal Search for analysis
Name c3ae166b77e7843c_ctmqvxyn.0.cs
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\ctmqvxyn.0.cs
Size 101.4KB
Processes 1648 (fg.exe)
Type UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators
MD5 d3d7b5b0fbcc9de20ec2e4fa32236a10
SHA1 164877cfef6f88ee94f26cc6e7ebd5007dc0ba1f
SHA256 c3ae166b77e7843c2f31b5c80beb993b580d1e5877d9c8cabfa17dd2ba57de50
CRC32 A67A6088
ssdeep 1536:tWGNGxG/GXGyG4fGRwGK5/Ggo5J+42ZyZS61M8NU2ScoW:tWGNGxG/GXGyG2GKGK5/GuW
Yara
  • hide_executable_file - Hide executable file
VirusTotal Search for analysis
Name bce365ecd9a7cd91_ctmqvxyn.cmdline
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\ctmqvxyn.cmdline
Size 188.0B
Processes 1648 (fg.exe)
Type UTF-8 Unicode (with BOM) text, with no line terminators
MD5 19d1a83fc052bd537ea230a53decc435
SHA1 610fd890f2d0d490a3f74b20997efc9456db62d5
SHA256 bce365ecd9a7cd9161663ffdaa870773112d7ea7c1076e6d1fc9f071c28b9ab3
CRC32 434EEC3A
ssdeep 3:0HXEXA8F+H2R5BJiWR5mKWLRRmWxpcL4E2J5xAITU6LDJlaiQCIFRVRMxTPImWxh:pAu+H2L/6K2mQpcLJ23fYeUzxszImQpL
Yara None matched
VirusTotal Search for analysis
Name e3b0c44298fc1c14_ctmqvxyn.err
Empty file or file not found
Filepath C:\Users\test22\AppData\Local\Temp\ctmqvxyn.err
Size 0.0B
Type empty
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
CRC32 00000000
ssdeep 3::
Yara None matched
VirusTotal Search for analysis
Name d4c155433411ab84_ctmqvxyn.out
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\ctmqvxyn.out
Size 444.0B
Processes 1648 (fg.exe)
Type UTF-8 Unicode (with BOM) text, with CRLF, CR line terminators
MD5 9a85192c6b7bbd79fbffb59ae5ad734e
SHA1 dbc99af211388815cc62f1ac1d89dcab9cf79dec
SHA256 d4c155433411ab843460eee4385aa935f3cbf760669aec15ecfb668895879ee2
CRC32 8A0F7E47
ssdeep 12:K4OLM9qR37L/6KQOLMOXOLMt4Ka8GIKO5SBFN+y:K+9qdn6K2Gt4Ka2KoSDQy
Yara None matched
VirusTotal Search for analysis
Name 3de98e7c3ce70815_RESC30C.tmp
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\RESC30C.tmp
Size 1.3KB
Processes 2144 (cvtres.exe) 2060 (csc.exe)
Type Intel 80386 COFF object file, not stripped, 3 sections, symbol offset=0x48e, 9 symbols
MD5 062498358d50499d74bca095d5e6984f
SHA1 03cce12e07ec31e9c5b204cef0e30d169babf515
SHA256 3de98e7c3ce708158851eadceda4bc4752ff4ff9780fde65d5a968ea9b156d5b
CRC32 C490E6CE
ssdeep 24:HJFzW99/E9HywrUeKnxfeI+ycuZhNeakSWPNnqw2d:8/E9pfKnxm1ulea3qqwG
Yara None matched
VirusTotal Search for analysis
Name 89c8b2abc316dcbb_ctmqvxyn.dll
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\ctmqvxyn.dll
Size 41.5KB
Processes 2060 (csc.exe) 1648 (fg.exe)
Type PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 17d709e6b57b1e08b0744f017fb98064
SHA1 f73069fdb008eef3f49a71510d90952b7ed249e1
SHA256 89c8b2abc316dcbba49366136a31a6f470ccf2f7a688a67b32dffd2be7666dd7
CRC32 AFD0861D
ssdeep 768:KRPD9OQhx/BV3Tw4xqdVFE9jDFOjhkbbZJAfubRY:Kd9OW/V3U4x8FE9jDFOju30fubRY
Yara
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
  • Antivirus - Contains references to security software
  • IsPE32 - (no description)
  • OS_Processor_Check_Zero - OS Processor Check
  • UPX_Zero - UPX packed file
  • Is_DotNET_DLL - (no description)
VirusTotal Search for analysis