Dropped Files | ZeroBOX

Name	e7bbb2dbfe1f86be_1.hta Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\1.hta
Size	2.4KB
Processes	1608 (WINWORD.EXE)
Type	MIPSEL-BE MIPS-II ECOFF executable not stripped - version 118.32
MD5	`2ae7f9551ca62f6f0c2d626d9efc6413`
SHA1	`7ea1226d6154c4c42796b8b24dbc80301cb1ab59`
SHA256	`e7bbb2dbfe1f86becb6e157370d3cf9a2f36d32cb7e04a75b1b9cf9021d826e7`
CRC32	`057C4242`
ssdeep	`48:mxcUwEq4OQLyAnGKMRLgXaOSATaNpN+aYR4cFY3zo1rPjRpFClx+Q2:RfMZL7GKagXaOSZtYR4OY2PjTIx+D`
Yara	None matched
VirusTotal	Search for analysis

Name	3c4d7f4ac842eb25_~$normal.dotm Submit file
Filepath	C:\Users\test22\AppData\Roaming\Microsoft\Templates\~$Normal.dotm
Size	162.0B
Processes	1608 (WINWORD.EXE)
Type	data
MD5	`5f62dd960acc531c7fc4c123a5716e23`
SHA1	`16c280c844d76ce9b60e3609d33c55e68382a4a5`
SHA256	`3c4d7f4ac842eb25e952bb04e08c6d3cce9f8bcd136a4ade70bc50b469f2d4df`
CRC32	`2F84E361`
ssdeep	`3:yW2lWRdUl/W6L7ik/lvXK77SjhgFItfQslltZumtl:y1lWo/WmxXK7WNgWxzX`
Yara	None matched
VirusTotal	Search for analysis

Name	9088d5b8377bbf5e_~$ed contract_09.21.doc Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\~$ed contract_09.21.doc
Size	162.0B
Processes	1608 (WINWORD.EXE)
Type	data
MD5	`eda53785520c9c5c4d3b675c0a11bbe8`
SHA1	`fd1cc4910d6f2008bd5ac85c2c429b103ac799ee`
SHA256	`9088d5b8377bbf5edf397709f795ac280f513146352e3cc49042a9ed9a9e650d`
CRC32	`3CA2A580`
ssdeep	`3:yW2lWRdUl/W6L7ik/lvXK77SjhgFItfQslltYYln:y1lWo/WmxXK7WNgWxYYl`
Yara	None matched
VirusTotal	Search for analysis

Name	4826c0d860af884d_~wrs{25bf928a-f779-4715-b050-8cf4db2c0525}.tmp Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{25BF928A-F779-4715-B050-8CF4DB2C0525}.tmp
Size	1.0KB
Processes	1608 (WINWORD.EXE)
Type	data
MD5	`5d4d94ee7e06bbb0af9584119797b23a`
SHA1	`dbb111419c704f116efa8e72471dd83e86e49677`
SHA256	`4826c0d860af884d3343ca6460b0006a7a2ce7dbccc4d743208585d997cc5fd1`
CRC32	`23C03491`
ssdeep	`3:ol3lYdn:4Wn`
Yara	None matched
VirusTotal	Search for analysis