Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
11.18 02:11
DOCTOR FIRM ORDER FORM...
11.18 09:11
babababa.exe
11.18 09:11
Jagtfalkenes.vbs
11.18 09:11
windows_update.dll
11.18 09:11
nicko.exe
11.18 09:11
GHO%E9%95%9C%E5%83%8F%...
11.18 09:11
stories.exe
11.17 10:11
wwbizsrvs.exe
11.15 01:11
wwbizsrvs.exe
11.15 01:11
op.exe

Latest News
11.18 03:11
에스엠해썹, 2024 스마트공장 지원사업...
11.18 03:11
삼진벽난로, 알펜시아 에스테이트 초프리미...
11.18 03:11
Analog Shift Register ...
11.18 03:11
엠기어스, BMW 통합 호환…신제품 엠스...
11.18 02:11
상상력집단, 고양시 시니어 맞춤형 AI ...
11.18 02:11
올담, 충청북도 공동브랜딩 협업 충북 에...
11.18 02:11
Women In Russian-Speak...
11.18 02:11
Tim Berners-Lee Wants ...
11.18 02:11
Urgent: Critical WordP...
11.18 01:11
에듀피디, ‘알기 쉽게 풀어쓴 산업위생관...

Dropped Files | ZeroBOX

Name	9104f0c4ee660d4e_~$normal.dotm Submit file
Filepath	C:\Users\test22\AppData\Roaming\Microsoft\Templates\~$Normal.dotm
Size	162.0B
Processes	2444 (WINWORD.EXE)
Type	data
MD5	`535399e49e3aea5e078d62cf5f23a17f`
SHA1	`8e6f3ba3277d42f17816ea3f57f962b0364d6a40`
SHA256	`9104f0c4ee660d4ef7db9459ceca898fc2c17e3455715fbb9938e8cfd8625387`
CRC32	`3E61DFEA`
ssdeep	`3:yW2lWRdvL7YMlbK7lenX:y1lWnlxK78nX`
Yara	None matched
VirusTotal	Search for analysis

Name	f0128dbc30dcb787_~$date of the office pack.doc Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\~$date of the OFFICE PACK.doc
Size	162.0B
Processes	2444 (WINWORD.EXE)
Type	data
MD5	`67bb48bc94f8dd2897041d3663b79927`
SHA1	`1e26160d140c75112e46deb1edfac886e6be35c5`
SHA256	`f0128dbc30dcb7879681f3b2a9f95f54b5c827ac20ed7fabb9cf4b87c9ff0fc1`
CRC32	`DAB94B0A`
ssdeep	`3:yW2lWRdvL7YMlbK7lZjnznKC:y1lWnlxK73jnLT`
Yara	None matched
VirusTotal	Search for analysis

Name	cf9f1d8a1157eeba_aa2a0d30.emf Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\AA2A0D30.emf
Size	4.1KB
Processes	2444 (WINWORD.EXE)
Type	Windows Enhanced Metafile (EMF) image data version 0x10000
MD5	`14bf5b0e16e13e09fc5fc2f9dc9422aa`
SHA1	`66c760fbaf6da68011fd460aa15dc2d5faf9ffe0`
SHA256	`cf9f1d8a1157eeba7684d3304108d92a72a605442c4955a24b74aca1077f5caa`
CRC32	`38A8EE4B`
ssdeep	`24:YHDyzPJ7gXxBBBmor/C/KnTqh/m7XC/S6kTnhens/6enKuvae:MDwNgXxBBBmvJ5unUsKaae`
Yara	None matched
VirusTotal	Search for analysis

Name	acd7bd8afe24fa5d_~wrs{f707d86a-e0bd-4a0c-b1c0-78fa92d12bda}.tmp Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{F707D86A-E0BD-4A0C-B1C0-78FA92D12BDA}.tmp
Size	1.3KB
Processes	2444 (WINWORD.EXE)
Type	data
MD5	`af9dabcae7b6bad2ca5cbc75cf3bbaa1`
SHA1	`1f5519e9e5431f6895f28b5e95f68e91695d6dc6`
SHA256	`acd7bd8afe24fa5dbf159733a138d95f79cf52185461ebee61e14ad83e563cf9`
CRC32	`BCC08C5E`
ssdeep	`12:C5WwAwNJqfTN14l5gYZ/mt0zu5mKCWqf6lgBWqfTN14lR:qWwAQkfTN6EYZ/maCgf6lIfTN6z`
Yara	None matched
VirusTotal	Search for analysis

Name	4826c0d860af884d_~wrs{49f0111d-868e-4fa0-b0e0-7477ab9be03f}.tmp Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{49F0111D-868E-4FA0-B0E0-7477AB9BE03F}.tmp
Size	1.0KB
Processes	2444 (WINWORD.EXE)
Type	data
MD5	`5d4d94ee7e06bbb0af9584119797b23a`
SHA1	`dbb111419c704f116efa8e72471dd83e86e49677`
SHA256	`4826c0d860af884d3343ca6460b0006a7a2ce7dbccc4d743208585d997cc5fd1`
CRC32	`23C03491`
ssdeep	`3:ol3lYdn:4Wn`
Yara	None matched
VirusTotal	Search for analysis