popup
Dropped Burrfers | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Buffers

Name 66138688f07cf913ebea1b99cb50aa9be5d01132
Size 59.5KB
Type PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 f0cbb5c0a0aa0a135ea4c481660e42fa
SHA1 66138688f07cf913ebea1b99cb50aa9be5d01132
SHA256 c903b2aafbbe6b586a0ce39e3b2588d72a1ac071a5723771ed9f5b4094825406
CRC32 09DA505A
ssdeep 1536:Kdb81yIXGb/vwlK8xTI0UP+jRe+2ZqA4iZzaH4Mi8:Kdb81ynIlKesdB+2ZN4iZzYw8
Yara
  • PE_Header_Zero - PE File Signature Zero
  • IsPE32 - (no description)
  • IsNET_DLL - (no description)
  • IsDLL - (no description)
  • IsConsole - (no description)
  • HasOverlay - Overlay Check
  • HasDebugData - DebugData Check
VirusTotal Search for analysis
Name 85a3ee6ca725c78ba1a43fc7f4d57eb2dde30d7c
Size 394.0KB
Type data
MD5 1152b9ef1e9b9ec00de5a561fe98fea7
SHA1 85a3ee6ca725c78ba1a43fc7f4d57eb2dde30d7c
SHA256 58812fb1647cbab3e261e672333d9d6af9a81ec799ded848d74abe49cca1ce80
CRC32 0EC8F6B0
ssdeep 3072:R+Tbsl+buI9UdafeLmCdF/mBkJnQDcqSRi4HsajDHJ6FX:abEAr2LmSdqUnQDcpsajDH4F
Yara
  • network_smtp_dotNet - Communications smtp
  • keylogger - Run a keylogger
  • Win_Backdoor_AsyncRAT_Zero - Win Backdoor AsyncRAT
VirusTotal Search for analysis
Name c3b229b6b1d2615f840152331e7dfa190725e5d8
Size 396.5KB
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 9acfee35606eeb9bc902da1d91e880f9
SHA1 c3b229b6b1d2615f840152331e7dfa190725e5d8
SHA256 b7ec10ad2dbaf476e94825f5372db4ca71cd6b6e08aba521abf64b151db7ef27
CRC32 A8502E16
ssdeep 3072:f+Tbsl+buI9UdafeLmCdF/mBkJnQDcqSRi4HsajDHJ6FX1V:gbEAr2LmSdqUnQDcpsajDH4FL
Yara
  • PE_Header_Zero - PE File Signature Zero
  • network_smtp_dotNet - Communications smtp
  • keylogger - Run a keylogger
  • Win_Backdoor_AsyncRAT_Zero - Win Backdoor AsyncRAT
  • IsPE32 - (no description)
  • IsNET_EXE - (no description)
  • IsWindowsGUI - (no description)
  • HasOverlay - Overlay Check
VirusTotal Search for analysis
Name 223afa04a0ea13cb45f94e536116be81507d1a4a
Size 2.6MB
Type PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 def191007e64c2e55509a0ec726ce6f1
SHA1 223afa04a0ea13cb45f94e536116be81507d1a4a
SHA256 736ce0d9372e78d15e66f6f7dcf7cceef02200791b2f93efa623718aa46ec458
CRC32 804C4D9D
ssdeep 12288:Tn+ulp9ubDxoBU6nQxbDF6S2vdihqG2zS2op1b19oQvg+DkrxOY22:b+ulpYbDOBpEbDw/vdFGASHJ9MEYV
Yara
  • PE_Header_Zero - PE File Signature Zero
  • screenshot - Take screenshot
  • Win_Backdoor_AsyncRAT_Zero - Win Backdoor AsyncRAT
  • IsPE32 - (no description)
  • IsNET_DLL - (no description)
  • IsDLL - (no description)
  • IsConsole - (no description)
  • HasOverlay - Overlay Check
VirusTotal Search for analysis