popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 4d323b7ac27e6cd1_{89701694-c769-11eb-bde1-94de278c3274}.dat
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{89701694-C769-11EB-BDE1-94DE278C3274}.dat
Size 4.5KB
Processes 1756 (iexplore.exe)
Type Composite Document File V2 Document, Cannot read section info
MD5 853421df4c2d72b3d3598ae4ae201eb2
SHA1 d63d56cdfd77eaafe7dc545276af6378860c77f6
SHA256 4d323b7ac27e6cd1c2435a69ddb64fbd4aa5f17da23c0c527e37422aa342eaea
CRC32 33C007B5
ssdeep 12:rlxAFqvrEgm8GL7KFp1xrEgm8GT7qsANl26abax1NlYfRbaxNonwMi:rzvG8rxG8OANlIoNl0yyji
Yara
  • Microsoft_Office_File_Zero - Microsoft Office File
VirusTotal Search for analysis
Name ece7ed7b8411a727_ana[1].exe
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\ana[1].exe
Size 754.0KB
Processes 584 (iexplore.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 ed74a72fc3b7510936e9768cbf5d6fca
SHA1 1abf73b15e8acb123d6bdef4962a5996ac20d537
SHA256 ece7ed7b8411a7274b5f420a817d2347d29aef78b2ea2e94cc03c2b5792429ae
CRC32 2641090C
ssdeep 12288:4hPvTVp5Kswc9hRKlP5hlmHMAXmmKaT0tmqPy9df65:4hJLKuHRKysHmKaTCmqPm90
Yara
  • PE_Header_Zero - PE File Signature
  • Admin_Tool_IN_Zero - Admin Tool Sysinternals
  • anti_vm_detect - Possibly employs anti-virtualization techniques
  • Is_DotNET_EXE - (no description)
  • OS_Processor_Check_Zero - OS Processor Check
  • IsPE32 - (no description)
  • Malicious_Library_Zero - Malicious_Library
VirusTotal Search for analysis
Name fc78eb3a940e916b_recoverystore.{89701693-c769-11eb-bde1-94de278c3274}.dat
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{89701693-C769-11EB-BDE1-94DE278C3274}.dat
Size 5.0KB
Processes 1756 (iexplore.exe)
Type Composite Document File V2 Document, Cannot read section info
MD5 0cb8fe586d43b426a2c529e8291ee491
SHA1 b2708ef36c42ab724c1703b607ed8bd83a55fdb0
SHA256 fc78eb3a940e916b44a5dc532c2d49ad0dce8183b5d2a1c41f43aa2a06884050
CRC32 C44FFAA2
ssdeep 12:rlfF2/UrEg5+IaCrI0CI7eF28aTrEgmZ+IaCrI0CIc8GmRVOeMiqI771NlTqbaxq:rqs5/f8aTG5/k85jBM+NlW1pNlW1
Yara
  • Microsoft_Office_File_Zero - Microsoft Office File
VirusTotal Search for analysis