popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 03b7e264915f482c_vb.vbs
Submit file
Filepath C:\Users\Public\vb.vbs
Size 495.0B
Processes 660 (powershell.exe)
Type ASCII text, with CRLF line terminators
MD5 9f2515682a9f34a68bfe247947b4f9db
SHA1 7141c3f4a29998c7665d1e5ccef316e11f0204e9
SHA256 03b7e264915f482ca3499e842e8e71a2186c67f067adbd222059302da7b320f7
CRC32 8248DBA8
ssdeep 12:SlIDnIQqovvb/gZETeLVkJVhlIDnIRpTqovvb/gZETeF:S6LIQTr/QLVIh6LIR9r/QF
Yara
  • Antivirus - Contains references to security software
VirusTotal Search for analysis
Name 76e20cb044db745f_run.ps1
Submit file
Filepath C:\Users\Public\run.ps1
Size 559.0B
Processes 660 (powershell.exe)
Type ASCII text, with CRLF line terminators
MD5 63bd7cfab54d73ab1f873d14630c13f5
SHA1 5a0e987f8e6b896d3aaf7f3cd4111a839728fa27
SHA256 76e20cb044db745f7065bff4d5bb09c16d83ca1d17f615fa2e41e1d68f1cde17
CRC32 9BC4B99C
ssdeep 12:/TLktkEqgIKqAAZ6d33Y9s8AV/jR1aEM/WVHQW1iUuk6c7/V0IwhEx:/TLiD1qAAo7za1/4weR7/VHwhQ
Yara None matched
VirusTotal Search for analysis
Name 049d229c448e844e_alosh.ps1
Submit file
Filepath C:\Users\Public\alosh.ps1
Size 12.5KB
Processes 660 (powershell.exe)
Type ASCII text, with CRLF line terminators
MD5 199afc572f448386b8a72f872b64778c
SHA1 012a4e164be0c2b67a58b149e8a4ae48b929e323
SHA256 049d229c448e844e1e6d7e30478d986f549c05471764db32ee349f494c3e1314
CRC32 79EE6F64
ssdeep 384:PyM1vXMlK1iMT758EMd43++2MfbMHMMnMjM+:/1xc43Lh
Yara None matched
VirusTotal Search for analysis
Name 1eb427aeda3a97da_onedrive.vbs
Submit file
Filepath C:\Users\Public\OneDrive.vbs
Size 402.0B
Processes 660 (powershell.exe)
Type ASCII text, with CRLF line terminators
MD5 383ad622465452db9b44b093c4e8af01
SHA1 331cdb58b39157cfa5ffd51b9f1cb4d04c950323
SHA256 1eb427aeda3a97daa9a7266cbf38ab33eb03a96314f6dd954f238b8e30991d59
CRC32 85053F70
ssdeep 6:SltaHy6/CnIvWovBgVQd9Rc1aHbXO2ykpMs6LTCS7XkwTyd+5Udyv:SlIj6nI+ovBQQppMsgZVTyd+fv
Yara
  • Antivirus - Contains references to security software
VirusTotal Search for analysis
Name febb4719018181cf_Chrome.vbs
Submit file
Filepath C:\Users\Public\Chrome.vbs
Size 236.0B
Processes 660 (powershell.exe)
Type ASCII text, with CRLF line terminators
MD5 21f92edee2af4bc216319db004fbdaa1
SHA1 8fc7189f67b102fb5597f85eaad8e19f46072cc2
SHA256 febb4719018181cf1dc5ed66812439e8c0a8b982a18c2e77354986804b71c1fa
CRC32 69A333F4
ssdeep 6:SltaH+6nIvEMuovv9Rc1aHbXO2go6LTCSrwTeos:SlIDnI8Dovvb/gZETeF
Yara
  • Antivirus - Contains references to security software
VirusTotal Search for analysis
Name 567f60275a6ebdd4_d93f411851d7c929.customDestinations-ms~RFcc9421.TMP
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d93f411851d7c929.customDestinations-ms~RFcc9421.TMP
Size 7.8KB
Processes 660 (powershell.exe) 1808 (powershell.exe)
Type data
MD5 874c255c82669c27665355e2aa348971
SHA1 4adc2f236ea01bdfe846ad6e5f10a3abe9a4312b
SHA256 567f60275a6ebdd4f8b5fa6cbf8d00a7d4559cf3b4d8b3417dc827f02a0ce9f1
CRC32 7B1523E4
ssdeep 96:RutuCUXGCPDXBqvsqvJCwo+utuCUXGCPDXBqvsEHyqvJCworSj7Hwxf2lUVul:Uti2Xoxti2bHnor/xQ
Yara
  • Antivirus - Contains references to security software
VirusTotal Search for analysis
Name e3b0c44298fc1c14_windows.ps1
Empty file or file not found
Filepath C:\Users\Public\windows.ps1
Size 0.0B
Type empty
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
CRC32 00000000
ssdeep 3::
Yara None matched
VirusTotal Search for analysis
Name 085d7b1ddbc1e548_test.ps1
Submit file
Filepath C:\Users\Public\test.ps1
Size 137.0B
Processes 660 (powershell.exe)
Type ASCII text, with CRLF line terminators
MD5 9fc4a28e7fd5f176154b166160f848fb
SHA1 7739faff27a803dbbf84b50aa50d499d6e348bd0
SHA256 085d7b1ddbc1e54891512750d33c79e60ffad2ec5be6cbbacb6232404b0b8709
CRC32 6D2A3892
ssdeep 3:I+ICceGAFddGeWLCX2H/CceGAFddGeWLqFVJALJJLNoU/CceGAFddGeWLqFyhrvn:IPeGgdEYueGgdEEFXA9noUteGgdEEFyB
Yara
  • Antivirus - Contains references to security software
VirusTotal Search for analysis