Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
11.13 04:11
hello.exe
11.13 03:11
espsemhvcioff.exe
11.13 02:11
Geek_se.exe
11.13 02:11
cred64.dll
11.13 02:11
svhost.exe
11.13 02:11
nb.exe
11.13 02:11
svcyr.exe
11.13 02:11
Ghost_1.5.11.5.exe
11.13 02:11
PowderGpl.exe
11.13 02:11
goodlabel%E6%89%93%E5%...

Latest News
11.13 09:11
Launching On-Demand Mo...
11.13 09:11
Killing Filecoin nodes
11.13 09:11
ICE Started Ramping Up...
11.13 09:11
Sports League Platform...
11.13 09:11
Mishing: The Rising Mo...
11.13 09:11
Europe’s Tech Startups...
11.13 09:11
NASA Announces New Tri...
11.13 09:11
Microsoft’s Gaming Chi...
11.13 09:11
Amazon Makes it Harder...
11.13 09:11
Brain Implant Startups...

Dropped Files | ZeroBOX

Name	014d644eccc232cd_cachemancontrolpanel.exe Submit file
Filepath	C:\Users\test22\AppData\Roaming\CachemanControlPanel\CachemanControlPanel.exe
Size	3.2MB
Processes	4244 (Cacheman.txt)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`5d3bf7a18887582b8a2cea327f2e7ba6`
SHA1	`83843851b7b7beb2b1853b813e7f0b1666b1bd62`
SHA256	`014d644eccc232cd6906c5abf8afd3e53f94004057d4a1bb2771dfea00f0ae4b`
CRC32	`A90C17A8`
ssdeep	`49152:RU18F61w5Ts0AzHc8ZqfV7xPmljnjWwIZnQjH0xe0bQBTAMUlZyu:ifSXmHc8ctVPmZnj7IywZF`
Yara	PE_Header_Zero - PE File Signature Zero OS_Processor_Check_Zero - OS Processor Check Signature Zero Win32_Trojan_Gen_2_0904B0_Zero - Win32 Trojan Gen IsPE32 - (no description) IsWindowsGUI - (no description) HasDebugData - DebugData Check HasRichSignature - Rich Signature Check win_mutex - Create or check mutex win_files_operation - Affect private profile
VirusTotal	Search for analysis

Name	eba986e025deb2b5_qt5concurrentd.dll Submit file
Filepath	C:\Users\test22\AppData\Roaming\CachemanControlPanel\Qt5Concurrentd.dll
Size	74.5KB
Processes	4244 (Cacheman.txt)
Type	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5	`2378a50282d97268da9ef31e5850f44a`
SHA1	`96f5657d700769370e7da406321deb80e3a782a5`
SHA256	`eba986e025deb2b5e7e16d69a7f6e8266c5d3576074b36fdf4fd8ccc90824c7c`
CRC32	`CAAE1AD9`
ssdeep	`1536:qDmWfeg9w00eRovEaEI5Zs8kJqsJpni/xCGWL/ftUfT:iu00eR6EaEI5Zs8kJqsJpni/xCGWLnA`
Yara	PE_Header_Zero - PE File Signature Zero OS_Processor_Check_Zero - OS Processor Check Signature Zero IsPE32 - (no description) IsDLL - (no description) IsWindowsGUI - (no description) HasOverlay - Overlay Check HasDebugData - DebugData Check HasRichSignature - Rich Signature Check
VirusTotal	Search for analysis

Name	cccdc7c91a6ad01d_libogg-0.dll Submit file
Filepath	C:\Users\test22\AppData\Roaming\CachemanControlPanel\libogg-0.dll
Size	82.6KB
Processes	4244 (Cacheman.txt)
Type	PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
MD5	`87a4e5bc51a9c2533ac5308f3343a76b`
SHA1	`3427c4cd2f63ddb6787fbc3ee736b3b2433f0b91`
SHA256	`cccdc7c91a6ad01d2e1af8555fbde94787bf5ee39a61703008d0c2ed7f9e6ebe`
CRC32	`5A40ECA5`
ssdeep	`768:RIBmX6tFu4kYOvBHwDFHs0YZqCC3m1/z0BDtZH5zhG4tZtVnDPo1SndQzJdn1W:KBmX6S4kYOvJGMRZABDflIQiMnAJd1W`
Yara	PE_Header_Zero - PE File Signature Zero IsPE64 - (no description) IsDLL - (no description) IsConsole - (no description) HasOverlay - Overlay Check MinGW_1 - (no description)
VirusTotal	Search for analysis

Name	7cf28a256b6a4625_libblkmaker-0.1-6.dll Submit file
Filepath	C:\Users\test22\AppData\Roaming\CachemanControlPanel\libblkmaker-0.1-6.dll
Size	74.4KB
Processes	4244 (Cacheman.txt)
Type	PE32+ executable (DLL) (console) x86-64, for MS Windows
MD5	`c724b7986c72ea00cea20e4eea4e0c84`
SHA1	`e5d823be1b32561617f34078f45cb2afd5331feb`
SHA256	`7cf28a256b6a462546db89e2c8c8a70d0d759fe62567af20bddf57e63d4963b7`
CRC32	`EE636A4E`
ssdeep	`768:OCXGtEGupmGP9FAnIbGVgNy5dbOdr63EKcoD1vQIxxfIXdt:OFgcMAWGVgNy5dbOBJCQIxxgXdt`
Yara	PE_Header_Zero - PE File Signature Zero IsPE64 - (no description) IsDLL - (no description) IsConsole - (no description) HasOverlay - Overlay Check MinGW_1 - (no description) Str_Win32_Winsock2_Library - Match Winsock 2 API library declaration
VirusTotal	Search for analysis

Name	193b8f5ad2b61b58_zlib.dll Submit file
Filepath	C:\Users\test22\AppData\Roaming\CachemanControlPanel\zlib.dll
Size	83.0KB
Processes	4244 (Cacheman.txt)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`f433b1aab2d8f62edfa2fd2e3686e5f0`
SHA1	`c06891308b99388554c745fb80e359330d8fbced`
SHA256	`193b8f5ad2b61b5850753ea83df27ef776c5e43e041a6a984fb551ca8140a33a`
CRC32	`E7BA737E`
ssdeep	`1536:hoEz8+iLbyuv7MBe0HQOsgGu5myOT94vnToIff5IOcIOY3kNFoU4Pao:Jz8zLbyG7MBeD1YOT6TBfrSYUFotx`
Yara	PE_Header_Zero - PE File Signature Zero OS_Processor_Check_Zero - OS Processor Check Signature Zero IsPE64 - (no description) IsDLL - (no description) IsWindowsGUI - (no description) HasDebugData - DebugData Check HasRichSignature - Rich Signature Check
VirusTotal	Search for analysis

Name	0b2cabaf0b2aef51_libxml3.dll Submit file
Filepath	C:\Users\test22\AppData\Roaming\CachemanControlPanel\libxml3.dll
Size	532.5KB
Processes	4244 (Cacheman.txt)
Type	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5	`5ae30e4cdabb5b269b7eb358aae2d5e2`
SHA1	`58aae25bf64bd0b15be33ceb47ddb6ef3802433a`
SHA256	`0b2cabaf0b2aef51c3396b11e604c46b65eabc0cbde3e257bc9c9fd1c2446c6f`
CRC32	`CED893CE`
ssdeep	`12288:EJSjsd4Hd2kR6vk9YE0quvI1bi1TpD1BQwz9554Ya8Th7h:h956vk9YE0qwUwz934Ya8ThN`
Yara	PE_Header_Zero - PE File Signature Zero OS_Processor_Check_Zero - OS Processor Check Signature Zero Win32_Trojan_Gen_2_0904B0_Zero - Win32 Trojan Gen IsPE32 - (no description) IsDLL - (no description) IsWindowsGUI - (no description) HasDebugData - DebugData Check HasRichSignature - Rich Signature Check win_files_operation - Affect private profile
VirusTotal	Search for analysis

Name	05af99365637a46d_settings.xml Submit file
Filepath	C:\Users\test22\AppData\Roaming\CachemanControlPanel\settings.xml
Size	490.8KB
Processes	4244 (Cacheman.txt)
Type	data
MD5	`fa4b4f1f9869da4a0209bba251859efc`
SHA1	`fe7a4ee923d6eeb93e8a52778735120705d927a5`
SHA256	`05af99365637a46d18b5bc60d20e7cbd8943f250a15976c672b3d29ee1472d2f`
CRC32	`9AC3DD9E`
ssdeep	`3072:auYaHsoWaNGk4lwlaZLOmRE3+eanjLij/Uj5zsd+zqhCq1HmOIRAlLVLp8UDEYiF:a/EGk4lTZ9tziwYDChO2yVLatf6PM`
Yara	None matched
VirusTotal	Search for analysis

Name	a276f57503bad9a4_libgraph31.dll Submit file
Filepath	C:\Users\test22\AppData\Roaming\CachemanControlPanel\libgraph31.dll
Size	71.0KB
Processes	4244 (Cacheman.txt)
Type	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5	`040352d2528df9a7ec3b5adca3bab444`
SHA1	`a08dbfa5d9edc2eba36fd0fe287e0fb1e37a7e97`
SHA256	`a276f57503bad9a4bca17e8e057993607e715c1fa6c7d2e136a2290a19efd560`
CRC32	`441163BD`
ssdeep	`1536:klv6q1ZwQpNmwLsBHvahLdYZPLdsWVcdyXWADttnY:eZZDNTsBHvS+VYyXWAJtnY`
Yara	PE_Header_Zero - PE File Signature Zero OS_Processor_Check_Zero - OS Processor Check Signature Zero IsPE32 - (no description) IsDLL - (no description) IsWindowsGUI - (no description) HasDebugData - DebugData Check HasRichSignature - Rich Signature Check win_files_operation - Affect private profile
VirusTotal	Search for analysis

Name	e3b0c44298fc1c14_nsyFF38.tmp Empty file or file not found
Filepath	C:\Users\test22\AppData\Local\Temp\nsyFF38.tmp
Size	0.0B
Type	empty
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
CRC32	`00000000`
ssdeep	`3::`
Yara	None matched
VirusTotal	Search for analysis

Name	438ae82ffd621a24_libgcc_s_seh-1.dll Submit file
Filepath	C:\Users\test22\AppData\Roaming\CachemanControlPanel\libgcc_s_seh-1.dll
Size	74.5KB
Processes	4244 (Cacheman.txt)
Type	PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
MD5	`534b365361004828059600f05b34006d`
SHA1	`d8ff411b0939a021f47c845c6a90f1240bab5268`
SHA256	`438ae82ffd621a2413199155574cc85681f8986f05420b1485aa4be936c3bc0b`
CRC32	`9D9D2920`
ssdeep	`1536:TVhSLCst8rZQk8HzR8+lXbPtccSPOrBT3SIKBx:itu7+lOcCO1TI/`
Yara	PE_Header_Zero - PE File Signature Zero IsPE64 - (no description) IsDLL - (no description) IsConsole - (no description)
VirusTotal	Search for analysis

Name	9ec4afad505e0a3d_vcruntime140.dll Submit file
Filepath	C:\Users\test22\AppData\Roaming\CachemanControlPanel\vcruntime140.dll
Size	74.4KB
Processes	4244 (Cacheman.txt)
Type	PE32 executable (DLL) (console) Intel 80386, for MS Windows
MD5	`5f9d90d666620944943b0d6d1cca1945`
SHA1	`08ead2b72a4701349430d18d4a06d9343f777fa6`
SHA256	`9ec4afad505e0a3dad760fa5b59c66606ae54dd043c16914cf56d7006e46d375`
CRC32	`CF0554B4`
ssdeep	`1536:TpIhq3RcCBwca4EZEXNciFk+ikPC+ecbiLgavG:TpIY3RcCKcajodF4+ecbiLI`
Yara	PE_Header_Zero - PE File Signature Zero OS_Processor_Check_Zero - OS Processor Check Signature Zero IsPE32 - (no description) IsDLL - (no description) IsConsole - (no description) HasOverlay - Overlay Check HasDebugData - DebugData Check HasRichSignature - Rich Signature Check Win32_Trojan_Gen_1_0904B0_Zero - Win32 Trojan Emotet
VirusTotal	Search for analysis

Name	6c6aec02a64caa9f_libgstcontroller-1.0-0.dll Submit file
Filepath	C:\Users\test22\AppData\Roaming\CachemanControlPanel\libgstcontroller-1.0-0.dll
Size	74.7KB
Processes	4244 (Cacheman.txt)
Type	PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
MD5	`8cf8b4b065bf720ae2d96dba7b86f285`
SHA1	`8d0cd6b3860ee0dc23ac261814f7c2db282f127e`
SHA256	`6c6aec02a64caa9f868f2fddc14f666ca4fffd27d41010affd1a5826852b3d09`
CRC32	`CBE4BE06`
ssdeep	`1536:c8p2RxGoPW5Oa6uUDsCGln6K1Ax6K//u3D5NSSG3H0SATWzC9Y0JwazM1s7f:c8p2R1HnDsbn8xt/G8SG3H0SA4C9Y0JP`
Yara	PE_Header_Zero - PE File Signature Zero IsPE64 - (no description) IsDLL - (no description) IsConsole - (no description) HasOverlay - Overlay Check
VirusTotal	Search for analysis

Name	34cc061fc29d7af7_dxgi.dll Submit file
Filepath	C:\Users\test22\AppData\Roaming\CachemanControlPanel\dxgi.dll
Size	74.5KB
Processes	4244 (Cacheman.txt)
Type	data
MD5	`87c8cc0f69619e3706b7b0f429d82263`
SHA1	`88d543a169cd919874c914f5caabe561bce2e907`
SHA256	`34cc061fc29d7af780331dcdee70ba57925e235aeb45dac6710cc3a3f78914c2`
CRC32	`FD5CF04D`
ssdeep	`1536:LTC1hHQ8Ol3smLKj45olGALbifbtboj7AN4dxcPyQl9T/PdxvQe2gBqwklpQCF7:3Cxd7VlGAq5knAsCTLo/cqw6pP7`
Yara	None matched
VirusTotal	Search for analysis