popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name d172d750493be64a_icon18_wrench_allbkg[1].png
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BYECVYBT\icon18_wrench_allbkg[1].png
Size 475.0B
Processes 3532 (mshta.exe)
Type PNG image data, 18 x 18, 8-bit colormap, non-interlaced
MD5 f617effe6d96c15acfea8b2e8aae551f
SHA1 6d676af11ad2e84b620cce4d5992b657cb2d8ab6
SHA256 d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
CRC32 87FB2FCE
ssdeep 12:6v/7ElZUJDdwjI5Fa4ep0LPf+veUxQn6/Xh0ptMQsfZhkNTpQEsb7:ZK1dw0etKjfUxQn6/x0DWrETpQZb7
Yara
  • PNG_Format_Zero - PNG Format
VirusTotal Search for analysis
Name 4021df68f91881e7_error[1]
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\error[1]
Size 3.2KB
Processes 3532 (mshta.exe)
Type HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators
MD5 7d46fb61e9b1b0d57df00e1b3d392e33
SHA1 5b14562e288d76851164bd8a65d13d987d6da375
SHA256 4021df68f91881e7e4bf54d6795f9186ccab9a3813f5c4358c1b5a81560da891
CRC32 BAD674A7
ssdeep 96:CwhabJ/1xjqDbT2pftwEjlddFBdd5w3dddDzMddv+dd8WfFhllhX4PyAvdh:TcC2pTnsPkIDll4KIh
Yara None matched
VirusTotal Search for analysis
Name 45c18f9856d030a2_powerp12.pip
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Office\PowerP12.pip
Size 1.4KB
Processes 996 (POWERPNT.EXE)
Type data
MD5 d0618654ed78b951df985be8c39392c5
SHA1 bf7ac9ff4c69aa1ca7f7b46e487bc3228984dea7
SHA256 45c18f9856d030a210300db8dedf1a544d4dfc5238d084ab1540831ce6368d1b
CRC32 2A89474D
ssdeep 24:ukNzSV1glbWa1UqylJZzwA6K2vmmXIEueSA7FfjSeMemiefs8RPZzXB+6Gto1rYe:rNzSV1Ht7FlDzmXNA5iefsQBLB+Fo1rn
Yara None matched
VirusTotal Search for analysis
Name bd9df047d51943ac_ddsobpechateessentesathatesesjdw[1].htm
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\ddsobpechateessentesathatesesjdw[1].htm
Size 178.0B
Processes 3532 (mshta.exe)
Type HTML document, ASCII text, with CRLF line terminators
MD5 cd2e0e43980a00fb6a2742d3afd803b8
SHA1 81ffbd1712afe8cdf138b570c0fc9934742c33c1
SHA256 bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
CRC32 0296DA05
ssdeep 3:qVoB3tUROGclXqyvXboAc9FKEIHiHby4AqWSZUXqXlIVLLP61IwcWWGu:q43tISl6kXiWHiHuwWSU6XlI5LP8IpfB
Yara None matched
VirusTotal Search for analysis
Name 22ca5e3dcd26fa66_115981500-css_bundle_v2[1].css
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\115981500-css_bundle_v2[1].css
Size 36.1KB
Processes 3532 (mshta.exe)
Type ASCII text, with very long lines
MD5 c29aa18d795af74929173ceb3122e759
SHA1 5b39dbf5bbecfc61d844242c136d3f1ceea88d7f
SHA256 22ca5e3dcd26fa66a4af4b4a5d47a6a3a17f4cb9abdd03707901758b28f5c1d6
CRC32 C4A0C5E2
ssdeep 384:B0OhFvg3AwN6VysImDyPWquJMpx/SCYW0bS8+Rl9yapwuJ86YKSQCNL/J69nKg9N:B0Oh+/N6nIm6IvW0ErVJwxgngRdFr2
Yara None matched
VirusTotal Search for analysis
Name 72955f3553c94bf3_blogin[1].htm
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\blogin[1].htm
Size 335.0B
Processes 3532 (mshta.exe)
Type gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
MD5 cd09c4c81a7ac25b56477d2b5914dbc3
SHA1 fbeddba236b3966f8045848f7ff00bd6db132f63
SHA256 72955f3553c94bf367b6e76a3afc226fec51be6b6cc97410e9351cf9d243539a
CRC32 78CDBB57
ssdeep 6:XtP810AQctT+fjmyTygoegz2Q7vYPqd3wJmpmiWF8X+EHpXzXt:Xa00cfyqb3Q7gPVewl6pXzXt
Yara None matched
VirusTotal Search for analysis
Name a09131f2885086eb_3858658042-comment_from_post_iframe[1].js
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\3858658042-comment_from_post_iframe[1].js
Size 13.0KB
Processes 3532 (mshta.exe)
Type ASCII text, with very long lines
MD5 ee77ab1c7ca023a501e4da28ccc2915f
SHA1 f309fb6b570041ee11c830aba4dd58d586d193b6
SHA256 a09131f2885086eb3dea6a379c43e58c88e683b99fb7cf9cefde399dfd68d0ff
CRC32 8CA7AEEB
ssdeep 192:BqWjbSFO5Og47t7xNycGK7SlV4cjCqN1Yae3CCaJzWTKtTOpY2Dzt8cvtWPXtxQK:BqGSFOsZM61WyV3CCaJIav2F8G2XnQK
Yara None matched
VirusTotal Search for analysis
Name ca9848e6006cfec8_icon18_edit_allbkg[1].gif
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BYECVYBT\icon18_edit_allbkg[1].gif
Size 162.0B
Processes 3532 (mshta.exe)
Type GIF image data, version 89a, 18 x 18
MD5 c991641178ff05adf0d004298b5eafa9
SHA1 d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
SHA256 ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
CRC32 542232D5
ssdeep 3:CUS9n21IZClSWEj5QQxlEGsSZpZcYES9XfLvlcDdcpFXn:HS9nSIUlSlNQQjEGsSJcYEowdcrX
Yara None matched
VirusTotal Search for analysis
Name da3eb4ab25e02a8d_1277698886-ieretrofit[1].js
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BYECVYBT\1277698886-ieretrofit[1].js
Size 26.1KB
Processes 3532 (mshta.exe)
Type ASCII text, with very long lines
MD5 cb9af0197f496f52b471a76cfd8d601a
SHA1 067b3ee27f6b49431b5c72791d52f353c577853b
SHA256 da3eb4ab25e02a8dc118febc626df495acd468e84bc0b9767b56e8959b150f99
CRC32 7DBDE732
ssdeep 384:kRXBsAF8UMG+43L1dHMqXCxPHo189YaGuVMxoufjWFerWxWHrog4P+eF4MeUkz9+:kRX1kwqwVqkWxWHrwjF4VUQ9DlbQ
Yara None matched
VirusTotal Search for analysis
Name 934d8989883b7cf1_1564291244-widgets[1].js
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\1564291244-widgets[1].js
Size 143.9KB
Processes 3532 (mshta.exe)
Type ASCII text, with very long lines
MD5 785136fe4454f41862d0a9e70982dd6c
SHA1 76f4b04df165030565576648e156ab4600200196
SHA256 934d8989883b7cf1c2c336b02c88ab26f80edd2a2447686665665a5c0dacb86c
CRC32 1B911F50
ssdeep 1536:Mi2uQ2rcWe9MZ4oxI4VKq7N49dlbQ3KwwPBsYn7YJlUNpKG2rQNj3NvEk7GFciNX:OSVKqqU3KVbHIrkZGIVm
Yara None matched
VirusTotal Search for analysis
Name 88e644e32a8e97f7_dhc05l4c.txt
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Cookies\DHC05L4C.txt
Size 90.0B
Processes 3532 (mshta.exe)
Type ASCII text
MD5 423816dfb716cf468cff3f2e62a86d2b
SHA1 e5ffc3af461d60fcebf470f41bba5a8887e5e49c
SHA256 88e644e32a8e97f7b5e4c4d8165cc09bc4fa2312a8afe7b93cc9c5224a56a935
CRC32 07210BA6
ssdeep 3:jvdni6yUBkYi29aROVGV2RmdQnCvPvn:hnZHBji29ad2+Xn
Yara None matched
VirusTotal Search for analysis
Name 50988e57db0ca47f_divine11111[1].htm
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BYECVYBT\divine11111[1].htm
Size 41.5KB
Processes 3532 (mshta.exe)
Type HTML document, ASCII text, with very long lines
MD5 2eeda876014265c8413ef0e565a96657
SHA1 2d151b9f9243f30ee6bd2fb7912b6feff85dbaeb
SHA256 50988e57db0ca47f40ed37d48d220e59a632c78e891229a33d03cd32d0e419fa
CRC32 8827D37B
ssdeep 768:m43eyHHvPWdN+hQI7D7Q7ZAYCZntCaRklfiQ6ntMssXnSwGQ2SVO:m43LHH2dN+NUaRmwnFwGl
Yara None matched
VirusTotal Search for analysis
Name 9fbeb096c4815ab0_ddsobpechateessentesathatesesjdw[2].htm
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\ddsobpechateessentesathatesesjdw[2].htm
Size 149.0B
Processes 3532 (mshta.exe)
Type HTML document, ASCII text
MD5 a2cb4ab4ebbec7adba074c416b9339ea
SHA1 52d41af446a7528ff397f7c023f38611c87fa7b2
SHA256 9fbeb096c4815ab02a75ccc246dda325bcfc4e1bd5532d7c76a4a5df9343192c
CRC32 ABB5212A
ssdeep 3:qVvzLURODccZ/vXbvx9nDyrWRKASKl6PNcNRkjkFSXbKFvNGb:qFzLIeco3XLx92rT1Kli2ojMSLWQb
Yara None matched
VirusTotal Search for analysis