popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 58361275c9ce4b07_xsfxdel~.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\xsfxdel~.exe
Size 37.5KB
Processes 1944 (zal.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 a48b642733b4ed0b2f63c726bea5710f
SHA1 f383f6eb661b6aea3da2f4f2b21b2cbc40ced2a2
SHA256 58361275c9ce4b07a6ee13ddc83f80e88571ea9d4e1aedc476f7d613938b47a6
CRC32 31F0EE6C
ssdeep 768:Op8N/wZaRSHS8m/3Ud6f04mw94y+CwY69IsXm648tcUb8x:OQFP3/EdC4y9QPtIx
Yara
  • PE_Header_Zero - PE File Signature
  • mzp_file_format - MZP(Delphi) file format
  • Malicious_Library_Zero - Malicious_Library
  • IsPE32 - (no description)
VirusTotal Search for analysis
Name e48c41fadc940720_1.bat
Submit file
Filepath C:\Windows\Fonts\1.bat
Size 166.0B
Processes 1944 (zal.exe) 2084 (cmd.exe)
Type ASCII text, with CRLF line terminators
MD5 26b4d92392d87c2faca5bf13014cc1c0
SHA1 1e4c748c5b395a40b086c271df78d0b57a2100b1
SHA256 e48c41fadc9407208184cfca3cdd84d64f1c4d777463bcfd8482c74d817471a4
CRC32 FCBAC5BB
ssdeep 3:ctfoqNyfrZfyM1KD/nHAlYIEDFwbFQqQGLWzSNQTZDNndJftLlpCJIvBkt:cfoZH12/HeYIEDFwbKGQTLndJxlpvKt
Yara None matched
VirusTotal Search for analysis
Name 7290655a03aeb396_smss.exe
Submit file
Filepath C:\Windows\Fonts\smss.exe
Size 230.4KB
Processes 1944 (zal.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 7b78b697ffc8b5b332fd413b7c71bb9a
SHA1 c1fcaf86f30b6a46ee4ec17842f34fdc760586f9
SHA256 7290655a03aeb396cb57321f30e59a4d32f596fcba545c8fc142c7f3d1fd7d94
CRC32 66A1BED1
ssdeep 6144:dfjGn7Xaq+0Ol4Eyu/2i8KANUQoS6IFHlGgJN:dfjA7Xaq+zQRi8Kj5bIF8iN
Yara
  • PE_Header_Zero - PE File Signature
  • Malicious_Library_Zero - Malicious_Library
  • IsPE32 - (no description)
  • Generic_Malware_Zero - Generic Malware
  • OS_Processor_Check_Zero - OS Processor Check
  • UPX_Zero - UPX packed file
VirusTotal Search for analysis
Name 3dc7912dfcb7657e_zal.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\zal.exe
Size 242.6KB
Type PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed
MD5 d73c8c5b1187959d8d1409b2f359d2f9
SHA1 66727a5a9041c74dbac1ca83d1abaaf973de6634
SHA256 3dc7912dfcb7657ebde9066d0bd5de54db334b5d2fa655acce752ecd498d4748
CRC32 C70B88EA
ssdeep 6144:5s3Zu8C89io10Am8sSWMwuKU7psi2jFkmGgCX/2J:y840bNXBpU7nvmhlJ
Yara
  • PE_Header_Zero - PE File Signature
  • mzp_file_format - MZP(Delphi) file format
  • IsPE32 - (no description)
VirusTotal Search for analysis