popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 5cc96109a0a3b1eb_{fb195ba2-e3a7-11eb-966a-94de278c3274}.dat
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{FB195BA2-E3A7-11EB-966A-94DE278C3274}.dat
Size 4.5KB
Processes 2580 (iexplore.exe)
Type Composite Document File V2 Document, Cannot read section info
MD5 55db018706826c06c9ec7092393c3eab
SHA1 077f9845287f7370212c68ee5c7aea16d997f757
SHA256 5cc96109a0a3b1eb412fba42547412616bd622b8ea83170382ab698924a6c22a
CRC32 34E2EFBF
ssdeep 12:rlxAFqrEgm8GL7KFSxrEgm8GL7qsANl26abax1NlAfRbaxJiua:rhG8CxG82ANlIoNlMoFa
Yara
  • Microsoft_Office_File_Zero - Microsoft Office File
VirusTotal Search for analysis
Name e8de87f78844ffc4_dl[1].php
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\dl[1].php
Size 996.0KB
Processes 2696 (iexplore.exe)
Type Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.3, MSI Installer, Last Printed: Fri Dec 11 11:47:44 2009, Create Time/Date: Fri Dec 11 11:47:44 2009, Last Saved Time/Date: Fri Dec 11 11:47:44 2009, Security: 0, Code page: 936, Revision Number: {DF7C0AAD-FF57-4243-B4E8-D96FD09BB1EB}, Number of Words: 2, Subject: CTH3VNU8KZHDXY6YYCF9YV8OXGPW3P2APZPL, Author: CTH3VNU8KZHDXY6YYCF9YV8OXGPW3P2APZPL, Name of Creating Application: Advanced Installer 16.5 build 8df7ad95, Template: ;2052, Comments: CTH3VNU8KZHDXY6YYCF9YV8OXGPW3P2APZPL , Title: Installation Database, Keywords: Installer, MSI, Database, Number of Pages: 200
MD5 6b68ec30072b45921be6b1189c80dba3
SHA1 ed3951de3575d168d7c515795f106ee6f1a6057a
SHA256 e8de87f78844ffc44910d79f6224e15e4e0007aa631cc8f87da8528d24054137
CRC32 3B1213A2
ssdeep 24576:w/aBqnGIQ5M6DLrVVdWG859GCHrSoUzLyaVtFUl:w/8lrXVVdWX59GUrSLzeaVtFU
Yara
  • Microsoft_Office_File_Zero - Microsoft Office File
  • OS_Processor_Check_Zero - OS Processor Check
  • Win32_Trojan_Gen_2_0904B0_Zero - Win32 Trojan Gen
VirusTotal Search for analysis
Name fd5c508e19017e53_recoverystore.{fb195ba1-e3a7-11eb-966a-94de278c3274}.dat
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{FB195BA1-E3A7-11EB-966A-94DE278C3274}.dat
Size 5.0KB
Processes 2580 (iexplore.exe)
Type Composite Document File V2 Document, Cannot read section info
MD5 fa0b2d105d1bc1e5d3b6deeac67ba370
SHA1 c46137bfd42f1cb10bd0eb0afb1754011eb09ba2
SHA256 fd5c508e19017e53f15247b03ab33ce641957a1724048386ac49bbe298a55875
CRC32 4F1DE629
ssdeep 12:rlfF2UCrEg5+IaCrI0CI7eF2UfTrEgmZ+IaCrI0CIc8GmRVOeMiqI771NlTqbaxI:rql5/fUfTG5/k85jBM+NlWvNlW
Yara
  • Microsoft_Office_File_Zero - Microsoft Office File
VirusTotal Search for analysis