Dropped Files | ZeroBOX

Name	4e193ccda4ef7ec7_7z.net.dll Submit file
Filepath	c:\users\test22\appdata\local\temp\7z.net.dll
Size	15.0KB
Processes	2648 (krnl_console_bootstrapper.exe)
Type	PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
MD5	`982475050787051658abd42e890a2469`
SHA1	`d955e35355e33a9837d00e78c824f6e5792b47f3`
SHA256	`4e193ccda4ef7ec7fc1bc12d7abba225a9af5b4612aa0b67a02324b9da8b268c`
CRC32	`10017CD5`
ssdeep	`384:mZ81sYtoyOlQibJB2qdKR2kPDv5RDN5xnF:W81sty6jkzDXBF`
Yara	PE_Header_Zero - PE File Signature Zero IsPE32 - (no description) IsNET_DLL - (no description) IsDLL - (no description) IsConsole - (no description) HasDebugData - DebugData Check Win_Backdoor_AsyncRAT_Zero - Win Backdoor AsyncRAT
VirusTotal	Search for analysis

Name	44a55f5d9c31d099_7za.exe Submit file
Filepath	c:\users\test22\appdata\local\temp\7za.exe
Size	628.5KB
Processes	2648 (krnl_console_bootstrapper.exe)
Type	PE32 executable (console) Intel 80386, for MS Windows
MD5	`ec79cabd55a14379e4d676bb17d9e3df`
SHA1	`15626d505da35bfdb33aea5c8f7831f616cabdba`
SHA256	`44a55f5d9c31d0990de47b9893e0c927478930cef06fbe2d1f520a6d6cba587d`
CRC32	`97BA9CC2`
ssdeep	`12288:IVCrK2jsP3zv+FSF68GANNhWLS0B6L+FOCN+AzrnxdanvzFzh:IU7ecSgL6y+gk+rnxdarF`
Yara	PE_Header_Zero - PE File Signature Zero escalate_priv - Escalade priviledges win_token - Affect system token win_files_operation - Affect private profile IsPE32 - (no description) IsConsole - (no description) HasRichSignature - Rich Signature Check
VirusTotal	Search for analysis