Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
11.20 09:11
mainbas.bat
11.20 09:11
dll007.dll
11.20 09:11
exe004.exe
11.20 09:11
exe010.exe
11.20 09:11
blecher.exe
11.20 09:11
GetAdapterInfo.exe
11.20 09:11
dll004.dll
11.20 09:11
dll008.dll
11.20 09:11
bestthingsalwaysgetbes...
11.20 09:11
DKM-9067291.pdf.lnk

Latest News
11.20 04:11
클라우드 MSP 기업 제노솔루션, 고객 ...
11.20 04:11
체크멀, 앱체크 프로 v3.0 ‘SW제품...
11.20 04:11
[사전규격공개] 2025년 중소기업 IS...
11.20 03:11
케이부스터, '저스트 미라클' 이름으로 ...
11.20 03:11
동탄 하이픈 입시 전문 학원, 재수종합반 런칭
11.20 03:11
정보보호 관리체계 인증 의무대상자 조사 ...
11.20 03:11
Most Extreme Hypergrav...
11.20 03:11
[사전규격공개] 정보보호산업지원센터 개소...
11.20 02:11
Apple Releases Urgent ...
11.20 02:11
Oracle Warns of Agile ...

Dropped Files | ZeroBOX

Name	6c5c9989aed5344c_sjptmanager.log Submit file
Filepath	C:\Users\test22\AppData\Local\YTS\SJPT\MANAGER\Log\SJPTManager.log
Size	335.0B
Processes	2188 (SJPTMANAGER.exe)
Type	ASCII text, with CRLF line terminators
MD5	`7ad9fe85f7272328bc359dba6bc7bda5`
SHA1	`08e14aaf41033caf301c5095280d0452c38c28fc`
SHA256	`6c5c9989aed5344c1add2555319c8958c91c3c8b65d3fcf1008c97d0de1a317a`
CRC32	`A065CBB8`
ssdeep	`6:o9UataD1U+ULA4f1FtERLBatbUsWrHFmCthtFz/Wrovn:oXu1vUASw85PiH4Ip/r`
Yara	None matched
VirusTotal	Search for analysis

Name	b380b571d4aa45e7_sjptmanager.ini Submit file
Filepath	C:\Users\test22\AppData\Local\YTS\SJPT\MANAGER\SJPTMANAGER.ini
Size	40.0B
Processes	2788 (server.asp) 2896 (SJPTMANAGERLauncher.exe)
Type	ASCII text, with CRLF line terminators
MD5	`91f8ef081490b66936bb03b15717e010`
SHA1	`e1f86a44e8b43d7b1d6b421c57a73d7391548e7d`
SHA256	`b380b571d4aa45e79756536123fc274354bcbee4612db58822700655544032ba`
CRC32	`B86C614E`
ssdeep	`3:MHErFxANyAvErFv:MgkNsV`
Yara	None matched
VirusTotal	Search for analysis

Name	3e76cd5ab8c672d9_new sjpt manager.lnk Submit file
Filepath	C:\Users\test22\Desktop\New SJPT Manager.lnk
Size	1.2KB
Processes	2896 (SJPTMANAGERLauncher.exe)
Type	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Sun Nov 7 19:10:56 2021, mtime=Sun Nov 7 19:10:56 2021, atime=Thu Aug 6 20:23:23 2020, length=732312, window=hide
MD5	`c068b843f50ac722599fe6d7c4623c6c`
SHA1	`bebb9dc10235a674e6caef5c24dda01fb5e94a99`
SHA256	`3e76cd5ab8c672d940fcfff0dad06c40d4f7e4859a1b7551d67c651c44256618`
CRC32	`CA51668F`
ssdeep	`24:8A6sERdGRiiA4UEXgynK1zNR4jCKZVdi6Pyd7f:8A6sBRiiA4nh2pR4jCKZRy9`
Yara	Lnk_Format_Zero - LNK Format
VirusTotal	Search for analysis

Name	a17e8b6c84777812_sjpt_cbt.exe Submit file
Filepath	C:\Users\test22\AppData\Local\YTS\SJPT\MANAGER\setup\sjpt\client\sjpt_cbt.exe
Size	7.9MB
Processes	2896 (SJPTMANAGERLauncher.exe)
Type	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5	`6c6fdbb4cf86a671dcabf7163b8f73f2`
SHA1	`24a6145321830c6876fb55554c8911453d2ce25d`
SHA256	`a17e8b6c84777812c45f80fe480b78ebdef48993900e091a9cde0fe8e4dfa8b8`
CRC32	`74D5D0D2`
ssdeep	`196608:d2Nv9Y4HmdU3GjLchy/4l+T0JKHwtWShYjiV0Xepwr6dM/2RITyFEHOZgbKNcvmE:iW4HmdU3GjLchy/4l+T0JKHwtWShYjiN`
Yara	Malicious_Packer_Zero - Malicious Packer PE_Header_Zero - PE File Signature Generic_Malware_Zero - Generic Malware OS_Processor_Check_Zero - OS Processor Check IsPE32 - (no description) Is_DotNET_EXE - (no description) Malicious_Library_Zero - Malicious_Library UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	390a234f7c620b7b_clst.zds Submit file
Filepath	C:\Users\test22\AppData\Local\YTS\SJPT\MANAGER\setup\sjpt\client\clst.zds
Size	200.0B
Processes	2896 (SJPTMANAGERLauncher.exe)
Type	data
MD5	`7abf4c4109e6db90af43eb1e32b39e83`
SHA1	`e305bdfc7f5e0fbc85d4508900892b6cbc8fb919`
SHA256	`390a234f7c620b7b8793b333f8e787a359ecbd81ffc0df7a324dd69b3385015b`
CRC32	`D980EFBD`
ssdeep	`6:RiimXwEz2rWbGNEMo3ixk5sUqglmxrk/cri:XslKmRSYsngq8c+`
Yara	None matched
VirusTotal	Search for analysis

Name	f03b3f3841c97917_survey.zds Submit file
Filepath	C:\Users\test22\AppData\Local\YTS\SJPT\MANAGER\sample\survey.zds
Size	744.0B
Processes	2896 (SJPTMANAGERLauncher.exe)
Type	data
MD5	`3f13fd5df1ebd8cf611c8da3113e6831`
SHA1	`c60870431d6d1528b40b04fdbf891ff250ebd46b`
SHA256	`f03b3f3841c97917ae84e4ab899876ac733951f908a88f57d9c07ae24811a900`
CRC32	`3ADD6369`
ssdeep	`12:unVgkIGo4gYdRlJwcoLTGhx/hyQlbxkXIrKxOnDgBQTpuuZmMln:uVgeo4gYdX6ehxwQIGKU0BtHY`
Yara	None matched
VirusTotal	Search for analysis

Name	51f0f9dd5c806179_rlst.zds Submit file
Filepath	C:\Users\test22\AppData\Local\YTS\SJPT\MANAGER\setup\sjpt\client\rlst.zds
Size	112.0B
Processes	2896 (SJPTMANAGERLauncher.exe)
Type	data
MD5	`0ad434766cfc43ed5ce2c1519c37fcb4`
SHA1	`09073171cbdbc8ef9ff357801639b924ef4c5a0d`
SHA256	`51f0f9dd5c806179c80ff72f621d5f3cb3ddc6cab1e51b1e13105c6cd0ab7847`
CRC32	`D5F41D30`
ssdeep	`3:vvayAIlhaQi0uKHLKRR4koY5V23jHR:XrAIlhaUuKHiRprnyR`
Yara	None matched
VirusTotal	Search for analysis

Name	cf5b76dc58999645_ysptlauncher.exe Submit file
Filepath	C:\Users\test22\AppData\Local\YTS\SJPT\MANAGER\setup\yspt\YSPTLauncher.exe
Size	636.0KB
Processes	2896 (SJPTMANAGERLauncher.exe)
Type	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5	`d67fc9cb688e0a352581962150eebbc8`
SHA1	`c589a3182854bb4bc80ca9a5f2a3f41af29a29e6`
SHA256	`cf5b76dc5899964565d7099887956b8bed5085c87c716eb4a6b18f7fd2cbdc7d`
CRC32	`8EA93B7B`
ssdeep	`12288:pyZ8Fuy1xbo7qZ8Fuy1xbjEbnhnhnhnhn+Rekm49eOLLLLOiO:4Z+ZZ+2nhnhnhnhn2ekbeOLLLLOiO`
Yara	PE_Header_Zero - PE File Signature Generic_Malware_Zero - Generic Malware IsPE32 - (no description) Is_DotNET_EXE - (no description)
VirusTotal	Search for analysis

Name	45b4ec3ba2ced435_s999.zds Submit file
Filepath	C:\Users\test22\AppData\Local\YTS\SJPT\MANAGER\sample\S999.zds
Size	4.0MB
Processes	2896 (SJPTMANAGERLauncher.exe)
Type	data
MD5	`d30fc296f08908bc8e3006904c730ccc`
SHA1	`ce1726e18a201b67031f9ec9c22a49efd4c11764`
SHA256	`45b4ec3ba2ced435403693133e2d4d58ebbefca4db53586faf7023c4502d6b67`
CRC32	`CE368AA3`
ssdeep	`98304:BZ9G1Q/3zxNDKhB05Qd6ikb+g03x1f04XVstjSZpfjnWhqfd:BbzKhab+g0j04lspCqIfd`
Yara	None matched
VirusTotal	Search for analysis

Name	8618c13ff1e075a1_sjptmanager.exe Submit file
Filepath	C:\Users\test22\AppData\Local\YTS\SJPT\MANAGER\SJPTManager.exe
Size	5.0MB
Processes	2896 (SJPTMANAGERLauncher.exe)
Type	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5	`ddc30553fdf5332b2b9aa9f3c4d4b383`
SHA1	`e3f6288cc5b9542ade48b50d0d90a5a6947ba7cf`
SHA256	`8618c13ff1e075a138cfdaf51647a4d22b983d6c614f6b2441c73f6aaefcc32a`
CRC32	`B344D483`
ssdeep	`98304:fjkX9DJtyLxxxxxxxXwUK0GXFjqUbPxveNFzY+vA8DBczy/7iz:rkX9DJtyLxxxxxxxXwUKtFjquYY+vA8K`
Yara	Malicious_Packer_Zero - Malicious Packer PE_Header_Zero - PE File Signature Generic_Malware_Zero - Generic Malware OS_Processor_Check_Zero - OS Processor Check IsPE32 - (no description) Is_DotNET_EXE - (no description) Malicious_Library_Zero - Malicious_Library UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	b87e7fe7eb184723_page.html Submit file
Filepath	C:\Users\test22\AppData\Local\YTS\SJPT\MANAGER\setup\sjpt\client\page.html
Size	32.2KB
Processes	2896 (SJPTMANAGERLauncher.exe)
Type	HTML document, UTF-8 Unicode text, with very long lines, with CRLF line terminators
MD5	`48ad056491cb71c683c2e944fe9afce1`
SHA1	`461a70183333bbf50bd7ea59748f33cf92422f63`
SHA256	`b87e7fe7eb1847236371956b266d53b1c3f7ca726eb8cf249e6c5fb1666b3f34`
CRC32	`49D30279`
ssdeep	`768:jok6smTUmiymAAAW/gDfdnRPHNV3Uk2mhuzchCsh:joKjj9AAAW/gDftZHNV3v2S`
Yara	None matched
VirusTotal	Search for analysis

Name	a8c463b79017ffe2_new sjpt manager.lnk Submit file
Filepath	C:\Users\test22\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\New SJPT Manager.lnk
Size	1.2KB
Processes	2896 (SJPTMANAGERLauncher.exe)
Type	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Sun Nov 7 19:10:56 2021, mtime=Sun Nov 7 19:10:56 2021, atime=Thu Aug 6 20:23:23 2020, length=732312, window=hide
MD5	`ed99eaa06b994efed1b3dc6b98795788`
SHA1	`12fa4bd4eb878fca3742dcdb754231ea863f302d`
SHA256	`a8c463b79017ffe2e5ecd9a09f879a568c4e2e7a97b0842c6d1ebafd6acdef22`
CRC32	`A0A9A31A`
ssdeep	`24:8A6sERdGRiiA4UEXgynK1zNR49ACKZVdi6Pyd7f:8A6sBRiiA4nh2pR49ACKZRy9`
Yara	Lnk_Format_Zero - LNK Format
VirusTotal	Search for analysis

Name	389f019ceb252b5a_yspt.exe Submit file
Filepath	C:\Users\test22\AppData\Local\YTS\SJPT\MANAGER\setup\yspt\YSPT.exe
Size	3.5MB
Processes	2896 (SJPTMANAGERLauncher.exe)
Type	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5	`1973e3cb9af79a8059b7ce10d89c5037`
SHA1	`64fccb62ee1511993b38c1087cf7ac4628b98508`
SHA256	`389f019ceb252b5a7e798c5043c4512c06d0f6b994e871676a8b9210b00433bc`
CRC32	`19AD0FD6`
ssdeep	`49152:jtkbldlTvkf6aF0sggZ9DDiws31KcJm/xkm4ovyvUdT4ie:ZkbPxveNFdggTTE0KmJs`
Yara	Malicious_Packer_Zero - Malicious Packer PE_Header_Zero - PE File Signature Generic_Malware_Zero - Generic Malware OS_Processor_Check_Zero - OS Processor Check IsPE32 - (no description) Is_DotNET_EXE - (no description) Malicious_Library_Zero - Malicious_Library UPX_Zero - UPX packed file
VirusTotal	Search for analysis