Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
09.22 04:09
2.exe
09.21 02:09
random.exe
09.21 02:09
sdhsfd.exe
09.21 02:09
66edb89bc4073_crypted....
09.21 02:09
66ed33772bbe7_vdfhsjf1...
09.21 02:09
game.exe
09.21 02:09
66ebb3bf78bd6_Send.exe...
09.21 02:09
66ed33717e4c1_vfdshfda...
09.21 02:09
random.exe
09.21 02:09
66ed336eac985_vdfhssfd...

Latest News
09.22 04:09
Was können Roboter wir...
09.22 04:09
Schluss mit Basis-Auth...
09.22 04:09
Deutsches Jugendherber...
09.22 02:09
Learn How to Dissect B...
09.22 02:09
Jumperless Breadboard ...
09.22 02:09
Hacker behind Snowflak...
09.22 01:09
03 - Identifying Signs...
09.22 01:09
Hacktivist Group Twelv...
09.22 01:09
Join us at Microsoft I...
09.22 01:09
How comprehensive secu...

Dropped Files | ZeroBOX

Name	f4c4b4297168c761_~$in6-4.doc Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\~$in6-4.doc
Size	162.0B
Processes	1116 (WINWORD.EXE)
Type	data
MD5	`feaaa355620b19ea173c59107d1c6c29`
SHA1	`951cc89cb1578eb8c473e25ac4d84367a71a509a`
SHA256	`f4c4b4297168c7613f1237c65c5ff5715efa1d23f30fc3ea7f04e3d57337cbf0`
CRC32	`04AB9EE2`
ssdeep	`3:yW2lWRdvL7YMlbK7lZunNWVhnlylt:y1lWnlxK73hhnl0`
Yara	None matched
VirusTotal	Search for analysis

Name	5198fa0f5db0645b_~$normal.dotm Submit file
Filepath	C:\Users\test22\AppData\Roaming\Microsoft\Templates\~$Normal.dotm
Size	162.0B
Processes	1116 (WINWORD.EXE)
Type	data
MD5	`8eb7ef27966ff233cf87b14b723ff88a`
SHA1	`8c0734adcb7a05ccf6d588c3a11749fd6c902126`
SHA256	`5198fa0f5db0645b75383f7ff4a2a183b1233d88fa1585d3b72289901f4338ae`
CRC32	`8D0535B5`
ssdeep	`3:yW2lWRdvL7YMlbK7l0:y1lWnlxK7S`
Yara	None matched
VirusTotal	Search for analysis

Name	cf11d6b3c18d4c02_d93f411851d7c929.customdestinations-ms Submit file
Filepath	c:\users\test22\appdata\roaming\microsoft\windows\recent\customdestinations\d93f411851d7c929.customdestinations-ms
Size	7.8KB
Processes	596 (powershell.exe)
Type	data
MD5	`f2f5505600e2895c007b3ff3cfe3d4aa`
SHA1	`f0235a3c8056872d55eeef803d1bc33bac37a753`
SHA256	`cf11d6b3c18d4c02466b670bcb0394ac49382e6a87ad58d2561f2660922b586c`
CRC32	`9AF5ED3C`
ssdeep	`96:EtuCojGCPDXBqvsqvJCwoJtuCojGCPDXBqvsEHyqvJCworc7HwxGlUVul:Etu6XoJtu6bHnorXxY`
Yara	Antivirus - Contains references to security software
VirusTotal	Search for analysis

Name	e3b0c44298fc1c14_Roaming.exE Empty file or file not found
Filepath	C:\Users\test22\AppData\Roaming.exE
Size	0.0B
Type	empty
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
CRC32	`00000000`
ssdeep	`3::`
Yara	None matched
VirusTotal	Search for analysis

Name	4826c0d860af884d_~wrs{5f8b61f0-3c4f-4530-a0a2-26cab4cfd072}.tmp Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{5F8B61F0-3C4F-4530-A0A2-26CAB4CFD072}.tmp
Size	1.0KB
Processes	1116 (WINWORD.EXE)
Type	data
MD5	`5d4d94ee7e06bbb0af9584119797b23a`
SHA1	`dbb111419c704f116efa8e72471dd83e86e49677`
SHA256	`4826c0d860af884d3343ca6460b0006a7a2ce7dbccc4d743208585d997cc5fd1`
CRC32	`23C03491`
ssdeep	`3:ol3lYdn:4Wn`
Yara	None matched
VirusTotal	Search for analysis