Dropped Files | ZeroBOX

Name	6e33bbfec9d9e6b8_~$19_7169909343268.doc Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\~$19_7169909343268.doc
Size	162.0B
Processes	2388 (WINWORD.EXE)
Type	data
MD5	`ea3128a24e02c34c241119c79dbbe182`
SHA1	`bc78ec3f36e159c130667873633815633807a5d0`
SHA256	`6e33bbfec9d9e6b8f84de27faf70f5311ff1ce833f6a00bd7d147c355a099d74`
CRC32	`623F66E5`
ssdeep	`3:yW2lWRdvL7YMlbK7lZD8:y1lWnlxK73w`
Yara	None matched
VirusTotal	Search for analysis

Name	5198fa0f5db0645b_~$normal.dotm Submit file
Filepath	C:\Users\test22\AppData\Roaming\Microsoft\Templates\~$Normal.dotm
Size	162.0B
Processes	2388 (WINWORD.EXE)
Type	data
MD5	`8eb7ef27966ff233cf87b14b723ff88a`
SHA1	`8c0734adcb7a05ccf6d588c3a11749fd6c902126`
SHA256	`5198fa0f5db0645b75383f7ff4a2a183b1233d88fa1585d3b72289901f4338ae`
CRC32	`8D0535B5`
ssdeep	`3:yW2lWRdvL7YMlbK7l0:y1lWnlxK7S`
Yara	None matched
VirusTotal	Search for analysis

Name	a1fa622b47a529e1_c33bf418.emf Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO\C33BF418.emf
Size	4.9KB
Processes	2388 (WINWORD.EXE)
Type	Windows Enhanced Metafile (EMF) image data version 0x10000
MD5	`bf2393dfe4576945d1f26d3595c5ef9f`
SHA1	`f9abbbcf4bad106e4f5c039082257357f4c28aef`
SHA256	`a1fa622b47a529e1064458aa0decd0c1ebc16efb621511c8cba545036ffeb00e`
CRC32	`71C49B27`
ssdeep	`24:Y6cOaHN87k0sqFjsdB3g6G7OdE5qOppcWfswKnZFwG6uvX51m0KZdHk1a/Uo:XQNikssdBg6qjpLkwOEG6kpnydHk1a/Z`
Yara	None matched
VirusTotal	Search for analysis

Name	4826c0d860af884d_~wrs{5f8b61f0-3c4f-4530-a0a2-26cab4cfd072}.tmp Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{5F8B61F0-3C4F-4530-A0A2-26CAB4CFD072}.tmp
Size	1.0KB
Processes	2388 (WINWORD.EXE)
Type	data
MD5	`5d4d94ee7e06bbb0af9584119797b23a`
SHA1	`dbb111419c704f116efa8e72471dd83e86e49677`
SHA256	`4826c0d860af884d3343ca6460b0006a7a2ce7dbccc4d743208585d997cc5fd1`
CRC32	`23C03491`
ssdeep	`3:ol3lYdn:4Wn`
Yara	None matched
VirusTotal	Search for analysis