popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name a96001f92f190490_590aee7bdd69b59b.customdestinations-ms
Submit file
Filepath c:\users\test22\appdata\roaming\microsoft\windows\recent\customdestinations\590aee7bdd69b59b.customdestinations-ms
Size 7.8KB
Processes 7236 (powershell.exe)
Type data
MD5 77dfc370498534a5df1fc467d3ee73ce
SHA1 5fcef2d483ab8d5d1c89c9efe50734ca29f01ec4
SHA256 a96001f92f1904904e6cc962ef38ee4a4b4f486d254ea4e10fbb8192aec33ad8
CRC32 7851B322
ssdeep 96:wtuCiGCPDXBqvsqvJCwoNtuCiGCPDXBqvsEHyqvJCwor3tDHXyGlUVul:wt7XoNt7bHnordTyY
Yara
  • Antivirus - Contains references to security software
VirusTotal Search for analysis
Name 2533db6297e34332_{cad1ad78-a94b-11eb-bde1-94de278c3274}.dat
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{CAD1AD78-A94B-11EB-BDE1-94DE278C3274}.dat
Size 3.5KB
Processes 1520 (iexplore.exe)
Type Composite Document File V2 Document, Cannot read section info
MD5 ffeda67010fd857f11108fc47ae02722
SHA1 20af5a8c56fe1d58901d8d0a43dde586d3f96953
SHA256 2533db6297e34332ebc3e4bb868032e2a9e30a0b5afaab21d812438c57da6da9
CRC32 DC66D4BA
ssdeep 12:rl0oXGFwxrEgmfUB76FfrEgmfkx7qTNlD9baxrKtHaK+wT4w:r5xGHGMSNlRnlh+E
Yara
  • Microsoft_Office_File_Zero - Microsoft Office File
VirusTotal Search for analysis
Name 1fbc0ce30148ef8b_magiainenne.txt
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\MaGiaiNenNe.txt
Size 452.0B
Processes 3872 (iexplore.exe)
Type Little-endian UTF-16 Unicode text, with CRLF, CR line terminators
MD5 a212fba1107d21d9b424a76d9a20ea4d
SHA1 bef349e5b6a318663cdc77a3b6ddb7c06e7db3ad
SHA256 1fbc0ce30148ef8b64b7968b3ef82e3c52d0d724c08e1cf857ef67ff235a859c
CRC32 1FD3A4F6
ssdeep 6:QMffrfkeFIbrWkVyODosBc4fO2Yo8N6sZdCoK6aAOhfKMd:Q2frf3MyoBBchpHTCp
Yara None matched
VirusTotal Search for analysis
Name 6c645e4f06b858e9_recoverystore.{cad1ad77-a94b-11eb-bde1-94de278c3274}.dat
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{CAD1AD77-A94B-11EB-BDE1-94DE278C3274}.dat
Size 4.5KB
Processes 1520 (iexplore.exe)
Type Composite Document File V2 Document, Cannot read section info
MD5 07c8c656cf79948267800529518bdc29
SHA1 f7a971e5c316ca60a27fcd306784faf50d555d92
SHA256 6c645e4f06b858e9f25b239bae0ac28819d9495b9df4217697cff3211a72a1c5
CRC32 22C7D9C5
ssdeep 12:rlfF2soUrEg5+IaCrI0F7+F23rEg5+IaCrI0F7ugQNlTqbaxDbububZNlTqbaxDS:rqsoU5/135/3QNlWiiitNlWiiyG
Yara
  • Microsoft_Office_File_Zero - Microsoft Office File
VirusTotal Search for analysis