Dropped Files | ZeroBOX

Name	06b913dd62dbc9b1_76b50b07.emf Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\76B50B07.emf
Size	4.9KB
Processes	1668 (WINWORD.EXE)
Type	Windows Enhanced Metafile (EMF) image data version 0x10000
MD5	`21328d6eaa23cd4e786d6c18ed931962`
SHA1	`18fc2e4aa4d7dd1122c5ba11f4f073cf27720678`
SHA256	`06b913dd62dbc9b1ae00ba33dd5bcd87e5efd5e2b56ebf7e2ea9fed37a91d5f6`
CRC32	`2C3ADA06`
ssdeep	`48:unhNY46sdBgD89t1Tb4HKKZX3Y6kpnydHk0azLUX:MY4jBvt1X6Y+EDS`
Yara	None matched
VirusTotal	Search for analysis

Name	4826c0d860af884d_~wrs{2e564ded-420c-49be-b85d-e70bdc89c3cf}.tmp Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{2E564DED-420C-49BE-B85D-E70BDC89C3CF}.tmp
Size	1.0KB
Processes	1668 (WINWORD.EXE)
Type	data
MD5	`5d4d94ee7e06bbb0af9584119797b23a`
SHA1	`dbb111419c704f116efa8e72471dd83e86e49677`
SHA256	`4826c0d860af884d3343ca6460b0006a7a2ce7dbccc4d743208585d997cc5fd1`
CRC32	`23C03491`
ssdeep	`3:ol3lYdn:4Wn`
Yara	None matched
VirusTotal	Search for analysis

Name	b09156fe3ffc80d5_~$normal.dotm Submit file
Filepath	C:\Users\test22\AppData\Roaming\Microsoft\Templates\~$Normal.dotm
Size	162.0B
Processes	1668 (WINWORD.EXE)
Type	data
MD5	`a08c99223d5a313568fe246eb09e3af2`
SHA1	`3c965e0f61c68c95daff1b498acf45bd5b2e2615`
SHA256	`b09156fe3ffc80d5c3b10dae0918643bb5e6c6959344d298a7c8ebb5e40cc7f4`
CRC32	`A20BD886`
ssdeep	`3:yW2lWRdvL7YMlbK7g7lxItNbkit/l3UHXa1R1:y1lWnlxK7ghqxrt/+HK1R`
Yara	None matched
VirusTotal	Search for analysis

Name	aa3f9b1d063eaa54_~$06_5212302001979.doc Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\~$06_5212302001979.doc
Size	162.0B
Processes	1668 (WINWORD.EXE)
Type	data
MD5	`9a7de8041615961a4abb707c9849c203`
SHA1	`3a62b1a99eb1a676c7e1117f7b42014845d7f215`
SHA256	`aa3f9b1d063eaa54bdbe58bd37a97563d6c0c04b8b52caae501d20a2719174db`
CRC32	`11DA10DF`
ssdeep	`3:yW2lWRdvL7YMlbK7g7lxItds9VUHXa1R1:y1lWnlxK7ghqdC+HK1R`
Yara	None matched
VirusTotal	Search for analysis