Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
09.20 01:09
setup.exe
09.20 11:09
3uTools.exe
09.20 11:09
66ecb4573225b_vsbhfdg1...
09.20 10:09
66ecb452ba19c_sfbdsgfd...
09.20 10:09
66ecb44c35444_vfdhsgdf...
09.20 10:09
66ec0e61998bf_setup30.exe
09.20 10:09
66ebf725efe38_lyla.exe
09.20 10:09
Desktop_Explorer.exe
09.20 10:09
66ec3528901bb_winupdat...
09.20 10:09
Inquiry-Dubai.js

Latest News
09.20 08:09
Farmers Look to AI-Pow...
09.20 08:09
Microsoft’s AI Power N...
09.20 08:09
Simplify NIS2 complian...
09.20 08:09
COBB Tuning Hit With $...
09.20 08:09
Iranian APT UNC1860 Li...
09.20 07:09
Sanofi’s Multiple Scle...
09.20 07:09
Dark Web Profile: Just...
09.20 07:09
[PASCON 2024-영상] 브로드컴 ...
09.20 07:09
독일 법 집행 기관 토르 브라우저(Tor...
09.20 07:09
[UPDATE] [hoch] CoreDN...

Dropped Files | ZeroBOX

Name	eea0f064af6e7b61_cljgkpouw.exe Submit file
Filepath	C:\Users\test22\AppData\Roaming\CLJgKpOuw.exe
Size	499.5KB
Processes	1108 (svchoster.exe)
Type	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5	`9750dee05b47f072e5975895dcf61ae5`
SHA1	`95f456ae508245b4c6891ad1c847227d0c012d90`
SHA256	`eea0f064af6e7b61e19ff9ade76eead562f5d3933d52c5cc7f2f5721d81b8c3d`
CRC32	`3DFD3459`
ssdeep	`12288:qhBSAd7kDsfDQMZUVCfdtZqJq2QJoWr0p/zsq5X6NGmBx:qhBSo7kDsWiCKouEB6N`
Yara	Win32_Trojan_PWS_Net_1_Zero - Win32 Trojan PWS .NET Azorult PE_Header_Zero - PE File Signature Is_DotNET_EXE - (no description) Malicious_Packer_Zero - Malicious Packer IsPE32 - (no description)
VirusTotal	Search for analysis

Name	89c5a97549977323_tmpE5A6.tmp Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\tmpE5A6.tmp
Size	1.6KB
Processes	1108 (svchoster.exe)
Type	XML 1.0 document, ASCII text, with CRLF line terminators
MD5	`a8e9bd72d180989f91fc66e152ed0c9e`
SHA1	`8dd0a695fda35e8b71300bd177c93ce08c69b65d`
SHA256	`89c5a975499773232e1794479d248ec79e974d050ea1781b9b4520e89422e85d`
CRC32	`734CA6D1`
ssdeep	`24:2dH4+SEqCH/7IlNMFQ/rlMhEMjnGpwjpIgUYODOLD9RJh7h8gKB2tn:cbhf7IlNQQ/rydbz9I3YODOLNdq3e`
Yara	None matched
VirusTotal	Search for analysis

Name	58e0db6553a7e8b1_run.dat Submit file
Filepath	C:\Users\test22\AppData\Roaming\017BD04F-B3BF-45B6-8167-9E8F41FF87BF\run.dat
Size	8.0B
Processes	2908 (svchoster.exe)
Type	Non-ISO extended-ASCII text, with no line terminators
MD5	`8d4420deeefa1e8b9dc5f448830848e4`
SHA1	`1bd4e69cfe800b7f71376987cd5cf6d53407a008`
SHA256	`58e0db6553a7e8b14d684c04ff73f860cf9c355ca849be23c4ab0a8299f9255f`
CRC32	`07B66BBF`
ssdeep	`3:8n:8n`
Yara	None matched
VirusTotal	Search for analysis

Name	886d2b983fb41a89_task.dat Submit file
Filepath	C:\Users\test22\AppData\Roaming\017BD04F-B3BF-45B6-8167-9E8F41FF87BF\task.dat
Size	48.0B
Processes	2908 (svchoster.exe)
Type	ASCII text, with no line terminators
MD5	`29e2d8cf27b22533cffde7d8f7dfdf30`
SHA1	`0eeff510d1a523c30f838faf0e88208df745cb21`
SHA256	`886d2b983fb41a89c08accf37e0331c82b7ee25261f6ee6ef3fbc64d683df390`
CRC32	`A8ABB154`
ssdeep	`3:oNmWxpcL4E2J5xAIZcbAC:oNmQpcLJ23fObAC`
Yara	None matched
VirusTotal	Search for analysis

Name	7c5aad6d0f49d9fa_tmpEA68.tmp Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\tmpEA68.tmp
Size	1.3KB
Processes	2908 (svchoster.exe)
Type	XML 1.0 document, ASCII text, with CRLF line terminators
MD5	`85366852d0ec06562376bde2c6e87cc9`
SHA1	`ba1da950c964b29261d42844ac508579ade2b3d0`
SHA256	`7c5aad6d0f49d9fa519233eed99091926aa352cc840d76bb006d19e5b63e56ef`
CRC32	`1F8BB525`
ssdeep	`24:2dH4+S/4oL600QlMhEMjn5pwjVLUYODOLG9RJh7h8gK0Zu5xtn:cbk4oL600QydbQxIYODOLedq3Yyj`
Yara	None matched
VirusTotal	Search for analysis