Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
09.21 02:09
l6E.exe
09.20 01:09
setup.exe
09.20 11:09
3uTools.exe
09.20 11:09
66ecb4573225b_vsbhfdg1...
09.20 10:09
66ecb452ba19c_sfbdsgfd...
09.20 10:09
66ecb44c35444_vfdhsgdf...
09.20 10:09
66ec0e61998bf_setup30.exe
09.20 10:09
66ebf725efe38_lyla.exe
09.20 10:09
Desktop_Explorer.exe
09.20 10:09
66ec3528901bb_winupdat...

Latest News
09.21 03:09
Fixing an Elgato HD60 ...
09.21 02:09
Google Faces EU Ultima...
09.21 02:09
This New Video Game Is...
09.21 02:09
FTC finds social media...
09.21 02:09
FTC finds social media...
09.21 01:09
Automate detection and...
09.21 01:09
Hackaday Podcast Episo...
09.21 01:09
The Russian Bot Army T...
09.21 01:09
Australia’s Labor Part...
09.21 12:09
Inviting the Public to...

Dropped Files | ZeroBOX

Name	7b6b4f0ac5683819_TextTransforms.exe Submit file
Filepath	C:\Users\test22\AppData\Roaming\Microsoft\VsGraphics\VisualStudio Graphics\TextTransforms.exe
Size	433.8KB
Processes	2612 (cscript.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`1cdf485cb93f397d359f4afefac68796`
SHA1	`7b0d28b24a611e03dc094186503c6639c2d74f8f`
SHA256	`7b6b4f0ac5683819ea4a2a1e977acbd819fde1575326eb7d0cd406149bc58a91`
CRC32	`501144A7`
ssdeep	`12288:9crNS33L10QdrXP/X+tGfncdEETF8hya4C:ANA3R5drXPrfcihV`
Yara	IsPE32 - (no description) PE_Header_Zero - PE File Signature OS_Processor_Check_Zero - OS Processor Check UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	5040e025c7202add_doublesidepassport.jpg Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\DoublesidePassport.jpg
Size	148.9KB
Processes	2052 (cscript.exe)
Type	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 589x802, frames 3
MD5	`c1f2a86f667992ae54aedb9afecbe12d`
SHA1	`eb8e7fc32fa2ce81a22f6d4e6100cf77ed7809f6`
SHA256	`5040e025c7202add71584a89f05b19e6b3dfffc337e546e91c2573d1399b516e`
CRC32	`0F51DB2D`
ssdeep	`3072:KUIearrVLDr6XKC2YmgYqgpuyckt9qDvawB0ZW3qz:wrrVXYR0u5k2BeW3m`
Yara	JPEG_Format_Zero - JPEG Format
VirusTotal	Search for analysis

Name	c16824a585c9a773_aria-debug-5070.log Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\aria-debug-5070.log
Size	18.6KB
Processes	3044 (mshta.exe) 2052 (cscript.exe)
Type	ASCII text, with very long lines, with CRLF line terminators
MD5	`ab8f5c15a49b5fb4ec0f23dbbdb3d1af`
SHA1	`7ba51b82e01da0249046c9408b14e8364c4c145d`
SHA256	`c16824a585c9a77332fc16357b5e00fc110c00535480e9495c627f656bb60f24`
CRC32	`7931F0AC`
ssdeep	`384:xxPEXCPYCxsoU3bkUCfxPRiHfuyZPqZ/PN3nbZ:xx4CLsRLkpe2gmBnbZ`
Yara	None matched
VirusTotal	Search for analysis

Name	b96193a5aac3e257_test.cmD Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\test.cmD
Size	27.0B
Type	ASCII text, with no line terminators
MD5	`bfaa1385c1145d406f020de739acf559`
SHA1	`41d9f42078ac1320e0861748f44079fcad38cee2`
SHA256	`b96193a5aac3e257c9b4cd7bba267599b471fd6537c055f7d5c6f6c5b2d616ba`
CRC32	`3687FB80`
ssdeep	`3:YAphEFidHn:7hvF`
Yara	None matched
VirusTotal	Search for analysis

Name	b60ae30ba90f852f_img.dat Submit file
Filepath	C:\Users\test22\img.dat
Size	629.1KB
Type	MS Windows shortcut, Item id list present, Has Relative path, Has command line arguments, Icon number=0, Archive, ctime=Mon Feb 12 21:29:00 2018, mtime=Mon Feb 12 21:29:00 2018, atime=Mon Feb 12 21:29:00 2018, length=345088, window=hidenormalshowminimized
MD5	`041cc53c6152bc5ac0ada6fb7cb12bb4`
SHA1	`4db1413ced5d050a27aeb9ebae40fe8e65198b7b`
SHA256	`b60ae30ba90f852f886bb4e9aaabe910add2b70278e3a88a3b7968f644e10554`
CRC32	`54CDBD97`
ssdeep	`12288:0v2z5cBrqDwCZCFAOmjz2DDs/JqxUQCIrGUh/jo:0v8GBrSJsyx/7GNq`
Yara	Lnk_Format_Zero - LNK Format
VirusTotal	Search for analysis