Dropped Burrfers | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
11.13 04:11
hello.exe
11.13 03:11
espsemhvcioff.exe
11.13 02:11
Geek_se.exe
11.13 02:11
cred64.dll
11.13 02:11
svhost.exe
11.13 02:11
nb.exe
11.13 02:11
svcyr.exe
11.13 02:11
Ghost_1.5.11.5.exe
11.13 02:11
PowderGpl.exe
11.13 02:11
goodlabel%E6%89%93%E5%...

Latest News
11.14 05:11
Iranian threat group t...
11.14 05:11
Palo Alto Networks sec...
11.14 05:11
Agencies push for digi...
11.14 05:11
Statt Wechsel auf Wind...
11.14 05:11
KI-Übersetzer für Meet...
11.14 05:11
ChatGPT knackt Rekord:...
11.14 05:11
Amazon stellt 40.000 K...
11.14 05:11
[Control systems] Siem...
11.14 05:11
OpenAI Nears Launch of...
11.14 04:11
Execs identify AI-driv...

Dropped Burrfers | ZeroBOX

Name	fa390366e2ec1e98ce607d1f60cf858670d23fa5
Size	24.0KB
Type	data
MD5	`116fb9298274c4a9eeaed3ba8971ff55`
SHA1	`fa390366e2ec1e98ce607d1f60cf858670d23fa5`
SHA256	`a3b019f1ec8af6bfd7b59856df49c84396617075609a1815cfbb63543e51db68`
CRC32	`0BE7A3E6`
ssdeep	`384:GZvdUPB6Btu9/nwiyZ4K5VUo+6hP6CFczqIT0YcRredL:GlKz/Vy+kOop5Ozq9hRredL`
Yara	inject_thread - Code injection with CreateRemoteThread in a remote process network_dropper - File downloader/dropper escalate_priv - Escalade priviledges keylogger - Run a keylogger sniff_audio - Record Audio cred_ff - Steal Firefox credential win_mutex - Create or check mutex win_registry - Affect system registries win_token - Affect system token win_files_operation - Affect private profile Str_Win32_Winsock2_Library - Match Winsock 2 API library declaration Str_Win32_Wininet_Library - Match Windows Inet API library declaration Str_Win32_Internet_API - Match Windows Inet API call
VirusTotal	Search for analysis

Name	3db1fd1b604668a1aac63fe8db1cfc547d03fb71
Size	76.0KB
Type	data
MD5	`98c1bd3eb6657fd09c53387331e9b444`
SHA1	`3db1fd1b604668a1aac63fe8db1cfc547d03fb71`
SHA256	`93728ad68eb3090c58e47a7426d4b39d46651806a86cfbfc50b8c7e13c8420c5`
CRC32	`E7BC1D89`
ssdeep	`1536:Dv0/Or1qchtGL4tUs6RrKi8+e9OX1g4yM807m2Vaiz6b4Va1VepcQj8:Dh1qaSs6IF9OK4b80S2Van4Va1cpcQj`
Yara	None matched
VirusTotal	Search for analysis

Name	1b0bfed8140d51de75fa248297b490efb3735b11
Size	4.0KB
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`668223ea2095bf863034dc1ad9af1b97`
SHA1	`1b0bfed8140d51de75fa248297b490efb3735b11`
SHA256	`7b8a3c3ae5280c21cf2e64791ef38dcf3358669a513b36cd806bb63f360dcdb5`
CRC32	`1A4E22D9`
ssdeep	`6:idqLvVg3F+X32jPiEkPVnj4CufybPOtPcYl2d6loH0ClhltjtUvl1lmlGErMwtgx:eqGSGeE4NhbPOtRwdOojUvl1lSP87`
Yara	PE_Header_Zero - PE File Signature Zero IsPE32 - (no description) IsWindowsGUI - (no description) IsBeyondImageSize - Data Beyond ImageSize Check HasRichSignature - Rich Signature Check
VirusTotal	Search for analysis

Name	604adefcd450f2082e94e83060522898cf3e12cb
Size	4.0KB
Type	data
MD5	`eb24851cc3ae9efed3fc91c09ac4807e`
SHA1	`604adefcd450f2082e94e83060522898cf3e12cb`
SHA256	`14e79ed231d7611630d1324fbbc86126f20518c58a897199028a07e32ea68bf8`
CRC32	`C872602B`
ssdeep	`48:jso/gNH3nl3FVrhoXb1BQFz7LTrLmUwccpWduWv:jso4znrScvLTGPkduE`
Yara	None matched
VirusTotal	Search for analysis

Name	f65a0eb6530561f20f28c61449db9bce3c3d48be
Size	4.0KB
Type	data
MD5	`946c3adde8f372e2fb33bd1fd038e1ce`
SHA1	`f65a0eb6530561f20f28c61449db9bce3c3d48be`
SHA256	`9765c36a4a2f5dbb89c27e80aee9f6e4a90767261d8df35a3464b3cb6cd5372f`
CRC32	`D86D252D`
ssdeep	`6:p95QAgFsHC/c6bj/9/GaHlorukZ/bxlEVys/mya1Gfln+5lRvlXKt/0:/KAgFsiLXFoh/beyzGE9tuM`
Yara	None matched
VirusTotal	Search for analysis

Name	26c6e2798523eaaa83d9266d89d3e60002f6238b
Size	12.0KB
Type	data
MD5	`82a9b3bf6c623a1f41c29641bf9d4117`
SHA1	`26c6e2798523eaaa83d9266d89d3e60002f6238b`
SHA256	`88857bd22f979feab807c669a90ea8fe240d2e5121bd96e80babe83f43480df2`
CRC32	`FF2C5D7B`
ssdeep	`192:iTudK8lq2XfMKXgrGjO13rnuZmZOf1HCxsh4uVmBNMSczdX:amZ3XfFFjO13rn22O5Cxsh4Nezd`
Yara	None matched
VirusTotal	Search for analysis