popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 38f98d79c83b0360_~$cument.docx
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\~$cument.docx
Size 162.0B
Processes 2364 (WINWORD.EXE)
Type data
MD5 900bd9a1836ef3ea8e01a1d3b2834736
SHA1 533571641a8e56345bb24669ec43a1241a528ad7
SHA256 38f98d79c83b0360c4485d0cbd8b472897af4232e440deb62c71c818c2f01f86
CRC32 8D80A78B
ssdeep 3:yW2lWRdoKyW6L7R7jlJK7DUMHItlFohl:y1lWTyWmN7XK7x4l+l
Yara None matched
VirusTotal Search for analysis
Name ccfaa51b7cf4ddd8_fsf-{0e1eee64-e8c6-4e2a-9759-63cf07fd8988}.fsf
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Office\15.0\OfficeFileCache\LocalCacheFileEditManager\FSF-{0E1EEE64-E8C6-4E2A-9759-63CF07FD8988}.FSF
Size 114.0B
Processes 2364 (WINWORD.EXE)
Type data
MD5 e59015f363437ec9127e2f8bee543f11
SHA1 7a9764383307114ed152b6acb51305912d2c1f68
SHA256 ccfaa51b7cf4ddd8909ba96f4938e517033156ead3dce6905e62f0f98ac71130
CRC32 C012FFBC
ssdeep 3:yVlgsRlz5G8lXSdWpVErhWKFsvncXljl276:yPblzY84HsKF0G22
Yara None matched
VirusTotal Search for analysis
Name eaf9cdc741596275_centraltable.ini
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Office\15.0\OfficeFileCache\CentralTable.ini
Size 36.0B
Processes 2364 (WINWORD.EXE)
Type data
MD5 1f830b53ca33a1207a86ce43177016fa
SHA1 bdf230e1f33afba5c9d5a039986c6505e8b09665
SHA256 eaf9cdc741596275e106dddcf8aba61240368a8c7b0b58b08f74450d162337ef
CRC32 BA4496DE
ssdeep 3:5NixJlElGUR:WrEcUR
Yara None matched
VirusTotal Search for analysis
Name e73d9fab37cd6bf9_centraltable.laccdb
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Office\15.0\OfficeFileCache\CentralTable.laccdb
Size 128.0B
Processes 2364 (WINWORD.EXE) 2136 (MSOSYNC.EXE)
Type data
MD5 0c2be3153a6602550b658e4bb5f073d5
SHA1 3fe515761d3c3744fcb12b10de15e0d94ed36ba9
SHA256 e73d9fab37cd6bf9f8a66e6de08e8178a7d5b5d7ee7bd314f7a25132b17ec5f8
CRC32 D05CFEE4
ssdeep 3:IkFafOkFaV:zQu
Yara None matched
VirusTotal Search for analysis
Name 4826c0d860af884d_~wrs{d89cab87-11b2-4997-bbae-4a38b81fae59}.tmp
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{D89CAB87-11B2-4997-BBAE-4A38B81FAE59}.tmp
Size 1.0KB
Processes 2364 (WINWORD.EXE)
Type data
MD5 5d4d94ee7e06bbb0af9584119797b23a
SHA1 dbb111419c704f116efa8e72471dd83e86e49677
SHA256 4826c0d860af884d3343ca6460b0006a7a2ce7dbccc4d743208585d997cc5fd1
CRC32 23C03491
ssdeep 3:ol3lYdn:4Wn
Yara None matched
VirusTotal Search for analysis
Name d995411bbc875012_fsd-cnry.fsd
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Office\15.0\OfficeFileCache\LocalCacheFileEditManager\FSD-CNRY.FSD
Size 128.0KB
Processes 2364 (WINWORD.EXE)
Type data
MD5 a6f7728accf1b93aeed11ce2d1b07248
SHA1 a3f60ba11ee4315f6346f5df027f359d8de7f555
SHA256 d995411bbc87501247026a4ceec62586bf1ea00624e542f95407ae22ddc98d12
CRC32 712F759B
ssdeep 48:I3XEjBb9IxUJapDDjytaKSZAJCwCFEFDGwqhIhAr3RCCbY7ZMCCbY7Z:KUd6RXoP2Ua3RCysMCys
Yara None matched
VirusTotal Search for analysis
Name e11e4a88652411a4_~$normal.dotm
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Templates\~$Normal.dotm
Size 162.0B
Processes 2364 (WINWORD.EXE)
Type data
MD5 563c98607936a30687087594ada3349b
SHA1 dcc9092f9faf77a00aa8c17c505ddf403f19bbd6
SHA256 e11e4a88652411a4b6614e0761ef0eb5231a438880ee940ed7066c6de3def8fd
CRC32 F5572C70
ssdeep 3:yW2lWRdoKyW6L7R7jlJK7DUMHItlFoCl:y1lWTyWmN7XK7x4lz
Yara None matched
VirusTotal Search for analysis
Name 581203d482f960e0_fsd-cnry.fsd
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Office\15.0\OfficeFileCache\FSD-CNRY.FSD
Size 128.0KB
Processes 2364 (WINWORD.EXE)
Type data
MD5 78f875d9fd007e6e77894a8f1a97616e
SHA1 c1e16684a9e3be7189566d8afb2caeaea938a43e
SHA256 581203d482f960e0b7c7fc4499956861d1e7a23076b0bfa3aa18eb02b9990342
CRC32 58421C64
ssdeep 48:I3kBLrT0x83KE5qIkEmSlISEW7F4JbWUsU5s9vGbrpar3BYUwkUw:K0L/P95qSrlIFdvjJFa3Bvwrw
Yara None matched
VirusTotal Search for analysis
Name 57ff68ef7558db0f_~wrs{5b5642b9-22af-4440-b02f-b5090359dc9f}.tmp
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{5B5642B9-22AF-4440-B02F-B5090359DC9F}.tmp
Size 2.0KB
Processes 2364 (WINWORD.EXE)
Type data
MD5 0b0fe4976259aeea3d77d26b36297226
SHA1 e640c63b5b0e9210770c6bb73abb1c5c3e419d8f
SHA256 57ff68ef7558db0fc63e33cc348361b21dca1ba267bd9f9bf944e8e23879b19c
CRC32 791DD072
ssdeep 12:vl8aeKFStjM3qo4+qRbQstSaVPTQukouvcvb8vSoSB8WBzsw+s:Cd2Stg3qo4+qRbQs5Pm7EvyQX+s
Yara None matched
VirusTotal Search for analysis
Name 3e49dd858458d929_fsd-{9441f9c2-f06b-4865-986d-438a1a2dd303}.fsd
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Office\15.0\OfficeFileCache\LocalCacheFileEditManager\FSD-{9441F9C2-F06B-4865-986D-438A1A2DD303}.FSD
Size 128.0KB
Processes 2364 (WINWORD.EXE)
Type data
MD5 65acb2b5970b37ac462725fd1fd3ef2b
SHA1 dd3234a2f8e53592864e600eeb7d5963eca83105
SHA256 3e49dd858458d9298f613ae852d365d5e0c6ace431b80b9b0dace64fa0e073f5
CRC32 F305EEEC
ssdeep 48:I3pBEzF2sSfbGqSSwt22fGcfsbYSv7z7MqlBA786CaY/CGvCaY/CG:KTEJiMxUA
Yara None matched
VirusTotal Search for analysis
Name 5b3fb9e7ff086d05_centraltable.accdb
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Office\15.0\OfficeFileCache\CentralTable.accdb
Size 472.0KB
Processes 2364 (WINWORD.EXE)
Type Microsoft Access Database
MD5 39e64d2d45123de5965d4123f108a724
SHA1 08e972889926792819d508cd0a92449ad94d0c9f
SHA256 5b3fb9e7ff086d05df4d7d9026e71f17cf5beaa1c504317b4bb0b0710c9715ac
CRC32 DCB32F55
ssdeep 384:5CG3vx8qMISFXI7ITRuAFr36jmThNFVmVZO4F9Z:jp8NTY7KRuA9vF01Z
Yara None matched
VirusTotal Search for analysis