Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
04.28 04:04
Purchase Order.pdf.msc
04.28 02:04
setup.exe
04.28 02:04
2025416-方案1-方案細節.pdf.lnk
04.28 10:04
Distribution Document....
04.28 10:04
pik.ps1
04.28 10:04
123.hta
04.28 10:04
verify-sec
04.28 10:04
nums.vbs
04.28 10:04
op.exe
04.28 10:04
cred.dll

Latest News
04.28 11:04
Life on K2-18b? Don’t ...
04.28 11:04
Thiel-Backed Fintech N...
04.28 11:04
[UPDATE] [niedrig] GNU...
04.28 11:04
[UPDATE] [mittel] popp...
04.28 11:04
[UPDATE] [mittel] popp...
04.28 11:04
[UPDATE] [mittel] Red ...
04.28 11:04
[UPDATE] [hoch] popple...
04.28 11:04
Sicherheitslücken: Att...
04.28 11:04
⚡ Weekly Recap: Critic...
04.28 10:04
Cybersecurity CEO Char...

Dropped Files | ZeroBOX

Name	8dfcb0fb79535dca_qt5concurrent.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Qt5Concurrent.dll
Size	31.9KB
Processes	2232 (27364cdfec04f571117b8425e851343b.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`c4870581bfefb30b9b8ea0ccf0d6e165`
SHA1	`db6335b8317de6fb337125985972824815cf1e0c`
SHA256	`8dfcb0fb79535dca840eba83f2ba27f209cd2f5a36bdfce87071eafd6496e99f`
CRC32	`ED4A95CA`
ssdeep	`768:1fiKnb4/a+ehPR9ieU888V1rgFhj1r9PeC:1fqCfAeB8U1rYr9X`
Yara	IsPE64 - (no description) IsDLL - (no description) PE_Header_Zero - PE File Signature OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	a023bceecdcbc63c_snapshot_blob.bin Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\snapshot_blob.bin
Size	50.1KB
Processes	2232 (27364cdfec04f571117b8425e851343b.exe)
Type	data
MD5	`d22fd4895f85334ea32f0794035391bb`
SHA1	`4e5989ef8e71e5b3cc19fec30cbca5054b31df1c`
SHA256	`a023bceecdcbc63ce5179e4dd26e91633ff85a7651e28faa50300c71ad097360`
CRC32	`28454F22`
ssdeep	`1536:pxZ1VeKt2ZuIq8yAFmywHkCNz8Svsw25S0:EZI8FmNkCNzn0vB`
Yara	Generic_Malware_Zero - Generic Malware
VirusTotal	Search for analysis

Name	22895c51aa2a75fe_install.dll.lnk Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\install.dll.lnk
Size	796.0B
Processes	2232 (27364cdfec04f571117b8425e851343b.exe)
Type	MS Windows shortcut, Item id list present, Has Relative path, Has command line arguments, ctime=Sun Dec 31 15:32:08 1600, mtime=Sun Dec 31 15:32:08 1600, atime=Sun Dec 31 15:32:08 1600, length=0, window=hide
MD5	`4d318ce5aa1a267e90a33df388032e0a`
SHA1	`792c667b242d9789b55b034090cee24fcf470ab0`
SHA256	`22895c51aa2a75fe159e9b9bc10a62b2ef2bd6c4d5784c6aaa781407d2ecdd8b`
CRC32	`38A089AE`
ssdeep	`12:8AlXEbC3pQVe/4V3lrW+filrs/Q1cGJwDmNz4t2YLEPKzlX8:8A7pQQClK+filrL1jBPy`
Yara	Lnk_Format_Zero - LNK Format
VirusTotal	Search for analysis

Name	a8e79133fdda3413_install.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\install.dll
Size	5.5KB
Processes	2232 (27364cdfec04f571117b8425e851343b.exe) 1536 (rundll32.exe)
Type	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5	`d7a2fe11bef3ccc42a1a29a2afb62323`
SHA1	`ca60570ddf0170099280aee3f8b250752c2c9f43`
SHA256	`a8e79133fdda3413e96d4b2808b4484aa2a2b3df4d0d65919896eda84cef153c`
CRC32	`682BEB2C`
ssdeep	`48:qy90ua69yZgpkE1ZPRTlyID6tlbihIfcZJfLbfbdyR+P8Wseu/gdW:3SMEZVE1ZPxElbihIfcZxFuXI`
Yara	IsDLL - (no description) PE_Header_Zero - PE File Signature Generic_Malware_Zero - Generic Malware IsPE32 - (no description)
VirusTotal	Search for analysis

Name	489b212676f1f9bc_install.dat Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\install.dat
Size	544.9KB
Processes	2232 (27364cdfec04f571117b8425e851343b.exe) 1536 (rundll32.exe)
Type	data
MD5	`15bd2bbf870f580e27ceff98747ca6b5`
SHA1	`4964d6c024ac25972a6be4316dfe55de9eb38d26`
SHA256	`489b212676f1f9bc593d28aafb2229b66292bba19c029a011e95540a94e4edd2`
CRC32	`8D76CFDC`
ssdeep	`12288:qL9GtrB6svl9Wldt9lKD0sDxtv/S20NNEMQl:qL2dHqpHM0sqpy3`
Yara	None matched
VirusTotal	Search for analysis