Dropped Files | ZeroBOX

Name	1bb4d8be31989499_~$24_5462188871.doc Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\~$24_5462188871.doc
Size	162.0B
Processes	2460 (WINWORD.EXE)
Type	data
MD5	`0e604c572a94a7895dc17ed5b5ba80c2`
SHA1	`2d6fc5bd6919aa3f23be8ac1ba23c9530ccbed50`
SHA256	`1bb4d8be31989499726cc19c7329ecd3fe34cc2c8c12084fe8a75d179825dd7e`
CRC32	`CE35135B`
ssdeep	`3:yW2lWRdvL7YMlbK7g7lxIttKlOtjgWIart/:y1lWnlxK7ghqt+OOWIet`
Yara	None matched
VirusTotal	Search for analysis

Name	4826c0d860af884d_~wrs{ed4ce5f8-06f7-4565-b617-34155190df3f}.tmp Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{ED4CE5F8-06F7-4565-B617-34155190DF3F}.tmp
Size	1.0KB
Processes	2460 (WINWORD.EXE)
Type	data
MD5	`5d4d94ee7e06bbb0af9584119797b23a`
SHA1	`dbb111419c704f116efa8e72471dd83e86e49677`
SHA256	`4826c0d860af884d3343ca6460b0006a7a2ce7dbccc4d743208585d997cc5fd1`
CRC32	`23C03491`
ssdeep	`3:ol3lYdn:4Wn`
Yara	None matched
VirusTotal	Search for analysis

Name	cc6214d67b6c9c45_~$normal.dotm Submit file
Filepath	C:\Users\test22\AppData\Roaming\Microsoft\Templates\~$Normal.dotm
Size	162.0B
Processes	2460 (WINWORD.EXE)
Type	data
MD5	`57c528817382a3538ec35dd5cf4be558`
SHA1	`5d8a2dd5b3b1ffa58c0f40b541058090be2d3caa`
SHA256	`cc6214d67b6c9c45c54102a97e49bb4c067e3fea454996ec098795d59c825f02`
CRC32	`CC573495`
ssdeep	`3:yW2lWRdvL7YMlbK7g7lxItO/OtjgWIart/:y1lWnlxK7ghqO2OWIet`
Yara	None matched
VirusTotal	Search for analysis

Name	0e70c20a370e518a_d8671077.emf Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\D8671077.emf
Size	4.9KB
Processes	2460 (WINWORD.EXE)
Type	Windows Enhanced Metafile (EMF) image data version 0x10000
MD5	`ebc0f126663622777d5d60b9f1227e31`
SHA1	`66b370d1ef561e41014651a7a84fecb34b3436a6`
SHA256	`0e70c20a370e518a45d9be1a791cee6de471cee1414817ade54c69e7d0721795`
CRC32	`7D260F20`
ssdeep	`48:cADMNAygsdBg6qjpLkwOEG6kpYjdHkNla5b:clhlBFq9gVU5ENOb`
Yara	None matched
VirusTotal	Search for analysis