Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
11.18 02:11
DOCTOR FIRM ORDER FORM...
11.18 09:11
babababa.exe
11.18 09:11
Jagtfalkenes.vbs
11.18 09:11
windows_update.dll
11.18 09:11
nicko.exe
11.18 09:11
GHO%E9%95%9C%E5%83%8F%...
11.18 09:11
stories.exe
11.17 10:11
wwbizsrvs.exe
11.15 01:11
wwbizsrvs.exe
11.15 01:11
op.exe

Latest News
11.18 03:11
에스엠해썹, 2024 스마트공장 지원사업...
11.18 03:11
삼진벽난로, 알펜시아 에스테이트 초프리미...
11.18 03:11
Analog Shift Register ...
11.18 03:11
엠기어스, BMW 통합 호환…신제품 엠스...
11.18 02:11
상상력집단, 고양시 시니어 맞춤형 AI ...
11.18 02:11
올담, 충청북도 공동브랜딩 협업 충북 에...
11.18 02:11
Women In Russian-Speak...
11.18 02:11
Tim Berners-Lee Wants ...
11.18 02:11
Urgent: Critical WordP...
11.18 01:11
에듀피디, ‘알기 쉽게 풀어쓴 산업위생관...

Dropped Files | ZeroBOX

Name	cf9f1d8a1157eeba_b4cdfaa6.emf Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\B4CDFAA6.emf
Size	4.1KB
Processes	2388 (WINWORD.EXE)
Type	Windows Enhanced Metafile (EMF) image data version 0x10000
MD5	`14bf5b0e16e13e09fc5fc2f9dc9422aa`
SHA1	`66c760fbaf6da68011fd460aa15dc2d5faf9ffe0`
SHA256	`cf9f1d8a1157eeba7684d3304108d92a72a605442c4955a24b74aca1077f5caa`
CRC32	`38A8EE4B`
ssdeep	`24:YHDyzPJ7gXxBBBmor/C/KnTqh/m7XC/S6kTnhens/6enKuvae:MDwNgXxBBBmvJ5unUsKaae`
Yara	None matched
VirusTotal	Search for analysis

Name	5198fa0f5db0645b_~$normal.dotm Submit file
Filepath	C:\Users\test22\AppData\Roaming\Microsoft\Templates\~$Normal.dotm
Size	162.0B
Processes	2388 (WINWORD.EXE)
Type	data
MD5	`8eb7ef27966ff233cf87b14b723ff88a`
SHA1	`8c0734adcb7a05ccf6d588c3a11749fd6c902126`
SHA256	`5198fa0f5db0645b75383f7ff4a2a183b1233d88fa1585d3b72289901f4338ae`
CRC32	`8D0535B5`
ssdeep	`3:yW2lWRdvL7YMlbK7l0:y1lWnlxK7S`
Yara	None matched
VirusTotal	Search for analysis

Name	4826c0d860af884d_~wrs{90bf4d3a-2bd5-417c-a3c9-383507f9c55b}.tmp Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{90BF4D3A-2BD5-417C-A3C9-383507F9C55B}.tmp
Size	1.0KB
Processes	2388 (WINWORD.EXE)
Type	data
MD5	`5d4d94ee7e06bbb0af9584119797b23a`
SHA1	`dbb111419c704f116efa8e72471dd83e86e49677`
SHA256	`4826c0d860af884d3343ca6460b0006a7a2ce7dbccc4d743208585d997cc5fd1`
CRC32	`23C03491`
ssdeep	`3:ol3lYdn:4Wn`
Yara	None matched
VirusTotal	Search for analysis

Name	1d919376e63d02c6_~wrs{dc6fd733-c6dc-423a-8cae-4cf959d60294}.tmp Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{DC6FD733-C6DC-423A-8CAE-4CF959D60294}.tmp
Size	1.3KB
Processes	2388 (WINWORD.EXE)
Type	data
MD5	`82ee3f9ab3cfc059bebac5566c1fe762`
SHA1	`92c21b0c7a786a93f9ac58b2492df7b686a4bb64`
SHA256	`1d919376e63d02c669c4550ea41844b704c1e3077eb84ec0d39ff19d4d77dbbf`
CRC32	`3F12E0E5`
ssdeep	`12:C5WwAwNJqfTN14l5gGWCuZ/mpW+0zu5mKCWqf6lgBWqfTN14lR:qWwAQkfTN6EZZ/m2Cgf6lIfTN6z`
Yara	None matched
VirusTotal	Search for analysis

Name	6e81d4ee708c4404_~$date of the office pack.doc Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\~$date of the OFFICE PACK.doc
Size	162.0B
Processes	2388 (WINWORD.EXE)
Type	data
MD5	`472dff074d68d9915bcebe7ffa91a18e`
SHA1	`5c1cf95449e9a14e443aeb54d5ca4cd51f14b6bb`
SHA256	`6e81d4ee708c44047338e372faa6284c8a56fac88820acd377c01a89b41e2edb`
CRC32	`3D0B3EF6`
ssdeep	`3:yW2lWRdvL7YMlbK7lZync8:y1lWnlxK73t8`
Yara	None matched
VirusTotal	Search for analysis