Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

Dropped Files | ZeroBOX

Name	a4f4ed106a31b9a2_fsd-cnry.fsd Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Office\15.0\OfficeFileCache\LocalCacheFileEditManager\FSD-CNRY.FSD
Size	128.0KB
Processes	2364 (WINWORD.EXE)
Type	data
MD5	`4ec196279517cd2933eee869d51e02f5`
SHA1	`b717725270355cde501a37b2220b43dcc69623f4`
SHA256	`a4f4ed106a31b9a27fe6982f95ee8f82f00a0fd6cba5417c9d0a3f8a2b55a0e0`
CRC32	`CAAA67B1`
ssdeep	`48:I38BTeShXD1tgrOFR48OFHqtUr3VOoZd/lToZd/l:KcPhXDAmttk3VOK9K`
Yara	None matched
VirusTotal	Search for analysis

Name	46a7eee7ae58638c_fsd-{9721489c-f3fd-40b6-8e4d-f712a1a036ba}.fsd Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Office\15.0\OfficeFileCache\LocalCacheFileEditManager\FSD-{9721489C-F3FD-40B6-8E4D-F712A1A036BA}.FSD
Size	128.0KB
Processes	2364 (WINWORD.EXE)
Type	data
MD5	`9e0de2ef4d1a301df2a067361f23e984`
SHA1	`89970f4c557ad8b833bd10972f412c0dd2ad8dde`
SHA256	`46a7eee7ae58638cb6363e15f49813d4c9a0a694305e42f67b35761d1235a709`
CRC32	`9EF5FF8E`
ssdeep	`24:I3Wa4eaM0B3cj9QTCcTgCSykiGmp6ZbCiAolyRHkRjhPodp7d8Fm4zl+eGSMb/7M:I3WamBea/uhleERjhu6F7z70`
Yara	None matched
VirusTotal	Search for analysis

Name	b953a228a7a66d5c_centraltable.accdb Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Office\15.0\OfficeFileCache\CentralTable.accdb
Size	472.0KB
Processes	2364 (WINWORD.EXE)
Type	Microsoft Access Database
MD5	`12563c712febf3e048f3bc8269b566c6`
SHA1	`0b46f371075b912e7a9eed69ec66a68103480ce7`
SHA256	`b953a228a7a66d5c113ab3267a322b034aef64f8e2bd3ac92079b88e87190651`
CRC32	`D0703E85`
ssdeep	`384:5/5G9GNC4IISFLI7ITRuAF61z/hjb8NWutmVZO4F7Z:mEC7Ts7KRu1/OWu8zZ`
Yara	None matched
VirusTotal	Search for analysis

Name	eaf9cdc741596275_centraltable.ini Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Office\15.0\OfficeFileCache\CentralTable.ini
Size	36.0B
Processes	2364 (WINWORD.EXE)
Type	data
MD5	`1f830b53ca33a1207a86ce43177016fa`
SHA1	`bdf230e1f33afba5c9d5a039986c6505e8b09665`
SHA256	`eaf9cdc741596275e106dddcf8aba61240368a8c7b0b58b08f74450d162337ef`
CRC32	`BA4496DE`
ssdeep	`3:5NixJlElGUR:WrEcUR`
Yara	None matched
VirusTotal	Search for analysis

Name	e73d9fab37cd6bf9_centraltable.laccdb Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Office\15.0\OfficeFileCache\CentralTable.laccdb
Size	128.0B
Processes	2364 (WINWORD.EXE) 2096 (MSOSYNC.EXE)
Type	data
MD5	`0c2be3153a6602550b658e4bb5f073d5`
SHA1	`3fe515761d3c3744fcb12b10de15e0d94ed36ba9`
SHA256	`e73d9fab37cd6bf9f8a66e6de08e8178a7d5b5d7ee7bd314f7a25132b17ec5f8`
CRC32	`D05CFEE4`
ssdeep	`3:IkFafOkFaV:zQu`
Yara	None matched
VirusTotal	Search for analysis

Name	4826c0d860af884d_~wrs{c5392f5f-a7d5-486d-8980-30cb0d8eeeb9}.tmp Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{C5392F5F-A7D5-486D-8980-30CB0D8EEEB9}.tmp
Size	1.0KB
Processes	2364 (WINWORD.EXE)
Type	data
MD5	`5d4d94ee7e06bbb0af9584119797b23a`
SHA1	`dbb111419c704f116efa8e72471dd83e86e49677`
SHA256	`4826c0d860af884d3343ca6460b0006a7a2ce7dbccc4d743208585d997cc5fd1`
CRC32	`23C03491`
ssdeep	`3:ol3lYdn:4Wn`
Yara	None matched
VirusTotal	Search for analysis

Name	57ff68ef7558db0f_~wrs{a6274953-1170-4aca-a254-9363b3f695eb}.tmp Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{A6274953-1170-4ACA-A254-9363B3F695EB}.tmp
Size	2.0KB
Processes	2364 (WINWORD.EXE)
Type	data
MD5	`0b0fe4976259aeea3d77d26b36297226`
SHA1	`e640c63b5b0e9210770c6bb73abb1c5c3e419d8f`
SHA256	`57ff68ef7558db0fc63e33cc348361b21dca1ba267bd9f9bf944e8e23879b19c`
CRC32	`791DD072`
ssdeep	`12:vl8aeKFStjM3qo4+qRbQstSaVPTQukouvcvb8vSoSB8WBzsw+s:Cd2Stg3qo4+qRbQs5Pm7EvyQX+s`
Yara	None matched
VirusTotal	Search for analysis

Name	7b652ddcf2b7b19e_fsf-{0e1eee64-e8c6-4e2a-9759-63cf07fd8988}.fsf Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Office\15.0\OfficeFileCache\LocalCacheFileEditManager\FSF-{0E1EEE64-E8C6-4E2A-9759-63CF07FD8988}.FSF
Size	114.0B
Processes	2364 (WINWORD.EXE)
Type	data
MD5	`9cca43ba9f5a326c410487aac43c563d`
SHA1	`47642a6b7388780e4d80679deff30faf102c00a7`
SHA256	`7b652ddcf2b7b19ef7163b7e6625909d7cbba6df1af6b39a695f33a55acca8dd`
CRC32	`BA369486`
ssdeep	`3:yVlgsRlziR67AhWPHTaOR7SWllobL7276:yPblziR6sJWlli22`
Yara	None matched
VirusTotal	Search for analysis

Name	7874e44cf569176a_~$normal.dotm Submit file
Filepath	C:\Users\test22\AppData\Roaming\Microsoft\Templates\~$Normal.dotm
Size	162.0B
Processes	2364 (WINWORD.EXE)
Type	data
MD5	`73309eaa15dfa7e88177494f672f9cd9`
SHA1	`e455ca19c553f633f588b8d1e37fc43bf82f7bd1`
SHA256	`7874e44cf569176a72867af96b59ac7b835987dec36ad9b7a67fe864bf8edc27`
CRC32	`3F272FC7`
ssdeep	`3:yW2lWRdeSyW6L7rpTK7z+MlFItbzclUl/:y1lWKvWmpTK7ykWPPl/`
Yara	None matched
VirusTotal	Search for analysis

Name	c747a8f1ae18f808_~$cument.docx Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\~$cument.docx
Size	162.0B
Processes	2364 (WINWORD.EXE)
Type	data
MD5	`200763e2b20fc57ff2283f89a8cc2dbe`
SHA1	`33e3708eaae813434186172b677cc1606de0b5ae`
SHA256	`c747a8f1ae18f808f7e971dcaa122156c1ef990dd3281fc55f34d68d2871d6ad`
CRC32	`165306BE`
ssdeep	`3:yW2lWRdeSyW6L7rpTK7z+MlFItbzcT/:y1lWKvWmpTK7ykWPQ/`
Yara	None matched
VirusTotal	Search for analysis

Name	aeb98a19dd9fdc8c_fsd-cnry.fsd Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Office\15.0\OfficeFileCache\FSD-CNRY.FSD
Size	128.0KB
Processes	2364 (WINWORD.EXE)
Type	data
MD5	`3e59483f90409b97ac80e6717a3fcf69`
SHA1	`7ecf64268b78777b474701ddf6a84e28288dea35`
SHA256	`aeb98a19dd9fdc8ce0c39e78ca475957fd5e9472cdc39d9339553b357908a694`
CRC32	`EC97F22C`
ssdeep	`48:I3cnBkWxRdsTGmDGrMPp/BOLr3h+rXGCLXGC:KcBkWxR+TGMpB/Bi3h+vP`
Yara	None matched
VirusTotal	Search for analysis