popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 29ed4761fae45da4_recoverystore.{8ee1bedf-b47f-11eb-bde1-94de278c3274}.dat
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{8EE1BEDF-B47F-11EB-BDE1-94DE278C3274}.dat
Size 5.0KB
Processes 2208 (iexplore.exe)
Type Composite Document File V2 Document, Cannot read section info
MD5 63cacc8a5f670027bd3f67ad5b87b341
SHA1 73e85e0b5cab9f1a692e5a3deef3de5db333a709
SHA256 29ed4761fae45da41042e9bde0d51945e34955eb75cffd4403065288ac0278dd
CRC32 EE52581E
ssdeep 12:rlfF2FrxrEg5+IaCrI0CI7eF2FryTrEgmZ+IaCrI0CIc8GmRVOeMiqI771NlTqbA:rqtx5/ftyTG5/k85jBM+NlWLNlW
Yara
  • Microsoft_Office_File_Zero - Microsoft Office File
VirusTotal Search for analysis
Name 768f3c029cc79ae2_7q2tjgey0ti3e[1].doc
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\7Q2TJGEY0TI3E[1].doc
Size 183.5KB
Processes 1332 (iexplore.exe)
Type Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, Code page: 1252, Subject: silver Bedfordshire Generic Metal Table payment Planner Dynamic Proactive exuding maroon feed hacking B2B deposit Intelligent Metal Chicken, Author: Ambre Gerard, Template: Normal.dotm, Last Saved By: Maxence Denis, Revision Number: 1, Name of Creating Application: Microsoft Office Word, Create Time/Date: Wed Dec 23 07:47:00 2020, Last Saved Time/Date: Wed Dec 23 07:47:00 2020, Number of Pages: 1, Number of Words: 2964, Number of Characters: 16899, Security: 8
MD5 b66d8fe119418a8a69d1276b36eb2fc0
SHA1 4b921043d94136bca5d42ad98a1b7e962a5b9af1
SHA256 768f3c029cc79ae21d7c732487da93f0e8c7d19a83737f9ce7e107e3adc9054c
CRC32 3071E8A0
ssdeep 3072:1D9ufstRUUKSns8T00JSHUgteMJ8qMD7g0iTi737wO6N9csfcub0iY7:N9ufsfgIf0pLre737wO6N9csfcub0iY7
Yara
  • Contains_VBA_macro_code - Detect a MS Office document with embedded VBA macro code [binaries]
  • Microsoft_Office_File_Zero - Microsoft Office File
VirusTotal Search for analysis
Name 478d616c3e92c417_{8ee1bee0-b47f-11eb-bde1-94de278c3274}.dat
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{8EE1BEE0-B47F-11EB-BDE1-94DE278C3274}.dat
Size 4.5KB
Processes 2208 (iexplore.exe)
Type Composite Document File V2 Document, Cannot read section info
MD5 fd10d9032be33c0bcfc4f4ab840391cb
SHA1 afb9022a32a73ef43ddf819612c70445e39863ab
SHA256 478d616c3e92c417329a333c372dec2b6d94cac1ad44cc151af8b3c49f349426
CRC32 BC7D7DDF
ssdeep 12:rlxAFmdZrEgm8GL7KFOsmxrEgm8G77qsANl26abax1NlwfRbaxxt7K4dW:r7dZG8+xG8mANlIoNlcQtJdW
Yara
  • Microsoft_Office_File_Zero - Microsoft Office File
VirusTotal Search for analysis