popup
Dropped Burrfers | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Buffers

Name a1f27354f4ddf81785f634fa702e775eb1957c55
Size 9.0KB
Type ASCII text, with very long lines, with no line terminators
MD5 126aef095c87d8381c309d0fed4b5392
SHA1 a1f27354f4ddf81785f634fa702e775eb1957c55
SHA256 4bc429e03e56b647e6a5b71388ef8dde3381e8263f49c9435ff1f979da8a8575
CRC32 FC408AD7
ssdeep 192:z/9i5vWNLuOzdjOfMgEpOsSvBRh6BbiOP82tb/eN:bE0ukAfNEUJeBVLCN
Yara
  • Suspicious_Obfuscation_Script_2 - Suspicious obfuscation script (e.g. executable files)
  • anti_vm_detect - Possibly employs anti-virtualization techniques
VirusTotal Search for analysis
Name f806234bcdec8011cafcbc0affb872977c08b6cb
Size 236.5KB
Type data
MD5 f98f24a70ae348839e7def216f690aed
SHA1 f806234bcdec8011cafcbc0affb872977c08b6cb
SHA256 17210e2622faafabb36206a7489e78a565938950a223f1eb59cc1591678ec779
CRC32 5BC03DF2
ssdeep 3072:2pNyKayCB7/MJo27/12YHcTHo9rG8KaG5jnThdq:+yKayCB/uoHFsq8KaWTP
Yara
  • Win_Trojan_AgentTesla_M_B_Zero - Win Trojan AgentTesla
  • Malicious_Library_Zero - Malicious_Library
VirusTotal Search for analysis
Name 5e301b953514991fdb4cfa42d43682108d86f4b8
Size 5.1KB
Type ASCII text, with very long lines, with no line terminators
MD5 37164d534ca4f87c4e6a29ba478c06e6
SHA1 5e301b953514991fdb4cfa42d43682108d86f4b8
SHA256 2ec36111aa3d628ece1f7c8b8fb4b7bdd4b7b7bde19e0f073bb05434134cfe6c
CRC32 444BAFDA
ssdeep 96:YDCjbVc3s9rgIYe18pnNR0z2+Ro+k/TW0yHTsG+/KP+DmONVWiqkXs:YDsVas9rYFnNRpwlWa0M4KP3ONhrs
Yara
  • Suspicious_Obfuscation_Script_2 - Suspicious obfuscation script (e.g. executable files)
VirusTotal Search for analysis
Name 164aca733cb93f38e01ca7e52d525f444c890589
Size 63.5KB
Type ASCII text, with very long lines, with no line terminators
MD5 e83b1bcd1176b61f1e5a04604959964f
SHA1 164aca733cb93f38e01ca7e52d525f444c890589
SHA256 05ae127563169a23819dc0315c1209da4e3e8619b427f56efc1d40c75338a090
CRC32 A2337ADA
ssdeep 1536:pLyM2nBnbug4IEmTfh8EVVcsmDeOpIgz5qltXXaSx:pf2np4R6WSVDmD1pIEI7XXVx
Yara
  • Suspicious_Obfuscation_Script_2 - Suspicious obfuscation script (e.g. executable files)
VirusTotal Search for analysis
Name 69ad014659483319b9783a12b0af7913c2a5e365
Size 36.8KB
Type ASCII text, with very long lines, with no line terminators
MD5 25b4335b173c7cce25c9261e3e83e639
SHA1 69ad014659483319b9783a12b0af7913c2a5e365
SHA256 ec8fcc4f98f00cb3f367c47e99f2dd2ab3688cb886e84b0b87d58766a0fb1e1a
CRC32 468ED63C
ssdeep 768:jBD5O8CfPAUFG6UInDnpGJIe8/LHh3B+i31SDVgA9lpKW8:jNCXHY99exIilSpl+W8
Yara
  • Suspicious_Obfuscation_Script_2 - Suspicious obfuscation script (e.g. executable files)
VirusTotal Search for analysis
Name fc65ec41e8de815bf580cd6174192a84ed659b0b
Size 239.5KB
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 3cd8c914e892d12464c44471c82eaa0c
SHA1 fc65ec41e8de815bf580cd6174192a84ed659b0b
SHA256 954b611a8e8163b42691ec83d4ff0077ef6f80505a434d03e04c9ae19494ea13
CRC32 64A9D19F
ssdeep 3072:spNyKayCB7/MJo27/12YHcTHo9rG8KaG5jnThdqwufzz:UyKayCB/uoHFsq8KaWTP
Yara
  • PE_Header_Zero - PE File Signature
  • Malicious_Packer_Zero - Malicious Packer
  • Win_Trojan_AgentTesla_M_B_Zero - Win Trojan AgentTesla
  • OS_Name_Check_Zero - OS Name Check Signature
  • OS_Memory_Check_Zero - OS Memory Check
  • Is_DotNET_EXE - (no description)
  • Malicious_Library_Zero - Malicious_Library
  • IsPE32 - (no description)
  • OS_Processor_Check_Zero - OS Processor Check
  • UPX_Zero - UPX packed file
VirusTotal Search for analysis
Name e40f2bb6dd122acf37fa788efea6007558711b3c
Size 9.3KB
Type ASCII text, with very long lines, with no line terminators
MD5 7721687f0a83a09e430607b885aa615b
SHA1 e40f2bb6dd122acf37fa788efea6007558711b3c
SHA256 ba06509c2dfc431adf545376c155ccbc1da9039f20aa47dc359f5fddb5618160
CRC32 A970303F
ssdeep 192:lFik8TyDbuzfVTR94mTOY8nOJX8aEJV3LsUc1nzAU19M:G3TCEfVTRObY8OJsbVgA6O
Yara
  • Suspicious_Obfuscation_Script_2 - Suspicious obfuscation script (e.g. executable files)
VirusTotal Search for analysis