popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 0c6df4ea55108216_{a3149b2c-9b51-11eb-bde1-94de278c3274}.dat
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{A3149B2C-9B51-11EB-BDE1-94DE278C3274}.dat
Size 4.5KB
Processes 540 (iexplore.exe)
Type Composite Document File V2 Document, Cannot read section info
MD5 609f79d56374f212a6f6a6e22f9b2f34
SHA1 7ced4710f1f4b2790d385500ae39d1c413996b9a
SHA256 0c6df4ea55108216ffc870f78d86fc7d0ddfa1c82386e8352a92e12dd703cfdd
CRC32 0AE8469E
ssdeep 12:rlxAFlhrEgm8GL7KFe7pADrEgm8GD7qsLNl26abax1NlIfRbax1VAxapl4:rgG8OdUG8+LNlIoNlEM0as
Yara
  • Microsoft_Office_Document_Zero - Microsoft Office Document Signature Zero
VirusTotal Search for analysis
Name 36c5c91ad9faeed3_orgd[1].exe
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\orgd[1].exe
Size 792.5KB
Processes 1836 (iexplore.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 127ae40009368fb03554057f1bf860a0
SHA1 9e0d0625b8b95a90eff2d077c3416b6bc6bb0999
SHA256 36c5c91ad9faeed3bbd7bf576aca9d4a5c040d802a521584cd094776e61320ca
CRC32 021235F7
ssdeep 12288:PjuSWX3u60c63eKM74dMC2ycoSDY4c0AFikHvgpghmBVnSUn9ki5PqtHGKSa0LwE:PjufeC7774dbYov4c0aHvgpghm
Yara
  • Win_Backdoor_AsyncRAT_Zero - Win Backdoor AsyncRAT
  • screenshot - Take screenshot
  • Win32_Trojan_PWS_Azorult_Net_1_Zero - Win32 Trojan PWS .NET Azorult
  • PE_Header_Zero - PE File Signature Zero
  • IsPE32 - (no description)
  • IsNET_EXE - (no description)
  • IsWindowsGUI - (no description)
  • IsPacked - Entropy Check
VirusTotal Search for analysis
Name a467430efaf5f3c7_recoverystore.{a3149b2b-9b51-11eb-bde1-94de278c3274}.dat
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{A3149B2B-9B51-11EB-BDE1-94DE278C3274}.dat
Size 5.0KB
Processes 540 (iexplore.exe)
Type Composite Document File V2 Document, Cannot read section info
MD5 81d5c97597fe33b7758a399ca8187ebc
SHA1 a9096106c5089f226eeee60ab2482382216c7100
SHA256 a467430efaf5f3c7c0b8289611460f63eb635d3e4becf094ec58e76c04b22d3a
CRC32 62D77E91
ssdeep 12:rlfF2iBrEg5+IaCrI0CI7eF2pTrEgmZ+IaCrI0CIc8GmRVOeMiqI771NlTqbaxDm:rqy5/fpTG5/k85jBM+NlWFxNlWWj
Yara
  • Microsoft_Office_Document_Zero - Microsoft Office Document Signature Zero
VirusTotal Search for analysis