Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
11.19 07:11
4f3200e5324a333579e06e...
11.19 07:11
6e1ed6447607ab4c30b3f3...
11.19 07:11
6e1ed6447607ab4c30b3f3...
11.19 02:11
Potwierdzenie.exe
11.19 02:11
cheet.exe
11.19 02:11
chelentano.exe
11.19 02:11
12.exe
11.19 02:11
caspol.exe
11.19 02:11
gambinho.exe
11.19 02:11
Getdp.exe

Latest News
11.19 11:11
Evaluating Solidity su...
11.19 11:11
AI is everywhere, and ...
11.19 11:11
IT Sicherheitsnews stü...
11.19 11:11
Windows 11: Security-U...
11.19 11:11
Botnet serving as ‘bac...
11.19 11:11
Attackers are hijackin...
11.19 11:11
Sequoia, GV Back Start...
11.19 11:11
Payment Firm Neo4j Fol...
11.19 11:11
Segmenting Hybrid Clou...
11.19 11:11
heise-Angebot: iX-Work...

Dropped Files | ZeroBOX

Name	94dc623054c53645_hr0nm.yl Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Hr0Nm.yl
Size	325.5KB
Processes	2628 (8pWB.eXE)
Type	data
MD5	`39a21b0bfe3395ac26d7572b0308e757`
SHA1	`921e93cfa39d079e0828f0f1283e6ba0448ed7b9`
SHA256	`94dc623054c53645d4ed9ae09b897cf654f3f9af02541ad0ecebe4ae7dcf3681`
CRC32	`938FF7FE`
ssdeep	`6144:kCi8aq/HPQy0GVz3SlKBMc2ZBTHw1XQOuEXJUrNTxy:G8aq/vvTb2ZpGXQdy2c`
Yara	Malicious_Library_Zero - Malicious_Library
VirusTotal	Search for analysis

Name	75b94d007669b869_1mrav8.m Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\1MRAv8.M
Size	254.9KB
Processes	2628 (8pWB.eXE)
Type	data
MD5	`0c48fb476c816f2322e6dc82bb8904d7`
SHA1	`15fba801c0d3e143faa681cfd5cad1f44b9491a5`
SHA256	`75b94d007669b86906ef4b7e7e727291f015725952582a0f1390b19d70e82f6c`
CRC32	`93147987`
ssdeep	`3072:QuvoMW+IQfcLETeEV+FkbjbKoF9OIFJ8/OSUykqYXtsT7jqfr4w8bjKS3Db03/rf:hImReRFUvKoPOIcnj5THs4w8b2UDbqj`
Yara	None matched
VirusTotal	Search for analysis

Name	fa4d0e8179e2145c_thbtz22y.u Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Thbtz22Y.U
Size	26.5KB
Processes	2628 (8pWB.eXE)
Type	data
MD5	`f92fc6a450051dc8c967626f764ad02a`
SHA1	`7da5ef03df9320597c822ee9febed91c4e354ebc`
SHA256	`fa4d0e8179e2145cd65e5bba3bce56d5ff7ca25f5c87cb5a8a9dca69a7a4548a`
CRC32	`71836AA1`
ssdeep	`384:7MG03kZAkOiONeo3eAmbpuNFVAPV7lihwGDCPdaaBgB+RSH8W8tD6oC2V07fdLNK:TWkvv2ZaoNF4V7lawGDIpw0YNK`
Yara	None matched
VirusTotal	Search for analysis

Name	0809ce8292902d05_kkayeq.00 Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\kKAyeq.00
Size	128.0MB
Processes	2628 (8pWB.eXE) 2484 (mshta.exe)
Type	ISO-8859 text, with very long lines, with no line terminators
MD5	`15be01094c221c914465e626371eacea`
SHA1	`4c5b8cba53e7a740a3608684853bdd8ae81dd102`
SHA256	`a9b15d97c3625fb4e39e4a2e0688d436665b392a7241217fbc813d1bc3361d11`
CRC32	`2260258E`
ssdeep	`3:GMcPqLFNxQXRABM:GMcPwkXRA6`
Yara	None matched
VirusTotal	Search for analysis

Name	652c56e79711d9a6__aech.7 Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_AeCh.7
Size	61.6KB
Processes	2628 (8pWB.eXE)
Type	data
MD5	`7b53ac5f3b52420199765417fc81db15`
SHA1	`60a64efcb45b333be0e0c123be7d51059269ae45`
SHA256	`652c56e79711d9a6a91b71b9dd1132324a7b4ed916a3e60678580cb81e7026e9`
CRC32	`67F4E671`
ssdeep	`1536:qHTtZXbyd/KbpaIFPBOpCO3Q+4wu5672suxHu0++n:KTXrw/K1FPB18QJwj2suxO6n`
Yara	None matched
VirusTotal	Search for analysis

Name	f4d2bcf95b1f9f9f_qz5uw.aq Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\QZ5uW.aQ
Size	358.4KB
Processes	2628 (8pWB.eXE)
Type	COM executable for DOS
MD5	`f47e90da029ef6c2bd1988524c8d25ef`
SHA1	`2ef3df2b4e706deb3116263e52f6a0fd841992ae`
SHA256	`f4d2bcf95b1f9f9fcf6054eab6ccdfaa2b7a65219934705aa60e33259e4a92db`
CRC32	`A1661B8C`
ssdeep	`6144:hBZVfCclry2uRgXK7t0vMMBv1NQNHR3IDJwl315TaQNL:rZdCclGNdCvpJ2C8FBvL`
Yara	None matched
VirusTotal	Search for analysis

Name	ad1fa27d5937af8f_hxu0.m Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\HxU0.m
Size	331.2KB
Processes	2628 (8pWB.eXE)
Type	Targa image data - RGB 65536 x 184 x 0 +15 +65535 ""
MD5	`0ee1734d213bf718440d2a2d02133712`
SHA1	`a8915f5d34492e6b57e48290dd13b34825b1eb3e`
SHA256	`ad1fa27d5937af8f94c6946fefbc1e6ff0a97eb0dfd0189a63148566d3edef9d`
CRC32	`37E571DC`
ssdeep	`6144:ot6klSBfynEz5kMBG+x5QpiTfAbRyeToaOQuZ9BHiXk+capzp5GIY/o2D53:FklSBaEz5kMgsQpibAhu/BCXk454P3`
Yara	None matched
VirusTotal	Search for analysis

Name	f688aca73fa7d5d4_n3v4h8h.sxy Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\N3V4H8H.sXy
Size	128.0MB
Processes	2160 (cmd.exe)
Type	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5	`47627f9a3c1a90e2c7b648b6813bb536`
SHA1	`b68c67f39794ea54ec15f26e36af06db61974d9e`
SHA256	`a3d8278d0e2479137c606f6fece2e7eb57493a1220f122028ca61f5d105547e1`
CRC32	`09FB269B`
ssdeep	`24576:RlO9z5+sQpibAhu/FUqW8aq/n2ZpGXh291DinrGP85S8qlGdUpJ2Cku:Rs9TQY1F8Z91enR53q8dqJdku`
Yara	PE_Header_Zero - PE File Signature IsPE32 - (no description) IsDLL - (no description) Malicious_Library_Zero - Malicious_Library UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	e3b0c44298fc1c14___tmp_rar_sfx_access_check_33636218 Empty file or file not found
Filepath	C:\Users\test22\AppData\Local\Temp\__tmp_rar_sfx_access_check_33636218
Size	0.0B
Type	empty
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
CRC32	`00000000`
ssdeep	`3::`
Yara	None matched
VirusTotal	Search for analysis