popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 3a255c0024916f19_590aee7bdd69b59b.customDestinations-ms~RF1cc2d3c.TMP
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-ms~RF1cc2d3c.TMP
Size 7.8KB
Processes 2236 (powershell.exe) 2628 (powershell.exe)
Type data
MD5 6fd29def73b2779e0ae71c4eecd304f7
SHA1 4ba660e4db856e04eb93a01c59ee764259ec55e7
SHA256 3a255c0024916f19c5b3f5d4aa5cde453cc5d90b0784a15f0456e57e71a764b6
CRC32 1F966CD8
ssdeep 96:ctuCeGCPDXBqvsqvJCwo5tuCeGCPDXBqvsEHyqvJCworDPtDHXyf2lUVul:ctvXo5tvbHnorxTyQ
Yara
  • Antivirus - Contains references to security software
  • Generic_Malware_Zero - Generic Malware
VirusTotal Search for analysis
Name f07d675b0dae33f8_aggregatorhostsss
Submit file
Filepath C:\Users\test22\AppData\Roaming\AggregatorHostsss
Size 66.0KB
Processes 884 (PhotoshopSetup.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 2987da97a36e8c4345ec4090e6986376
SHA1 3c547576492bdc02ff27ff6686088f34f5a00632
SHA256 f07d675b0dae33f8e44417eb6fa8a61724e14234d7a4f7cf40b8f7d10035d716
CRC32 22096C52
ssdeep 1536:khhyu2RVJKuuwhSIEFv9bF8u6POwaejDLT:dljhOFv9buPOw5
Yara
  • PE_Header_Zero - PE File Signature
  • Antivirus - Contains references to security software
  • Is_DotNET_EXE - (no description)
  • IsPE32 - (no description)
  • OS_Processor_Check_Zero - OS Processor Check
  • UPX_Zero - UPX packed file
VirusTotal Search for analysis
Name 482dabd389742216_aggregatorhostsss.lnk
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AggregatorHostsss.lnk
Size 753.0B
Processes 884 (PhotoshopSetup.exe)
Type MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Tue Mar 25 19:25:23 2025, mtime=Tue Mar 25 19:25:23 2025, atime=Tue Mar 25 19:25:23 2025, length=67584, window=hide
MD5 e1ca24bb6436f73a5e37ebc32a07d355
SHA1 2df621ee2f5f92a7be5bbcb4cbc11ba3f02b31fc
SHA256 482dabd389742216507e7ee6d45f12dec65ef7e49826bab6d75658cc9dcb522b
CRC32 3B71EEEF
ssdeep 12:8Z+AlE964cZCrR8EvSE4FTzSLZxOizCCOLAHw3tEetgAuP:8Z3lWHsERdOFUDtzNCtEetHuP
Yara
  • Lnk_Format_Zero - LNK Format
  • lnk_file_format - Microsoft Windows Shortcut File Format
VirusTotal Search for analysis