Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
11.15 01:11
wwbizsrvs.exe
11.15 01:11
op.exe
11.15 01:11
msf.exe
11.15 01:11
lum250.exe
11.15 01:11
msf443.exe
11.13 04:11
hello.exe
11.13 03:11
espsemhvcioff.exe
11.13 02:11
Geek_se.exe
11.13 02:11
cred64.dll
11.13 02:11
svhost.exe

Latest News
11.16 07:11
(g+) Datenschutz: Spor...
11.16 06:11
티오더, 메뉴 사진 무료 촬영 서비스 진행
11.16 06:11
WiFi Status Indicator ...
11.16 06:11
PAN-OS Firewall Vulner...
11.16 06:11
Dahua und Delo vereine...
11.16 05:11
NSO 그룹, 소송 중에도 ‘페가수스’로...
11.16 04:11
Warning: DEEPDATA Malw...
11.16 03:11
It’s a Soldering Iron!...
11.16 12:11
Critical Unauthenticat...
11.16 12:11
BASIC Co-Inventor Thom...

Dropped Files | ZeroBOX

Name	269ad9c64667ee83_401k-statement.pdf.jar Submit file
Filepath	C:\Users\test22\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\401k-statement.PDF.jar
Size	96.0KB
Processes	2768 (java.exe)
Type	Zip archive data, at least v2.0 to extract
MD5	`00c6403b831a9a510743b7cb1f3edc62`
SHA1	`83cb65673aa680082875b7795d71a3923142adeb`
SHA256	`269ad9c64667ee8349c77e0917b256ec7b16cd256f02ba3fc7258b844a9742db`
CRC32	`02CC55DA`
ssdeep	`3072:g6XYBrmewh+tsLXyGZiv/JAlPu7HYnelp5BVHJ:g6QrmXXFIv/+YYeXLH`
Yara	None matched
VirusTotal	Search for analysis

Name	e3b0c44298fc1c14_jna1290802162164290034.dll.x Empty file or file not found
Filepath	C:\Users\test22\AppData\Local\Temp\jna--877171118\jna1290802162164290034.dll.x
Size	0.0B
Type	empty
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
CRC32	`00000000`
ssdeep	`3::`
Yara	None matched
VirusTotal	Search for analysis

Name	2eae3dea1c3dde61_sqlite-jdbc-3.14.2.1.jar Submit file
Filepath	C:\Users\test22\AppData\Roaming\lib\sqlite-jdbc-3.14.2.1.jar
Size	4.1MB
Processes	2768 (java.exe)
Type	Zip archive data, at least v1.0 to extract
MD5	`b33387e15ab150a7bf560abdc73c3bec`
SHA1	`66b8075784131f578ef893fd7674273f709b9a4c`
SHA256	`2eae3dea1c3dde6104c49f9601074b6038ff6abcf3be23f4b56f6720a4f6a491`
CRC32	`36EC8856`
ssdeep	`98304:czJoX0izQbrabWo2MxgErRYxFOY8IsFWyTIiTIzMpca:cJoXHQKW9MxRr8wZZsikzMaa`
Yara	NPKI_Zero - File included NPKI
VirusTotal	Search for analysis

Name	b308faebfe4ed409_jna-5.5.0.jar Submit file
Filepath	C:\Users\test22\AppData\Roaming\lib\jna-5.5.0.jar
Size	1.4MB
Processes	2768 (java.exe)
Type	Java archive data (JAR)
MD5	`acfb5b5fd9ee10bf69497792fd469f85`
SHA1	`0e0845217c4907822403912ad6828d8e0b256208`
SHA256	`b308faebfe4ed409de8410e0a632d164b2126b035f6eacff968d3908cafb4d9e`
CRC32	`ADCAF72A`
ssdeep	`24576:BggLnybolJdaW+864NkqCUer8N7sSFOaj5lWOEMIKk6idJRWPTgzq3bICEz2lFO:BTnybo9aW+L5qCUO0xsiMPZrJgPLLIO6`
Yara	None matched
VirusTotal	Search for analysis

Name	2ddda8af6faef8bd_system-hook-3.5.jar Submit file
Filepath	c:\users\test22\lib\system-hook-3.5.jar
Size	772.7KB
Processes	1936 (java.exe)
Type	Zip archive data, at least v1.0 to extract
MD5	`e1aa38a1e78a76a6de73efae136cdb3a`
SHA1	`c463da71871f780b2e2e5dba115d43953b537daf`
SHA256	`2ddda8af6faef8bde46acf43ec546603180bcf8dcb2e5591fff8ac9cd30b5609`
CRC32	`9D0119ED`
ssdeep	`24576:IhCFW8WXvOsWW9XGmvcVfkfTnzrLvadKPpv:IhCYWstW202t`
Yara	None matched
VirusTotal	Search for analysis

Name	04c9a8ab43d1eb61_jna1290802162164290034.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\jna--877171118\jna1290802162164290034.dll
Size	203.0KB
Processes	2768 (java.exe)
Type	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5	`28d895a3cb7e9a0b6a5ae5ed6a62b254`
SHA1	`703d8604a8d04d29c52c0ebcde1e86f3bc8ff824`
SHA256	`04c9a8ab43d1eb616b84d0686c8ae1d881ef03fe4f3aa26511e5b19d35ef16af`
CRC32	`6BF047D1`
ssdeep	`3072:q9LCZdSWDLC2L5THvPEFKESxLBaj+EdyfWC0EHxvNVmvXsNGpqqqYrZG:VDvL5TQdndmkvXsNGpqOFG`
Yara	PE_Header_Zero - PE File Signature OS_Processor_Check_Zero - OS Processor Check IsDLL - (no description) Malicious_Library_Zero - Malicious_Library IsPE32 - (no description)
VirusTotal	Search for analysis

Name	24d81621f82ac29f_jna-platform-5.5.0.jar Submit file
Filepath	C:\Users\test22\AppData\Roaming\lib\jna-platform-5.5.0.jar
Size	2.6MB
Processes	2768 (java.exe)
Type	Java archive data (JAR)
MD5	`2f4a99c2758e72ee2b59a73586a2322f`
SHA1	`af38e7c4d0fc73c23ecd785443705bfdee5b90bf`
SHA256	`24d81621f82ac29fcdd9a74116031f5907a2343158e616f4573bbfa2434ae0d5`
CRC32	`9E273BAB`
ssdeep	`24576:DyciOooDbK7Yw1J75n4BP/NtK2ov3mhDR6:3iOLDOZJ75nwtK2ovWh8`
Yara	OS_Processor_Check_Zero - OS Processor Check Malicious_Library_Zero - Malicious_Library Malicious_Packer_Zero - Malicious Packer
VirusTotal	Search for analysis

Name	175096f5cb356918_cce3fe3b0d8d805f.timestamp Submit file
Filepath	C:\ProgramData\Oracle\Java\.oracle_jre_usage\cce3fe3b0d8d805f.timestamp
Size	57.0B
Processes	1936 (java.exe) 2160 (java.exe) 2768 (java.exe) 3020 (java.exe)
Type	ASCII text, with CRLF line terminators
MD5	`197f2d41925510b16d3a35b4d854e94e`
SHA1	`5ba28f04e1f14f889d40e1c4d8f13f5d4a62ae21`
SHA256	`175096f5cb3569189e61cea28a27e2d76bb015cc89521a42a67d4fe5e60e8e2b`
CRC32	`C479E00F`
ssdeep	`3:oFj4I5vpN372NXw:oJ5X3726`
Yara	None matched
VirusTotal	Search for analysis