popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 4dba47574b70cf8d_CSCB6DD9664188D4C2CB3C9451A38CA279.TMP
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\CSCB6DD9664188D4C2CB3C9451A38CA279.TMP
Size 652.0B
Processes 2144 (csc.exe)
Type MSVC .res
MD5 6eb5282551504d2528449ef22744529f
SHA1 f7b0508a39263312e578a85983dfb613b88a8150
SHA256 4dba47574b70cf8db875ba4e6e6727ad28a12d64a3564bf0a87e7109dbebbe5d
CRC32 92821302
ssdeep 12:DXt4Ii3ntuAHia5YA49aUGiqMZAiN5gryIlGak7YnqqZlXPN5Dlq5J:+RI+ycuZhN2YakSZNPNnqX
Yara None matched
VirusTotal Search for analysis
Name 9e9c63652e73aeaf_vk3nnegk.0.cs
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\vk3nnegk.0.cs
Size 101.9KB
Processes 1072 (we.exe)
Type UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators
MD5 321752ec5d5fef01d4f146035796f9df
SHA1 a46dbf6fb95d498fd733d4fde9a3d1b5917ba1f3
SHA256 9e9c63652e73aeaf0904794cfe6428f5f72faa493a6d9815dadceb3ef911a393
CRC32 228CB7B0
ssdeep 768:X3eepBRGlNH1FOPIjDvwZKEHUNNpo+KH2Hy4oO5HMgpYyT9mpNydnAvrn:X3eepBKjM8NU2SEk
Yara
  • hide_executable_file - Hide executable file
VirusTotal Search for analysis
Name da57a781c779e1a7_vk3nnegk.out
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\vk3nnegk.out
Size 444.0B
Processes 1072 (we.exe)
Type UTF-8 Unicode (with BOM) text, with CRLF, CR line terminators
MD5 bbc87b4318217f883a9355e356068046
SHA1 20c4624eafdffcb4319425586f01142c03e60737
SHA256 da57a781c779e1a78bf89843b2a91f899537aacd14286da01532cac40dc33372
CRC32 4F54CFF2
ssdeep 12:K4OLM9qR37L/6KQOLMUqXOLMUPuKa8GIKO5SBFN+y:K+9qdn6K2U6UPuKa2KoSDQy
Yara None matched
VirusTotal Search for analysis
Name a62de30bd4153187_vk3nnegk.cmdline
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\vk3nnegk.cmdline
Size 188.0B
Processes 1072 (we.exe)
Type UTF-8 Unicode (with BOM) text, with no line terminators
MD5 4aa7332f091977461924c8b7017481f3
SHA1 eba556fa1909cb3580504dfa4b4662aa56522c80
SHA256 a62de30bd41531870ea0293ee73e72aeff220817ed07f7fc0eb379f221f68277
CRC32 32BEC378
ssdeep 3:0HXEXA8F+H2R5BJiWR5mKWLRRmWxpcL4E2J5xAION1J+iQCIFRVRMxTPImWxpcLF:pAu+H2L/6K2mQpcLJ23f810zxszImQpY
Yara None matched
VirusTotal Search for analysis
Name c6189074d5f9d1c7_vk3nnegk.dll
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\vk3nnegk.dll
Size 41.5KB
Processes 2144 (csc.exe) 1072 (we.exe)
Type PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 200089e37df4d865917dfad70bd89562
SHA1 015515f7b7b20cb11ed5ffb403847692f4b075eb
SHA256 c6189074d5f9d1c76b8ddb3dfd0e07ca0b41680ec971254933fb10fcb713a068
CRC32 B98E1236
ssdeep 768:LVa+vNtg+PB93Tw4xqdVFE9jBVUOjhAbLoCTB2:7vNtgw93U4x8FE9jBVUOjKvRB2
Yara
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
  • Antivirus - Contains references to security software
  • IsPE32 - (no description)
  • OS_Processor_Check_Zero - OS Processor Check
  • UPX_Zero - UPX packed file
  • Is_DotNET_DLL - (no description)
VirusTotal Search for analysis
Name e3b0c44298fc1c14_vk3nnegk.err
Empty file or file not found
Filepath C:\Users\test22\AppData\Local\Temp\vk3nnegk.err
Size 0.0B
Type empty
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
CRC32 00000000
ssdeep 3::
Yara None matched
VirusTotal Search for analysis
Name db7ef222ab3a623b_RESCD3E.tmp
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\RESCD3E.tmp
Size 1.3KB
Processes 2212 (cvtres.exe) 2144 (csc.exe)
Type Intel 80386 COFF object file, not stripped, 3 sections, symbol offset=0x48e, 9 symbols
MD5 f0893ccbde4453b11a5aac4d4386f7a8
SHA1 1413a8102f4ef4211796b820075be61dd5194816
SHA256 db7ef222ab3a623b22c1af802f4d60fe7fe9d8725cc65429cc152a561157062c
CRC32 286FF9A2
ssdeep 24:HKFzW92b9eH2wrUeKnxfeI+ycuZhN2YakSZNPNnqw2d:I5edfKnxm1ul2Ya3ZXqwG
Yara None matched
VirusTotal Search for analysis