popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name e3b0c44298fc1c14_nsd6327.tmp
Empty file or file not found
Filepath C:\Users\test22\AppData\Local\Temp\nsd6327.tmp
Size 0.0B
Type empty
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
CRC32 00000000
ssdeep 3::
Yara None matched
VirusTotal Search for analysis
Name c4a39bc9dca9d941_06eouuxdi0s.dll
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\nst6339.tmp\06eouuxdi0s.dll
Size 171.0KB
Processes 2232 (winlog.exe)
Type PE32 executable (DLL) (console) Intel 80386, for MS Windows
MD5 12ed426eae777846e7652c51681677a8
SHA1 8837999f5941a38771aadc8e09dbc05457cd8e1e
SHA256 c4a39bc9dca9d9414d2574d5b49095b40472faee3a54757cb46afc50867554a7
CRC32 383E5F1B
ssdeep 3072:y60bAXM7WmgzkCIaotwxEQWsE2mG2ENIymA4ZM3vltx4UAkChr6sdTeQN:YA0EA3aotGEQWs5mG7mAIMflofkI6sx
Yara
  • PE_Header_Zero - PE File Signature Zero
  • IsPE32 - (no description)
  • IsDLL - (no description)
  • IsConsole - (no description)
  • IsPacked - Entropy Check
  • HasOverlay - Overlay Check
  • HasDebugData - DebugData Check
VirusTotal Search for analysis
Name f02213dd373e6d5d_winlog.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\winlog.exe
Size 212.0KB
Type PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
MD5 3d3c42f1e8978a60cdf179841d6734ad
SHA1 90d91491b81cfc1dae899aff28c56937bbadce8e
SHA256 f02213dd373e6d5d9bea4f366b2cfd983e278731be7d59171de6be27a482becf
CRC32 89E2731A
ssdeep 3072:JPA6jXFN2Mc+xDcJgigngtZDs/aIV8OcBwb4CZddBEL9Do/VuEpVj+vBf:Jhjm2dcJgfYoSIrbvLEx2XjC
Yara
  • PE_Header_Zero - PE File Signature Zero
  • escalate_priv - Escalade priviledges
  • screenshot - Take screenshot
  • win_registry - Affect system registries
  • win_token - Affect system token
  • win_private_profile - Affect private profile
  • win_files_operation - Affect private profile
  • IsPE32 - (no description)
  • IsWindowsGUI - (no description)
  • IsPacked - Entropy Check
  • HasOverlay - Overlay Check
  • HasRichSignature - Rich Signature Check
VirusTotal Search for analysis