Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
07.06 06:07
build.exe
07.06 06:07
CoronaVirus.exe
07.06 06:07
RedLineStealer.exe
07.06 06:07
stealc_zov.exe
07.06 06:07
newbuild.exe
07.06 06:07
setup.exe
07.06 06:07
leva.exe
07.06 06:07
CryptoWall.exe
07.06 06:07
univ.exe
07.06 06:07
inte.exe

Latest News
07.06 10:07
Researchers Discover C...
07.06 10:07
New Mallox Ransomware ...
07.06 09:07
[한 주를 관통하는 보안 소식] 2024...
07.06 09:07
[퀴즈 이·보·소] 최근 벌어진 국내외 ...
07.06 08:07
김포시, 70만 김포시대 대비해 최첨단 ...
07.06 08:07
식약처, ‘체외진단의료기기 품질관리 및 ...
07.06 08:07
코레일, 정보보호의 날 맞아 ‘사이버 안...
07.06 08:07
소프트웨어 가치 보장, 발주자가 앞장선다
07.06 08:07
‘AI 과학기술 강군 육성’을 위한 발돋...
07.06 06:07
The Problem With Bug B...

Dropped Files | ZeroBOX

Name	d172d750493be64a_icon18_wrench_allbkg[1].png Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BYECVYBT\icon18_wrench_allbkg[1].png
Size	475.0B
Processes	888 (mshta.exe)
Type	PNG image data, 18 x 18, 8-bit colormap, non-interlaced
MD5	`f617effe6d96c15acfea8b2e8aae551f`
SHA1	`6d676af11ad2e84b620cce4d5992b657cb2d8ab6`
SHA256	`d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b`
CRC32	`87FB2FCE`
ssdeep	`12:6v/7ElZUJDdwjI5Fa4ep0LPf+veUxQn6/Xh0ptMQsfZhkNTpQEsb7:ZK1dw0etKjfUxQn6/x0DWrETpQZb7`
Yara	PNG_Format_Zero - PNG Format
VirusTotal	Search for analysis

Name	c91afadbe63dd834_3416767676-css_bundle_v2[1].css Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\3416767676-css_bundle_v2[1].css
Size	36.1KB
Processes	888 (mshta.exe)
Type	ASCII text, with very long lines
MD5	`0bef7c3d549ca15e5fe23315fc211990`
SHA1	`28e3a4693a8f0212850a38303a037a6ddbc14d2e`
SHA256	`c91afadbe63dd834aac00b49bc715795da58970e7d500c4bd8f50ed713c77880`
CRC32	`890CBC53`
ssdeep	`384:B0OhFvg3AwN6VysImDyPWquJMpx/SCYW0bS8+Rl9yapwuJ86YKSQCNL/J69nag9N:B0Oh+/N6nIm6IvW0ErVJwxgngRdFr2`
Yara	None matched
VirusTotal	Search for analysis

Name	933b971c6388d594_defender[1].htm Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\defender[1].htm
Size	5.0B
Processes	2668 (wscript.exe)
Type	ASCII text, with CRLF line terminators
MD5	`fda44910deb1a460be4ac5d56d61d837`
SHA1	`f6d0c643351580307b2eaa6a7560e76965496bc7`
SHA256	`933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9`
CRC32	`CD8585C3`
ssdeep	`3:hn:h`
Yara	None matched
VirusTotal	Search for analysis

Name	4021df68f91881e7_error[1] Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\error[1]
Size	3.2KB
Processes	888 (mshta.exe)
Type	HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators
MD5	`7d46fb61e9b1b0d57df00e1b3d392e33`
SHA1	`5b14562e288d76851164bd8a65d13d987d6da375`
SHA256	`4021df68f91881e7e4bf54d6795f9186ccab9a3813f5c4358c1b5a81560da891`
CRC32	`BAD674A7`
ssdeep	`96:CwhabJ/1xjqDbT2pftwEjlddFBdd5w3dddDzMddv+dd8WfFhllhX4PyAvdh:TcC2pTnsPkIDll4KIh`
Yara	None matched
VirusTotal	Search for analysis

Name	3829a5b2ade7cfc4_share_buttons_20_3[1].png Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTDTA402\share_buttons_20_3[1].png
Size	5.0KB
Processes	888 (mshta.exe)
Type	PNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced
MD5	`ad9999106d5f550920b586e8e1704e5a`
SHA1	`93fd02c51166402a41f96509cd0ca3fb917877dd`
SHA256	`3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3`
CRC32	`BD3A79DE`
ssdeep	`96:fQF0nYNa08BXqtmthO92OamTM5TuqeKJbLcbIsZNB52O2LK:fQoYkLBpc92OamT0TeKxLCIsvB52OCK`
Yara	PNG_Format_Zero - PNG Format
VirusTotal	Search for analysis

Name	a09131f2885086eb_3858658042-comment_from_post_iframe[1].js Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\3858658042-comment_from_post_iframe[1].js
Size	13.0KB
Processes	888 (mshta.exe)
Type	ASCII text, with very long lines
MD5	`ee77ab1c7ca023a501e4da28ccc2915f`
SHA1	`f309fb6b570041ee11c830aba4dd58d586d193b6`
SHA256	`a09131f2885086eb3dea6a379c43e58c88e683b99fb7cf9cefde399dfd68d0ff`
CRC32	`8CA7AEEB`
ssdeep	`192:BqWjbSFO5Og47t7xNycGK7SlV4cjCqN1Yae3CCaJzWTKtTOpY2Dzt8cvtWPXtxQK:BqGSFOsZM61WyV3CCaJIav2F8G2XnQK`
Yara	None matched
VirusTotal	Search for analysis

Name	ca9848e6006cfec8_icon18_edit_allbkg[1].gif Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\icon18_edit_allbkg[1].gif
Size	162.0B
Processes	888 (mshta.exe)
Type	GIF image data, version 89a, 18 x 18
MD5	`c991641178ff05adf0d004298b5eafa9`
SHA1	`d8f6ce8ecd92b86d49849360f6b81ceb10b4c941`
SHA256	`ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b`
CRC32	`542232D5`
ssdeep	`3:CUS9n21IZClSWEj5QQxlEGsSZpZcYES9XfLvlcDdcpFXn:HS9nSIUlSlNQQjEGsSJcYEowdcrX`
Yara	GIF_Format_Zero - GIF Format
VirusTotal	Search for analysis

Name	c3d618fc10777dc0_SiggiaW.vbs Submit file
Filepath	C:\Users\Public\SiggiaW.vbs
Size	1.3KB
Type	ASCII text, with CRLF line terminators
MD5	`552bd91430a1338b61b48ebbe2e6777f`
SHA1	`00fc1370a965a49522ca47ceb607f20434453c85`
SHA256	`c3d618fc10777dc03a98f892ca3a49e2eda96bb72a9392007e1be7257aaa96ad`
CRC32	`D50B0869`
ssdeep	`24:TXQhsZp+J5tHWTdTB8VoFNSpNOw4XBN2riRJPDEWCgu+ZFM9:0405tHWT9B8VjN6aVWCl`
Yara	None matched
VirusTotal	Search for analysis

Name	da3eb4ab25e02a8d_1277698886-ieretrofit[1].js Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BYECVYBT\1277698886-ieretrofit[1].js
Size	26.1KB
Processes	888 (mshta.exe)
Type	ASCII text, with very long lines
MD5	`cb9af0197f496f52b471a76cfd8d601a`
SHA1	`067b3ee27f6b49431b5c72791d52f353c577853b`
SHA256	`da3eb4ab25e02a8dc118febc626df495acd468e84bc0b9767b56e8959b150f99`
CRC32	`7DBDE732`
ssdeep	`384:kRXBsAF8UMG+43L1dHMqXCxPHo189YaGuVMxoufjWFerWxWHrog4P+eF4MeUkz9+:kRX1kwqwVqkWxWHrwjF4VUQ9DlbQ`
Yara	None matched
VirusTotal	Search for analysis

Name	e395d7d23206c2ac_powerp12.pip Submit file
Filepath	C:\Users\test22\AppData\Roaming\Microsoft\Office\PowerP12.pip
Size	1.4KB
Processes	2332 (POWERPNT.EXE)
Type	data
MD5	`66e19b059feb7147969db1a0b26a9923`
SHA1	`5ad7acfe4cb6a3215159d4873c77c0462cc321da`
SHA256	`e395d7d23206c2acf09868f7261ffebc3e4b904ed63c77b9ef6d00583eb1024e`
CRC32	`8E5406E5`
ssdeep	`24:ZzSV1glbWa1UqylJZzwA6K2vmmXIEueSA7FfjSeMemiefs8RPZzXB+6Gto1rYd+X:ZzSV1Ht7FlDzmXNA5iefsQBLB+Fo1rYe`
Yara	None matched
VirusTotal	Search for analysis

Name	74f7a661dfad6247_1893845785-widgets[1].js Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTDTA402\1893845785-widgets[1].js
Size	142.9KB
Processes	888 (mshta.exe)
Type	ASCII text, with very long lines
MD5	`b57321451ce9abfbf3fb3798dafb27eb`
SHA1	`2ed9bd3a4713e17500efeac3e0f5eaa6165dd808`
SHA256	`74f7a661dfad6247cc977f7042ee2e3db5d5f78d1d0b7987569821dfd445da25`
CRC32	`EEBBDBC6`
ssdeep	`1536:MZ2uAyYfofLWC9M5FisVKa17b/syz/7fSwEVsAqo9YIoUo+PoQ9mbH0flUhimp2P:WrfSKa1H97fsPqc7hepDnG`
Yara	None matched
VirusTotal	Search for analysis

Name	ba284a4a6af23d45_divine2222[1].htm Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTDTA402\divine2222[1].htm
Size	41.5KB
Processes	888 (mshta.exe)
Type	HTML document, ASCII text, with very long lines
MD5	`246bd99de7b03849fbd0bc8fb19f8640`
SHA1	`39a4d1c326a28e82a77b6a1dc0015e266db8723e`
SHA256	`ba284a4a6af23d454511a78fc4a94f31682b13890334bf8d7d2d1c1ba1ab8033`
CRC32	`3572102C`
ssdeep	`768:kx3eyHHvPWd4+rQ7ItO1AYCZntQHjGlfiQ6ntMssXnm+mu2SUJ:kx3LHH2d4+zyHjownd+mp`
Yara	None matched
VirusTotal	Search for analysis

Name	ecb30886406e3f77_gradients_light[1].png Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTDTA402\gradients_light[1].png
Size	403.0B
Processes	888 (mshta.exe)
Type	PNG image data, 20 x 1100, 8-bit/color RGBA, non-interlaced
MD5	`4f7de2e6afefb125b1f14fa5cda610ee`
SHA1	`57a145f234b504a73f9d55cf39f2231a04719456`
SHA256	`ecb30886406e3f776ff7bc3834de849944471e626ff148bed2fa389d02866044`
CRC32	`DC34595E`
ssdeep	`12:6v/74Qlk8WIyzs740Oc5maj4m3YULe3dk:Hgk8uw740OcWAY13dk`
Yara	PNG_Format_Zero - PNG Format
VirusTotal	Search for analysis

Name	2477f4fd12fa765f_guwkqbhskagshjtyuiwqbh[1].htm Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\guwkqbhskagshjtyuiwqbh[1].htm
Size	144.0B
Processes	888 (mshta.exe)
Type	HTML document, ASCII text
MD5	`f42a90d56266362163dfac19549725a5`
SHA1	`85054afe479371292d6f672f0193b58a7067fedd`
SHA256	`2477f4fd12fa765fbc244826bc8e8828f3e920fe19d78e3d3cf23644eab29b6d`
CRC32	`DDB206B7`
ssdeep	`3:qVvzLURODccZ/vXbvx9nDyEbkJxXKl6P3sHbjkFSXbKFvNGb:qFzLIeco3XLx92EbAKli87jMSLWQb`
Yara	None matched
VirusTotal	Search for analysis

Name	0fdcb4746995f0d5_body_gradient_tile_light[1].png Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTDTA402\body_gradient_tile_light[1].png
Size	95.0B
Processes	888 (mshta.exe)
Type	PNG image data, 10 x 10, 1-bit colormap, non-interlaced
MD5	`3b2a20d5b0ba4ca0c5dd90865ad6b9c4`
SHA1	`a90928a16d11d21e112b45b60990a9d7d19cc1d5`
SHA256	`0fdcb4746995f0d5240e5ec11370cb950722a894f3cff4118aa68ccc92010edd`
CRC32	`B96E65DC`
ssdeep	`3:yionv//thPlH1kmlS1jmTQ9IyehXhbp:6v/lhPcS5TeIFdhbp`
Yara	PNG_Format_Zero - PNG Format
VirusTotal	Search for analysis