popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name cf11d6b3c18d4c02_d93f411851d7c929.customdestinations-ms
Submit file
Filepath c:\users\test22\appdata\roaming\microsoft\windows\recent\customdestinations\d93f411851d7c929.customdestinations-ms
Size 7.8KB
Processes 1536 (powershell.exe)
Type data
MD5 f2f5505600e2895c007b3ff3cfe3d4aa
SHA1 f0235a3c8056872d55eeef803d1bc33bac37a753
SHA256 cf11d6b3c18d4c02466b670bcb0394ac49382e6a87ad58d2561f2660922b586c
CRC32 9AF5ED3C
ssdeep 96:EtuCojGCPDXBqvsqvJCwoJtuCojGCPDXBqvsEHyqvJCworc7HwxGlUVul:Etu6XoJtu6bHnorXxY
Yara
  • Antivirus - Contains references to security software
VirusTotal Search for analysis
Name e3b0c44298fc1c14_gpaqnk1n.tmp
Empty file or file not found
Filepath C:\Users\test22\AppData\Local\웇웉우욟욭웁욲웏웍웏욽웈워우욠웑웋웅웁웅욽용웄웑웅\topboix.scr_Url_csqpoka5rblw4ftri11o3x2mbykhbj3n\6.169.941.948\gpaqnk1n.tmp
Size 0.0B
Type empty
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
CRC32 00000000
ssdeep 3::
Yara None matched
VirusTotal Search for analysis
Name 2866f5ec70ebbefb_topboix.scr
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\topboix.scr
Size 56.8KB
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 fb9211bd03036666dcc42cf977c25bee
SHA1 67cf2d22e0b49098db767c6ed6ffd4f49335506e
SHA256 2866f5ec70ebbefba6db86a947187a4d283b099e25cca3c25e4e9e21f821c713
CRC32 A0BD2781
ssdeep 768:/pwmYRnVbNGYmY0NYdYKMcuTkJmjH4ODVaCzWDNs0FRIQoGfl3lGflvx/FIwJGuQ:qVRJNGYmY0NYdYKnuI4H4hAsFbQ
Yara
  • PE_Header_Zero - PE File Signature Zero
  • IsPE32 - (no description)
  • IsNET_EXE - (no description)
  • IsWindowsGUI - (no description)
  • HasOverlay - Overlay Check
  • Win_Backdoor_AsyncRAT_Zero - Win Backdoor AsyncRAT
VirusTotal Search for analysis
Name 59c46cf74b4de066_user.config
Submit file
Filepath c:\users\test22\appdata\local\웇웉우욟욭웁욲웏웍웏욽웈워우욠웑웋웅웁웅욽용웄웑웅\topboix.scr_url_csqpoka5rblw4ftri11o3x2mbykhbj3n\6.169.941.948\user.config
Size 1.9MB
Processes 2220 (topboix.scr)
Type XML 1.0 document, UTF-8 Unicode text, with very long lines, with CRLF line terminators
MD5 e37c8337ef1a83c52ab44d57c0c0428f
SHA1 5022aaeb3b3f0d726bc0f5c3d8abe0b24c463c4f
SHA256 59c46cf74b4de06687cb0ac8b8aa9f6fd651c35d523bbd7bda0b5595704bc3e2
CRC32 4844D15A
ssdeep 12288:Fksi31YpuDlLUgG7eas0ofUED1kBtiC7IEBy30Jg8D7k1wvm5blxW2dlZOM7MbrG:ahW2f/erAN
Yara None matched
VirusTotal Search for analysis