Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
09.20 01:09
setup.exe
09.20 11:09
3uTools.exe
09.20 11:09
66ecb4573225b_vsbhfdg1...
09.20 10:09
66ecb452ba19c_sfbdsgfd...
09.20 10:09
66ecb44c35444_vfdhsgdf...
09.20 10:09
66ec0e61998bf_setup30.exe
09.20 10:09
66ebf725efe38_lyla.exe
09.20 10:09
Desktop_Explorer.exe
09.20 10:09
66ec3528901bb_winupdat...
09.20 10:09
Inquiry-Dubai.js

Latest News
09.20 08:09
Farmers Look to AI-Pow...
09.20 08:09
Microsoft’s AI Power N...
09.20 08:09
Simplify NIS2 complian...
09.20 08:09
COBB Tuning Hit With $...
09.20 08:09
Iranian APT UNC1860 Li...
09.20 07:09
Sanofi’s Multiple Scle...
09.20 07:09
Dark Web Profile: Just...
09.20 07:09
[PASCON 2024-영상] 브로드컴 ...
09.20 07:09
독일 법 집행 기관 토르 브라우저(Tor...
09.20 07:09
[UPDATE] [hoch] CoreDN...

Dropped Files | ZeroBOX

Name	cdb8a35b197e7f1a_Vlcplayer.exe Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Vlcplayer.exe
Size	1.6MB
Type	PE32 executable (GUI) Intel 80386, for MS Windows, InstallShield self-extracting archive
MD5	`6b2715b3c6ce4879c41ea44a261bbdd0`
SHA1	`a7bdc73e107fe067e852eb70548b5508418ee5b6`
SHA256	`cdb8a35b197e7f1a6133e029ee861c525d915ffb60cef5af1ec52ee9628686b8`
CRC32	`CD4B343D`
ssdeep	`24576:y9btxEOMPVJ1BppR9q4aObWX5KK/p/mEncYT5ZllnoD+OgD0Idg/CNG6/HRP:yNNMNrBpZTNaJ/p/VncYT5Htoix0agw`
Yara	PE_Header_Zero - PE File Signature IsPE32 - (no description) Malicious_Library_Zero - Malicious_Library
VirusTotal	Search for analysis

Name	6bdba61e20d1fe2c_cercando.vssm Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\7ZipSfx.000\Cercando.vssm
Size	872.8KB
Processes	7032 (Vlcplayer.exe)
Type	data
MD5	`d2ae7744b36d1d34e19d5a98e8fbda40`
SHA1	`ee97af200fc8c32579df5a5b9ebeaaf30bd74409`
SHA256	`6bdba61e20d1fe2c8f0fb4d87a47a761703d45b52dfd677ebc52ab3dc6a4d10a`
CRC32	`B24C2208`
ssdeep	`12288:qpVWeOV7GtINsegA/hMyyzlcqikvAfcN9b2MyZa31twoPTdFxgawV2M01:qT3E53Myyzl0hMf1tr7Caw8M01`
Yara	OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	734dccf4825740d4_q Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\7ZipSfx.000\q
Size	1.3MB
Type	ASCII text, with very long lines, with CRLF, CR, LF line terminators
MD5	`ba3ee2c00b331b875d436cca8f8e8c58`
SHA1	`c5127bce89b7d1169ce5475fa1b8ef405b6590f7`
SHA256	`734dccf4825740d41736d58c9a6f4d6020b26fe5a1867070fb6e02ef77678bce`
CRC32	`7D2A085A`
ssdeep	`24576:YGgFgmdQmkmLm6m7mpmrmUm4MjZ/gzlYe1hdHdR/NpQ9qZS6LRJr4jZbm7b+xPav:Y2ojsAg8K`
Yara	None matched
VirusTotal	Search for analysis

Name	ddaacc189ff09c9c_Avvenne.vssm Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\7ZipSfx.000\Avvenne.vssm
Size	599.5KB
Processes	7032 (Vlcplayer.exe) 1660 (Distinte.exe.com)
Type	data
MD5	`abe205f54d82ee18b625acf5ad4f7d40`
SHA1	`92758c4d0762ac639e7b700dbff1f92e8ba9a3f0`
SHA256	`ddaacc189ff09c9cd42ae7c95fe4703311f5353740d3e44eb7bbcaed0c802cea`
CRC32	`38A4CF89`
ssdeep	`12288:lJ1zV6RZHNRjECqZUJcObaX242uEn109RgdyLJi7SUm5nAj/WtOkaY:lJ1B8tRBqSaObaXDEK/psm5ncaTl`
Yara	None matched
VirusTotal	Search for analysis

Name	e0780eb33e1defae_starne.vssm Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\7ZipSfx.000\Starne.vssm
Size	371.0B
Processes	7032 (Vlcplayer.exe)
Type	ASCII text, with CRLF line terminators
MD5	`283656cbb656abd2ae555697523f68a8`
SHA1	`3e4cbf51649c5a2b653bf9299ac52dba472c9309`
SHA256	`e0780eb33e1defae2f30880cf900bd7bfc605c0a6572f3b795e5fb26d9ab6d3f`
CRC32	`0CD33D25`
ssdeep	`6:jnAcsI9V1w++9kUvKHilpLZTw+jqBCnduWvNsh8P3FSp+w4w0RrhhhBbLZrCsLZP:TA63Jj2K2wWvT2I3Y+U0JxhS90n`
Yara	None matched
VirusTotal	Search for analysis

Name	85fae25bd139dcb0_7ZSfx000.cmd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\7ZSfx000.cmd
Size	193.0B
Processes	7032 (Vlcplayer.exe) 5352 (cmd.exe)
Type	ASCII text, with CRLF line terminators
MD5	`2f24bba197bdbde1966618a49246ae03`
SHA1	`236b49403dced994641f59e98ae8bd02836e0650`
SHA256	`85fae25bd139dcb0443402d6e0dc7b475a4b33b41ee37d6b2e70f77c20f8bbe4`
CRC32	`94E30E69`
ssdeep	`6:mRoiomQpcLJ23fLsMD2UmQpcLJ23fLa0WiomQpcLJ23fS3:mRoROLMDbOLMDaLROLM8`
Yara	None matched
VirusTotal	Search for analysis

Name	6027ba534dbf676d_thfdductaz.js Submit file
Filepath	C:\Users\test22\AppData\Roaming\AfHWXwPlgT\thFdDuctaz.js
Size	278.0B
Processes	1660 (Distinte.exe.com)
Type	ASCII text, with no line terminators
MD5	`c4fd2f08a25b475b369291b612c6bad3`
SHA1	`bce5d369dd85b4395e63bdb4752cf8c61969f8bd`
SHA256	`6027ba534dbf676db17ebb310c65f2341733e8d35edd7029cbef5f42850b140b`
CRC32	`93E3E242`
ssdeep	`6:5AKIH8CYM2h2sUS4tRZDbRXp+NI5oW/M6NbRXp+NI5oW/HWDbRXp+NI5oWBYJ/:5zS6R4t7vVD/M69VD/2vVDc`
Yara	None matched
VirusTotal	Search for analysis

Name	237d1bca6e056df5_eavqxqkjjg.exe.com Submit file
Filepath	C:\Users\test22\AppData\Roaming\AfHWXwPlgT\EAvqxQkjJG.exe.com
Size	872.7KB
Processes	1660 (Distinte.exe.com)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`c56b5f0201a3b3de53e561fe76912bfd`
SHA1	`2a4062e10a5de813f5688221dbeb3f3ff33eb417`
SHA256	`237d1bca6e056df5bb16a1216a434634109478f882d3b1d58344c801d184f95d`
CRC32	`76090EE7`
ssdeep	`12288:6pVWeOV7GtINsegA/hMyyzlcqikvAfcN9b2MyZa31twoPTdFxgawV2M01:6T3E53Myyzl0hMf1tr7Caw8M01`
Yara	PE_Header_Zero - PE File Signature OS_Processor_Check_Zero - OS Processor Check IsPE32 - (no description)
VirusTotal	Search for analysis