popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 4cccc10143b71c47_tmp1953.tmp
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\tmp1953.tmp
Size 1.6KB
Processes 7140 (aagx9DvJ299z6gv.exe)
Type XML 1.0 document, ASCII text, with CRLF line terminators
MD5 0e0421d17c7538e04ee4aeff9cb2ecc5
SHA1 9075ae9203bc981dd81f78d4adee5b645dc561f5
SHA256 4cccc10143b71c470c5e1ea63affd3beb70b6f9da8058ea48269037092920b2f
CRC32 DEBEE1D7
ssdeep 24:2dH4+SEqCH/7IlNMFQ/rlMhEMjnGpwjpIgUYODOLD9RJh7h8gKBKtn:cbhf7IlNQQ/rydbz9I3YODOLNdq3a
Yara None matched
VirusTotal Search for analysis
Name 9189313c82849b05_cfvran.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\CfVraN.exe
Size 666.0KB
Processes 7140 (aagx9DvJ299z6gv.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 b4500c25c6283a9dc89d0050dba774b7
SHA1 130c802bce175492cc166b1ec5714d1b13f8f4da
SHA256 9189313c82849b055af58dd07b281ab0f8cd50a9a043524fc0e2b3a02d961405
CRC32 5411873E
ssdeep 12288:XKXfXKiW/Sg0e/ktfjlmMvbpjRWP/Ccs8gOCGTNwtR66Q3PUnHb:aXCp02ktjlJ1jRfcs8gOCGhQ06wPq7
Yara
  • PE_Header_Zero - PE File Signature Zero
  • IsPE32 - (no description)
  • IsNET_EXE - (no description)
  • IsWindowsGUI - (no description)
  • IsPacked - Entropy Check
  • Win32_Trojan_PWS_Azorult_Net_1_Zero - Win32 Trojan PWS .NET Azorult
  • Win_Backdoor_AsyncRAT_Zero - Win Backdoor AsyncRAT
VirusTotal Search for analysis