Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
04.29 05:04
tomcaterror.bmpqoq
04.29 04:04
qoq.ps1
04.29 04:04
Important_Document.pdf...
04.29 04:04
dllbase64reverse.txt.exe
04.29 10:04
RuntimeBroker.exe
04.29 10:04
2555d50c-0b7e-4aa3-8d8...
04.29 10:04
csr.bin
04.29 10:04
test.exe
04.29 10:04
FreePhotoShop%20Meme%2...
04.29 10:04
discord.exe

Latest News
04.30 06:04
Securing AI at the Cor...
04.30 06:04
RSAC 2025 executive in...
04.30 06:04
Role of Cyber Threat I...
04.30 06:04
RSAC 2025 executive in...
04.30 06:04
RASC 2025 executive in...
04.30 06:04
How AI Is Evolving Sec...
04.30 06:04
Super Micro Plunges Af...
04.30 06:04
Snap Falls After Warni...
04.30 05:04
Crossing Commodore Sig...
04.30 05:04
White House Calls Out ...

Dropped Files | ZeroBOX

Name	2f7479aa2661bd25_storage.dat Submit file
Filepath	C:\Users\test22\AppData\Roaming\017BD04F-B3BF-45B6-8167-9E8F41FF87BF\storage.dat
Size	320.1KB
Processes	4772 (vbv.exe)
Type	data
MD5	`2e52f446105fbf828e63cf808b721f9c`
SHA1	`5330e54f238f46dc04c1ac62b051db4fcd7416fb`
SHA256	`2f7479aa2661bd259747bc89106031c11b3a3f79f12190e7f19f5df65b7c15c8`
CRC32	`2AB2EA09`
ssdeep	`6144:oX44S90aTiB66x3PlZmqze1d1wI8lkWmtjJ/3Exi:LkjbU7LjGxi`
Yara	None matched
VirusTotal	Search for analysis

Name	9f9f9cb14af4b8a0_run.dat Submit file
Filepath	C:\Users\test22\AppData\Roaming\017BD04F-B3BF-45B6-8167-9E8F41FF87BF\run.dat
Size	8.0B
Processes	4772 (vbv.exe)
Type	data
MD5	`65497ddc7cb827ea541b6f0e8cfa497f`
SHA1	`01a784dd0fb7dbb66e4c12da2142a18497318bff`
SHA256	`9f9f9cb14af4b8a0962add96ee5856c56f97ff6b668758e4442937e7f00f9108`
CRC32	`E472BB9C`
ssdeep	`3:K3S:K3S`
Yara	None matched
VirusTotal	Search for analysis

Name	f825dd89181e7435_d93f411851d7c929.customDestinations-ms~RF16c33e6.TMP Submit file
Filepath	C:\Users\test22\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d93f411851d7c929.customDestinations-ms~RF16c33e6.TMP
Size	7.8KB
Processes	5192 (powershell.exe) 5540 (powershell.exe)
Type	data
MD5	`61d3b003e73f968491bb9de05318fcbd`
SHA1	`abb40732bf72a072c5b176449fdb8f1c56383e03`
SHA256	`f825dd89181e743525684aff8d99cc6d78046e461147c33b6f7a182b98c58ea9`
CRC32	`76116DE9`
ssdeep	`96:wtuCiGCPDXBqvsqvJCwoNtuCiGCPDXBqvsEHyqvJCworc7HwxGlUVul:wt7XoNt7bHnorXxY`
Yara	Antivirus - Contains references to security software
VirusTotal	Search for analysis

Name	dc3ae604991c9bb8_settings.bak Submit file
Filepath	C:\Users\test22\AppData\Roaming\017BD04F-B3BF-45B6-8167-9E8F41FF87BF\settings.bak
Size	24.0B
Type	data
MD5	`acd3fb4310417dc77fe06f15b0e353e6`
SHA1	`80e7002e655eb5765fdeb21114295cb96ad9d5eb`
SHA256	`dc3ae604991c9bb8ff8bc4502ae3d0db8a3317512c0f432490b103b89c1a4368`
CRC32	`0E770DA4`
ssdeep	`3:9bzY6oRDIvYk:RzWDI3`
Yara	None matched
VirusTotal	Search for analysis

Name	f8098a6290118f29_settings.bin Submit file
Filepath	C:\Users\test22\AppData\Roaming\017BD04F-B3BF-45B6-8167-9E8F41FF87BF\settings.bin
Size	40.0B
Processes	4772 (vbv.exe)
Type	data
MD5	`4e5e92e2369688041cc82ef9650eded2`
SHA1	`15e44f2f3194ee232b44e9684163b6f66472c862`
SHA256	`f8098a6290118f2944b9e7c842bd014377d45844379f863b00d54515a8a64b48`
CRC32	`C6B6460B`
ssdeep	`3:9bzY6oRDT6P2bfVn1:RzWDT621`
Yara	None matched
VirusTotal	Search for analysis

Name	aafc7b40c5fe680a_catalog.dat Submit file
Filepath	C:\Users\test22\AppData\Roaming\017BD04F-B3BF-45B6-8167-9E8F41FF87BF\catalog.dat
Size	232.0B
Processes	4772 (vbv.exe)
Type	data
MD5	`9e7d0351e4df94a9b0badceb6a9db963`
SHA1	`76c6a69b1c31cea2014d1fd1e222a3dd1e433005`
SHA256	`aafc7b40c5fe680a2bb549c3b90aabaac63163f74fffc0b00277c6bbff88b757`
CRC32	`695E297D`
ssdeep	`3:XrURGizD7cnRNGbgCFKRNX/pBK0jCV83ne+VdWPiKgmR7kkmefoeLBizbCuVkqYM:X4LDAnybgCFcps0OafmCYDlizZr/i/Oh`
Yara	None matched
VirusTotal	Search for analysis