popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 87123655d800e60f_snapshot.jpg
Submit file
Filepath C:\Users\test22\AppData\Roaming\EdgeCP\snapshot.jpg
Size 23.0KB
Processes 540 (MicrosoftEdgeCPS.exe)
Type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1024x768, frames 3
MD5 8027ddb8a656bba2eee35b293b2d7e6a
SHA1 4b961b7907862405d914cb570a6f8422954018ad
SHA256 87123655d800e60febbbb089dae0f04ae1b32aa24cbbd94b20860f6dd1f3a37d
CRC32 B1186A4E
ssdeep 384:0JaAaAIDjWFO3/vqcZdEydk4IEKbcEDLodsXz:0AKInWUPvxlNAdD
Yara
  • JPEG_Format_Zero - JPEG Format
VirusTotal Search for analysis
Name 47b1ad8af17d2109_snapshot.jpg
Submit file
Filepath C:\Users\test22\AppData\Roaming\EdgeCP\snapshot.jpg
Size 23.0KB
Processes 540 (MicrosoftEdgeCPS.exe)
Type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1024x768, frames 3
MD5 7abd15dc0c9045519b475509bb7c8657
SHA1 73270c7937db50ee047358d5c3fc75d56fa65774
SHA256 47b1ad8af17d210990679789f003b31b433b066a8bbc20db9413b6e9239ef5cb
CRC32 04D34810
ssdeep 384:0JaAaAIDjWFO3/vqcZdEydk4IEKbcEX6DGsvXCIrL:0AKInWUPvxlNAMDGs/BrL
Yara
  • JPEG_Format_Zero - JPEG Format
VirusTotal Search for analysis
Name 7946cd5968e1a891_tmpshot.bmp
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\tmpshot.bmp
Size 2.3MB
Processes 540 (MicrosoftEdgeCPS.exe)
Type PC bitmap, Windows 3.x format, 1024 x 768 x 24
MD5 f8c73a77fef4f7e79004fef6f30f4be5
SHA1 b40d7f5423c9aa0c303159124e5f4815e2acf817
SHA256 7946cd5968e1a8916b23fb3835413c793507a4fba93aa115d6b959b564cf590b
CRC32 559E67FB
ssdeep 1536:D1zhUpsBgfD0/Sl9GtEVhw717i3wwlrjKdx/bK4lNCv7X6SikvjcM/Zrp:di7X4srp
Yara None matched
VirusTotal Search for analysis
Name afef0bea5a3315f2_tmpshot.bmp
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\tmpshot.bmp
Size 2.3MB
Processes 540 (MicrosoftEdgeCPS.exe)
Type PC bitmap, Windows 3.x format, 1024 x 768 x 24
MD5 8bfbeaef71b713fab042aac9f5c15173
SHA1 2949e94cc51052de178315f46e58315b0fb67943
SHA256 afef0bea5a3315f29d2bc2fd995b31ae0c96fd467684d60494fbb5d88aa77e33
CRC32 09A4DE97
ssdeep 1536:D1zhUpsBgfD0/Sl9GtEVhw717ij3wh3QZrXgbK4lNCv7X6SikvjcM/Zrp:d87X4srp
Yara None matched
VirusTotal Search for analysis
Name 34efb933941188ce_microsoftedgecps.lnk
Submit file
Filepath C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MicrosoftEdgeCPS.lnk
Size 937.0B
Processes 540 (MicrosoftEdgeCPS.exe)
Type MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Hidden, ctime=Mon Jun 28 19:50:14 2021, mtime=Mon Jun 28 19:50:14 2021, atime=Thu Aug 6 20:04:03 2020, length=208384, window=hide
MD5 dfd0d76e8529ab0ad1862feed318a6e9
SHA1 ff9addd12213de28ae791b02de8fd56789acc6ea
SHA256 34efb933941188ced04c449cc8ae1acce771fa194873d979897fa5e8e7509b95
CRC32 EA7BE43C
ssdeep 12:8AAK4cZCrR8EvSEUfcOSLkUJ37kgi8T60jCizCCOLAH36B4/MJ1wb08Eg7YzYh:8/sERd0cnB1TjzN563IEO08
Yara
  • Lnk_Format_Zero - LNK Format
VirusTotal Search for analysis
Name df74b997137fec63_1.log
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\1.log
Size 121.0B
Processes 2988 (MicrosoftEdgeCPS.exe)
Type ASCII text, with CRLF line terminators
MD5 4f7d90f045ae07792fb8d76bce925854
SHA1 c39b2866368f2c88c1865aa5577792bd2fb8bfe5
SHA256 df74b997137fec63589828cafa9df9bfe272b330ffb8743fa4db79096a0fdc34
CRC32 64049E9B
ssdeep 3:q8CJGEIUEF7eSAMzr+WABEImBzEWVAZGXhRAJ1zKIC9iov:hCyUEZNiWSmBzNmeRAHCh
Yara None matched
VirusTotal Search for analysis
Name b2b0bc897639a2c1_id.conf
Submit file
Filepath C:\Users\test22\AppData\Roaming\EdgeCP\id.conf
Size 12.0B
Processes 540 (MicrosoftEdgeCPS.exe)
Type ASCII text, with no line terminators
MD5 9a7723a26ddd930cfe34c8195844de2c
SHA1 04c000dbe90f4856d21c2bb77be91eaa35d31863
SHA256 b2b0bc897639a2c16d35ae0c8d8aae1cd8aa8956e423d17c8de5391e19ef53c8
CRC32 4753C069
ssdeep 3:hGFk:Kk
Yara None matched
VirusTotal Search for analysis
Name 57df56c1be46da00_wallet.conf
Submit file
Filepath C:\Users\test22\AppData\Roaming\EdgeCP\wallet.conf
Size 361.0B
Processes 540 (MicrosoftEdgeCPS.exe)
Type ASCII text, with very long lines, with no line terminators
MD5 69bf7238c8e32793411515d8ca5926a9
SHA1 d6918bcceab927a036b760a82cadd340d83b8ed1
SHA256 57df56c1be46da0057f1afe0147ac7a700fa4df393bf0b31cabd158939d1cb66
CRC32 16FA6644
ssdeep 6:79PpwZz3mmBvRRAYC4fGoC7EEWeQuVqL2pcEnPP/JKS2YvOZaULCEGsHB:79cz3HpRq4BQEEd1VkJEPPxJBvOzlh
Yara None matched
VirusTotal Search for analysis
Name cf11d6b3c18d4c02_J5U82QF3KV3RHEFL84E0.temp
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\J5U82QF3KV3RHEFL84E0.temp
Size 7.8KB
Processes 1756 (powershell.exe)
Type data
MD5 f2f5505600e2895c007b3ff3cfe3d4aa
SHA1 f0235a3c8056872d55eeef803d1bc33bac37a753
SHA256 cf11d6b3c18d4c02466b670bcb0394ac49382e6a87ad58d2561f2660922b586c
CRC32 9AF5ED3C
ssdeep 96:EtuCojGCPDXBqvsqvJCwoJtuCojGCPDXBqvsEHyqvJCworc7HwxGlUVul:Etu6XoJtu6bHnorXxY
Yara
  • Antivirus - Contains references to security software
VirusTotal Search for analysis
Name f0d5d648196be621_microsoftedgecps.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\microsoftedgecps.exe
Size 203.5KB
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 b2600237508f0a8e5ca2c5c80018eaca
SHA1 fb0f99da30c9e93149eadaca1a0bb3c9169e05ac
SHA256 f0d5d648196be621082563732760402a0d8bb78629f0beb6b2e5386ed53a5976
CRC32 689CB37B
ssdeep 6144:SnSNM0tFUkfgEYxE91e/QkqCh+FjvTBir+:SSN3zgpxooF3h+FjvTo6
Yara
  • Antivirus - Contains references to security software
  • IsPE32 - (no description)
  • PE_Header_Zero - PE File Signature
VirusTotal Search for analysis