popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name dcf055c56f3428d4_acgjpmyy.out
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\acgjpmyy.out
Size 444.0B
Processes 912 (rt.exe)
Type UTF-8 Unicode (with BOM) text, with CRLF, CR line terminators
MD5 66320418b382492a59218621a029cece
SHA1 3aebe29f19147ba6c351b70fd6d071f063572188
SHA256 dcf055c56f3428d4194957caf14643e0aebbad732e7d6f3ce98efe8c16839f42
CRC32 6DECE795
ssdeep 12:K4OLM9qR37L/6KQOLMQcUXOLMQjKa8GIKO5SBFN+y:K+9qdn6K2Qc8QjKa2KoSDQy
Yara None matched
VirusTotal Search for analysis
Name e3b0c44298fc1c14_acgjpmyy.tmp
Empty file or file not found
Filepath C:\Users\test22\AppData\Local\Temp\acgjpmyy.tmp
Size 0.0B
Type empty
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
CRC32 00000000
ssdeep 3::
Yara None matched
VirusTotal Search for analysis
Name df319a1ec54e7c52_CSC9283B84DF8764A1AAE12BFAB3DC385AC.TMP
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\CSC9283B84DF8764A1AAE12BFAB3DC385AC.TMP
Size 652.0B
Processes 2088 (csc.exe)
Type MSVC .res
MD5 6ed8d0597ca46a3bc26c450f2e238c55
SHA1 85c6557cce2bdbda745b0317aaed74c7ec36af41
SHA256 df319a1ec54e7c52ef3bfc3f6ec25db9c47fb7edc755bb77e91ba1cecd657098
CRC32 8EC70AA3
ssdeep 12:DXt4Ii3ntuAHia5YA49aUGiqMZAiN5gryeCPGak7YnqqLCPXPN5Dlq5J:+RI+ycuZhNuakS2PNnqX
Yara None matched
VirusTotal Search for analysis
Name 81f1e49e831871b4_acgjpmyy.0.cs
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\acgjpmyy.0.cs
Size 101.9KB
Processes 912 (rt.exe)
Type UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators
MD5 b7d84d4752fcef0d27c1c6f62d557f7a
SHA1 92c0d7e926329f5e997f3b9753d9d3db42f18c24
SHA256 81f1e49e831871b44b80ef805a6e39d33166acc9f74dfc7e61689d33a2379908
CRC32 04DD8962
ssdeep 768:X3eepB+GlNH1FOPIjDvwZKEHUNNpo+KH2Hy4oO5HMg4GYyT9mlNydnAvrx:X3eepBLjM8NU2SFsm
Yara
  • hide_executable_file - Hide executable file
VirusTotal Search for analysis
Name 3820edceb1b3f548_acgjpmyy.cmdline
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\acgjpmyy.cmdline
Size 188.0B
Processes 912 (rt.exe)
Type UTF-8 Unicode (with BOM) text, with no line terminators
MD5 722912e474612a7f76e38dbf715d639d
SHA1 c939465542e3d3bc73816c92ee0ba5f4087399ed
SHA256 3820edceb1b3f5486075c76e9c42d6a59c0b156264f7e000e4d9db494677bae5
CRC32 26F2BF48
ssdeep 3:0HXEXA8F+H2R5BJiWR5mKWLRRmWxpcL4E2J5xAI7UhcLBHUiQCIFRVRMxTPImWxJ:pAu+H2L/6K2mQpcLJ23f7Uhc1HUzxszS
Yara None matched
VirusTotal Search for analysis
Name 5521d793bd073378_RESCA5F.tmp
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\RESCA5F.tmp
Size 1.3KB
Processes 2148 (cvtres.exe) 2088 (csc.exe)
Type Intel 80386 COFF object file, not stripped, 3 sections, symbol offset=0x48e, 9 symbols
MD5 996fb86596e7b278e7fc987d9824bd2e
SHA1 85905ff1a92c0c78c9e74f18926558fcb7d44e84
SHA256 5521d793bd073378dc2de3f823943e18dcdfe6b11f7d5363f6c0da26c3548ce8
CRC32 DA66BEE9
ssdeep 24:H8FzW99/8ZrHqwrUeKnxfeI+ycuZhNuakS2PNnqw2d:1/8ZrRfKnxm1ulua3KqwG
Yara None matched
VirusTotal Search for analysis
Name 67619227343f501d_acgjpmyy.dll
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\acgjpmyy.dll
Size 41.5KB
Processes 2088 (csc.exe) 912 (rt.exe)
Type PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 c32ddae497acee0eeb8ff951780d9f09
SHA1 68c1855f862602724fa409840e2fecd95d65a193
SHA256 67619227343f501d7508b33016341d3f1c972fcc6628610c94cf53a623fb3ec1
CRC32 0317F899
ssdeep 768:5Va+vNtg+PB93Tw4xqdVFE9jJ6OjhGbOoCYcN:xvNtgw93U4x8FE9jEOj0SWcN
Yara
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
  • Antivirus - Contains references to security software
  • IsPE32 - (no description)
  • OS_Processor_Check_Zero - OS Processor Check
  • UPX_Zero - UPX packed file
  • Is_DotNET_DLL - (no description)
VirusTotal Search for analysis