popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 544f4adcd34cb027_recoverystore.{4cbe792b-b231-11eb-bde1-94de278c3274}.dat
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{4CBE792B-B231-11EB-BDE1-94DE278C3274}.dat
Size 5.0KB
Processes 1756 (iexplore.exe)
Type Composite Document File V2 Document, Cannot read section info
MD5 5bd9a55b877cb14c73de1aea1ffebb5c
SHA1 77acc668a533f35d7bfd68fe5d6534452528aabd
SHA256 544f4adcd34cb0278850cea92ee1bbf83ed681e729eb1f014e8c90e1fd494c06
CRC32 9F0BDC70
ssdeep 12:rlfF2hrEg5+IaCrI0CI7eF2S/ETrEgmZ+IaCrI0CIc8GmRVOeMiqI771NlTqbaxh:rqh5/fS/ETG5/k85jBM+NlWTNlW
Yara
  • Microsoft_Office_File_Zero - Microsoft Office File
VirusTotal Search for analysis
Name 0da69c7edc37d3b6_cosmos[1].exe
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\cosmos[1].exe
Size 792.0KB
Processes 2744 (iexplore.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 5f4725f701ced44640eaa5c979bc01a6
SHA1 5330b95ba87c40296b16f8313ad552172c896237
SHA256 0da69c7edc37d3b66c49f77a5aaca03f37732725108f7a7acec33eab349fcd7f
CRC32 C1B301B7
ssdeep 12288:gEuyisQVKXeIDLY2BYF/UKGS3/B+9Gqbbykkp0/qTlxwDjBot6hwACSb04AD1jx:iK7DLY3mcBs9byLO/qhSPSt6hESOZ
Yara
  • Malicious_Library_Zero - Malicious_Library
  • Win_Backdoor_AsyncRAT_Zero - Win Backdoor AsyncRAT
  • Win32_Trojan_PWS_Net_1_Zero - Win32 Trojan PWS .NET Azorult
  • Is_DotNET_EXE - (no description)
  • OS_Processor_Check_Zero - OS Processor Check
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
VirusTotal Search for analysis
Name 9f01e018f50e86f1_{4cbe792c-b231-11eb-bde1-94de278c3274}.dat
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{4CBE792C-B231-11EB-BDE1-94DE278C3274}.dat
Size 4.5KB
Processes 1756 (iexplore.exe)
Type Composite Document File V2 Document, Cannot read section info
MD5 0befa0ebc1c1ae3ca933d0690be1d232
SHA1 c1d51221e8f0706a229ec5dddfa5d3278a5fd6a8
SHA256 9f01e018f50e86f1d2228cb075fc3ec0e82b352cfc176ae348ef87db0c75e65c
CRC32 64F97FEA
ssdeep 12:rlxAFge/ZrEgm8GL7KFkDrEgm8G/7qsLNl26abax1NlUfRbaxTGK:rnOG8gG8yLNlIoNlQ7K
Yara
  • Microsoft_Office_File_Zero - Microsoft Office File
VirusTotal Search for analysis