popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 920c1de34bb3555b_cm0kmtqgqd8icja7jimkqzmy.exe
Submit file
Filepath C:\Users\test22\Documents\cM0KMTqGQD8ICJa7jimkqZMY.exe
Size 444.0KB
Processes 2388 (l8ywly0adHHMfa9UEHOA0OEd.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 97c905ed98e96410725d84075f87c025
SHA1 77d11dade36abab83100de028ab3af3c2784ad0d
SHA256 920c1de34bb3555ba0f4bf3f27d5b5a6559546776927bd9b4d25bb3d0c6a19ce
CRC32 A85E516E
ssdeep 6144:uOKxGg7krdbQk6/ZbbCMf9BoATA3GehNvZfFl7T46lfZRBDmehwx:ExGuubFip+MVBoATA3TlNFB48ftJh
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature Zero
  • Trojan_Win32_Glupteba_1_Zero - Trojan Win32 Glupteba
  • win_mutex - Create or check mutex
  • win_files_operation - Affect private profile
  • IsPE32 - (no description)
  • IsWindowsGUI - (no description)
  • IsPacked - Entropy Check
  • HasDebugData - DebugData Check
  • HasRichSignature - Rich Signature Check
VirusTotal Search for analysis
Name 3ae266679609a6d7_t0gg90ddjg2s97nrunkeu7eg.exe
Submit file
Filepath C:\Users\test22\Documents\t0gg90ddjG2s97NRUNKEU7eg.exe
Size 4.2KB
Processes 2388 (l8ywly0adHHMfa9UEHOA0OEd.exe)
Type HTML document, ASCII text
MD5 1fdc4f69614d4023717f1a3371b73cfa
SHA1 c644510d354d2122ea9890463c5a803840c5c630
SHA256 3ae266679609a6d76c6caac9244c177dab85e85b828a664e721dbb2858b7caf0
CRC32 3CBE407A
ssdeep 96:1j9jwIjYjyDK/DZD8jH+k1UvJADh/pRs9LSsgszbGD:1j9jhjYjWK/lyH+kURADh/pmQsgsfGD
Yara None matched
VirusTotal Search for analysis
Name 0a7b3f645c4c7e96_mesq4rkgalnpqve9qiyzyray.exe
Submit file
Filepath C:\Users\test22\Documents\mEsq4rKGAlnpqve9QiyZYrAY.exe
Size 249.0KB
Processes 2388 (l8ywly0adHHMfa9UEHOA0OEd.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 6c4383680d38f7348e9ed7cf158d5d6e
SHA1 949eb34374c70451a1434e710e90550377261480
SHA256 0a7b3f645c4c7e96c54ab07cc1de692e705fa001eebfffd1f394b5534ba2f192
CRC32 2D5F3A63
ssdeep 3072:nqvTBKodmi6Mw2or7snXRRpq0aNvGOkN+H2MDTHYVj0tiH+3yhECZNeDDKDqGf3D:WT0ZitorgzPG3zYjZbQDWaXa7
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature Zero
  • Trojan_Win32_Glupteba_1_Zero - Trojan Win32 Glupteba
  • win_mutex - Create or check mutex
  • win_files_operation - Affect private profile
  • IsPE32 - (no description)
  • IsWindowsGUI - (no description)
  • IsPacked - Entropy Check
  • HasDebugData - DebugData Check
VirusTotal Search for analysis
Name cfce285cacd32aaa_7kc0lkph4lqqopegszej2saa.exe
Submit file
Filepath C:\Users\test22\Documents\7kC0LkpH4lqQopEGsZeJ2saA.exe
Size 5.5MB
Processes 2388 (l8ywly0adHHMfa9UEHOA0OEd.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 f0bc65a05ad0a598375cfcd88cebf2f7
SHA1 a293f92d4f7377b31e06ee0377d4f8069d923938
SHA256 cfce285cacd32aaa2b142c7cb7c23643a8d57825daaa51ea69df4d61ff3a819f
CRC32 D5E811D9
ssdeep 98304:xhp+G9io0N+3FDOlDEDXYcn4/y3xUbkoP11vwoo/ZgG81Dkpum:xybot3BOlDEDXRthXoPLvw321D
Yara
  • Win32_Trojan_Gen_2_0904B0_Zero - Win32 Trojan Gen
  • PE_Header_Zero - PE File Signature Zero
  • OS_Processor_Check_Zero - OS Processor Check Signature Zero
  • screenshot - Take screenshot
  • win_registry - Affect system registries
  • win_files_operation - Affect private profile
  • IsPE32 - (no description)
  • IsWindowsGUI - (no description)
  • IsPacked - Entropy Check
  • HasDebugData - DebugData Check
  • HasRichSignature - Rich Signature Check
  • Win32_Trojan_Emotet_2_Zero - Win32 Trojan Emotet
VirusTotal Search for analysis