popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 54f511647ae61371_fqxx3.url
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Office\Recent\fQXx3.url
Size 45.0B
Processes 7388 (WINWORD.EXE)
Type MS Windows 95 Internet shortcut text (URL=<http://bit.do/fQXx3>), ASCII text, with CRLF line terminators
MD5 26a8966aec53d996343e80bdcece0a7d
SHA1 9281fd417dc0c090871bf4927a69d02b5188d547
SHA256 54f511647ae6137154846c96a1556a77685d4f21c33eeaf7817b102f92efb3a4
CRC32 077755E9
ssdeep 3:HRAbABGQYm/hQ1uey:HRYFVm/hCy
Yara None matched
VirusTotal Search for analysis
Name 1e1ecf156a4ec2a8_~$normal.dotm
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Templates\~$Normal.dotm
Size 162.0B
Processes 7388 (WINWORD.EXE)
Type data
MD5 dde462a11c376b034b192cf6128cb222
SHA1 0ab30e807bd7407385f5fbd059f57c511a45027e
SHA256 1e1ecf156a4ec2a8cc68e9dec122c1999e7ff1c7397fde15467bcbe12db59397
CRC32 3A0BC486
ssdeep 3:yW2lWRdvL7YMlbK7ldll:y1lWnlxK7
Yara None matched
VirusTotal Search for analysis
Name 3315992169722bda_fqxx3[1].htm
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\fQXx3[1].htm
Size 6.3KB
Processes 7388 (WINWORD.EXE)
Type HTML document, ASCII text
MD5 c2cc13e9c1f37e06c8e1ca3fea977a06
SHA1 dbbe8bf572eabd8d8c865d3858b2ef722e135177
SHA256 3315992169722bdad02a4f3ff0a62f7089571e214423f0f7d19d589027ab4781
CRC32 54C13E42
ssdeep 192:Zy/O8yw4RlDEvHLgszgAHeouydXDChxiqEuf:8/O8yXRiLgszgAHeou9iqEuf
Yara None matched
VirusTotal Search for analysis
Name cf133fb712a7eedc_~wrs{ae3d10c4-a339-4d01-b687-c59d337492e1}.tmp
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{AE3D10C4-A339-4D01-B687-C59D337492E1}.tmp
Size 8.1KB
Processes 7388 (WINWORD.EXE)
Type data
MD5 d24b6b6e81ebf2eed81aa35c8fb6cea2
SHA1 5117c6d7bb2fde6a8685dbae911a32d2614ba0bf
SHA256 cf133fb712a7eedc2dc6f38b2525ecb1612b4ec17c6aefd30c7a73f705ed8b41
CRC32 1EBAFCC3
ssdeep 96:rPr8BIDvNJucVAHXs+1IXzNmqn+3D7qSYO6OO+hutKqE:rT8BIrNbARYr+3D7/YtEhD
Yara None matched
VirusTotal Search for analysis
Name 0877a3fc43a5f341_~wrs{c18cd420-21e6-4220-a36a-0c46c8dd7dd0}.tmp
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{C18CD420-21E6-4220-A36A-0C46C8DD7DD0}.tmp
Size 1.0KB
Processes 7388 (WINWORD.EXE)
Type dBase III DBT, version number 0, next free block index 7536653
MD5 28adf62789fd86c3d04877b2d607e000
SHA1 a62f70a7b17863e69759a6720e75fc80e12b46e6
SHA256 0877a3fc43a5f341429a26010ba4004162fa051783b31b8dd8056eca046cf9e2
CRC32 8E6A7128
ssdeep 3:Ghl/dlYdn:Gh2n
Yara None matched
VirusTotal Search for analysis
Name 32fb66d382711dab_index.dat
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Office\Recent\index.dat
Size 55.0B
Processes 7388 (WINWORD.EXE)
Type ASCII text, with CRLF line terminators
MD5 f4db0fbd68df5ce424edc9a63b513bef
SHA1 1fef2721e27a92711ab65fd3d6647f57ea76b8f5
SHA256 32fb66d382711dabd44ef32d622e5c073bb0941fdd82f4ddb5aa1af3eb0d7a37
CRC32 A0F2097D
ssdeep 3:bDuMJlbci71K9y:bCQV71K9y
Yara None matched
VirusTotal Search for analysis
Name a532d90befd673d7_~$afo.docx
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\~$afo.docx
Size 162.0B
Processes 7388 (WINWORD.EXE)
Type data
MD5 40dab173211e0823726e7172aade8db6
SHA1 24235fa8f284bea883b17a4f2bbd84d7dcedbe21
SHA256 a532d90befd673d78d2343c5bc133c095ecfcdff14efe3c1edde5f65c28522af
CRC32 6BAB56CA
ssdeep 3:yW2lWRdvL7YMlbK7lavMdll:y1lWnlxK77
Yara None matched
VirusTotal Search for analysis
Name 4826c0d860af884d_~wrs{f4f910bc-5b2e-4157-82b9-95ec742c9cdf}.tmp
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{F4F910BC-5B2E-4157-82B9-95EC742C9CDF}.tmp
Size 1.0KB
Processes 7388 (WINWORD.EXE)
Type data
MD5 5d4d94ee7e06bbb0af9584119797b23a
SHA1 dbb111419c704f116efa8e72471dd83e86e49677
SHA256 4826c0d860af884d3343ca6460b0006a7a2ce7dbccc4d743208585d997cc5fd1
CRC32 23C03491
ssdeep 3:ol3lYdn:4Wn
Yara None matched
VirusTotal Search for analysis
Name 5252f70dcff3bfcf_bit.do.url
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Office\Recent\bit.do.url
Size 40.0B
Processes 7388 (WINWORD.EXE)
Type MS Windows 95 Internet shortcut text (URL=<http://bit.do/>), ASCII text, with CRLF line terminators
MD5 63a65732e855916e4f980a14dff10293
SHA1 2b60cbf31f524a207f512dd9d3a208dc1abde286
SHA256 5252f70dcff3bfcfb5d7db4f8d53732250dc1161466b80d97671510dad35b073
CRC32 7DC0B149
ssdeep 3:HRAbABGQYm/hQ1A:HRYFVm/hd
Yara None matched
VirusTotal Search for analysis
Name bc21f83d32c32e2d_bit-do-url-shortener-logo-66x66[1].png
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\bit-do-url-shortener-logo-66x66[1].png
Size 4.0KB
Processes 7388 (WINWORD.EXE)
Type PNG image data, 66 x 66, 8-bit/color RGB, non-interlaced
MD5 bff83b87460c31c38fb192435b01665a
SHA1 b6004a258c93ed6258c2ccadc12329d31f81dd69
SHA256 bc21f83d32c32e2d174138ec2bb7bb6954c673f82a1e8dcbe49b8a50f3ed8167
CRC32 FCB2CBEB
ssdeep 96:hY23S/iHpyKEaEcR+q/mADBxAOZOuRSt+:hfSRIEc0A7Bxst+
Yara
  • PNG_Format_Zero - PNG Format
VirusTotal Search for analysis