popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 7676e145db131128_561125.od
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\561125.od
Size 134.0B
Processes 1972 (EXCEL.EXE)
Type ASCII text, with CRLF line terminators
MD5 4bac14773d3d4b4db362e756ba9f4ad7
SHA1 4ebcf19cff33a180ba6c48404eccc1fd652689a2
SHA256 7676e145db13112898d78590c18301d74f67718bec54969b4a7dbe77ab082e22
CRC32 5FE87673
ssdeep 3:OFrpRCMKLovyafNREalYEC9WoIk5zAajEY5RcdBjjSUvv:OKMKcaaYal9oIkkY5KZSQv
Yara None matched
VirusTotal Search for analysis
Name eee67b994f664901_error019720_01.xml
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\error019720_01.xml
Size 782.0B
Processes 1972 (EXCEL.EXE)
Type XML 1.0 document, UTF-8 Unicode text, with very long lines, with CRLF line terminators
MD5 70c278ca8ac5b7528fcc8a52fd625f5a
SHA1 bc85774770bfec04f68aafea3379c6d878b08141
SHA256 eee67b994f664901578ef8b3b0d35309fc63d20074ec3e23e5b80186db11aed4
CRC32 6FE11EAB
ssdeep 12:TMHdtz6fxVid5C+YOLMDiXJifc1QxDzGIE+Q5U5b8fA287A3U5b8jVA287bWb:2dtz6fxAd5qmXJgzGV+GaB7GoB7bWb
Yara None matched
VirusTotal Search for analysis
Name 8f8268c13ddc484a_cvr78f2.tmp.cvr
Submit file
Filepath C:\Users\Public\CVR78F2.tmp.cvr
Size 682.0KB
Processes 1972 (EXCEL.EXE)
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5 3d38578600e828c447707199822dacd4
SHA1 b83a8cbcd1b9467406461cbdf58d0bdd4cf8a3a5
SHA256 8f8268c13ddc484a180cff0dd8e764e328897e7a978d0f45e9c26de57f233106
CRC32 DD6BF702
ssdeep 12288:djCT8mUIP/MfzluXxWok8sRX0yad9ePV7wU9eOjSA4lhHDenPe19hgU/yutzozMo:djCThrolQxWok8sRJFSAk6e19hgIDc
Yara
  • Win32_Trojan_Gen_1_0904B0_Zero - Win32 Trojan Emotet
  • PE_Header_Zero - PE File Signature
  • IsDLL - (no description)
  • Win32_Trojan_Gen_2_0904B0_Zero - Win32 Trojan Gen
  • OS_Processor_Check_Zero - OS Processor Check
  • IsPE32 - (no description)
VirusTotal Search for analysis