popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 9501cd37c05fe5dc_time_20250414_105001.dat
Submit file
Filepath C:\Users\test22\AppData\Roaming\Screenshots\time_20250414_105001.dat
Size 160.5KB
Processes 2340 (remcos.exe)
Type data
MD5 869481c12006d38367335fd3ca9b7988
SHA1 8dfad7256485e90be2df57c273021741a95a0c3c
SHA256 9501cd37c05fe5dc99b09042fd6ffc3297c4ea806cdf8968a4ee89abab1e0a29
CRC32 5F664994
ssdeep 3072:+rXCjvWiNKMZJBo3/vnp4YbtVltDNpFWr5YijXBapGTpZbTbr:SXCLrY/RVF7pYRrnTpZbfr
Yara None matched
VirusTotal Search for analysis
Name 9e6ba364f8fa3dce_install.vbs
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\install.vbs
Size 516.0B
Processes 1880 (remcos_a.exe) 2152 (wscript.exe)
Type data
MD5 0b8b944e2a57b7f88a5dd546f4bac135
SHA1 f4bec8db805983f5e5102dec31109a5021c2833f
SHA256 9e6ba364f8fa3dce6be60a71d1567d9ca80b010a23491658bf25b6c281208ab6
CRC32 EB84079D
ssdeep 12:4D8o++ugypjBQMB3Ds/Q1J89ZvFQ4lOnb5SpE2F0M/0aimi:4Dh+SMTLL89hFNObYE2F0Nait
Yara None matched
VirusTotal Search for analysis
Name 782895a1a1f924fd_remcos_a.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\remcos_a.exe
Size 469.5KB
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 e3aecc3188eac24edb8e34f5044b3a6a
SHA1 2fcaddc53adb86b3d456c05468c097aa5feac492
SHA256 782895a1a1f924fd2a8271667f7749723bbc02a2db458e56bd270f2ee122b88d
CRC32 7FC51182
ssdeep 12288:Wmnk7iLJbpIpiRL6I2WhSKQ9ZsfZQSSn9:uiLJbpI7I2WhQqZ7S9
Yara
  • PE_Header_Zero - PE File Signature
  • Malicious_Library_Zero - Malicious_Library
  • infoStealer_browser_b_Zero - browser info stealer
  • Network_Downloader - File Downloader
  • IsPE32 - (no description)
  • Malicious_Packer_Zero - Malicious Packer
  • Generic_Malware_Zero - Generic Malware
  • OS_Processor_Check_Zero - OS Processor Check
  • UPX_Zero - UPX packed file
VirusTotal Search for analysis