popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 80afadd4af21c716_e0f5c59f9fa661f6f4c50b87fef3a15a
Submit file
Filepath C:\Users\test22\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E0F5C59F9FA661F6F4C50B87FEF3A15A
Size 252.0B
Processes 2064 (EXCEL.EXE)
Type data
MD5 f76d3effa2d2fa32f8d815df82b1a528
SHA1 0a595907e5b7a1a7537c9026e6a29a41b52b2d30
SHA256 80afadd4af21c716dc87ebbeb65af4f73f6a3ddf146c52529bea19fbc3d08b55
CRC32 8D740F2E
ssdeep 3:kkFkl1ukltfllXlE/VWw1BllPlzRkwWBARLNDU+ZMlKlBkvclcMlVHblB1ADEQc0:kKkaWA1liBAIdQZV7CDEQcK1
Yara None matched
VirusTotal Search for analysis
Name a2ce3a0fa7d2a833_e0f5c59f9fa661f6f4c50b87fef3a15a
Submit file
Filepath C:\Users\test22\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E0F5C59F9FA661F6F4C50B87FEF3A15A
Size 893.0B
Processes 2064 (EXCEL.EXE)
Type data
MD5 d4ae187b4574036c2d76b6df8a8c1a30
SHA1 b06f409fa14bab33cbaf4a37811b8740b624d9e5
SHA256 a2ce3a0fa7d2a833d1801e01ec48e35b70d84f3467cc9f8fab370386e13879c7
CRC32 1C31685D
ssdeep 24:hBntmDvKUQQDvKUr7C5fpqp8gPvXHmXvponXux:3ntmD5QQD5XC5RqHHXmXvp++x
Yara None matched
VirusTotal Search for analysis
Name 43f8215cba930dfc_rtzreiqvwztx.dll
Submit file
Filepath c:\windows\system32\hgomivzg\rtzreiqvwztx.dll
Size 610.5KB
Processes 2064 (EXCEL.EXE) 2964 (regsvr32.exe)
Type PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5 075796c9e4f880c12a265f1ac6a99a8b
SHA1 7467bc89d4aee5ac1c3f23322200a48d737687cc
SHA256 43f8215cba930dfcec3f2e1b49a6b06522f525aa09ac725399e588d34c0f16cb
CRC32 486B0B2A
ssdeep 12288:+hcyNpc2d8YyI1+ZTk9W2RmZOVu5giuk9HNlBVWuEPSa:WcyN+Yt1+ZTk42Aks5ukTHV
Yara
  • Malicious_Library_Zero - Malicious_Library
  • IsDLL - (no description)
  • PE_Header_Zero - PE File Signature
  • IsPE64 - (no description)
  • Malicious_Packer_Zero - Malicious Packer
VirusTotal Search for analysis
Name d4d7a1be469fa9f6_7j1cl3pj.txt
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Cookies\7J1CL3PJ.txt
Size 87.0B
Processes 2064 (EXCEL.EXE)
Type ASCII text
MD5 0d50804fdbd08cabdc1ffedc73045986
SHA1 42616c8b6903e4a6a7f070442008ebe3e6856aa1
SHA256 d4d7a1be469fa9f625f780814fbf5d6fdc923db87624dd42a5e2b0726daf1b08
CRC32 EC3B44B4
ssdeep 3:YSD14BXoXUqvYTvpUIdxV0UEO2hV0Pv:YwSBYkqvYTvpUIdT0UEOM0X
Yara None matched
VirusTotal Search for analysis
Name e5954efa0adbfa99_b3zr6b5n.txt
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Cookies\B3ZR6B5N.txt
Size 83.0B
Processes 2064 (EXCEL.EXE)
Type ASCII text
MD5 7ff86f7e76cf5f601fe17016ff35760f
SHA1 2a248386a9f2408df003a40ea13624c7b397b05c
SHA256 e5954efa0adbfa99cfca3b424171f4b14659168038b778d3f853fc2d01d36844
CRC32 4047668E
ssdeep 3:YSDCUZVvERw00UQ2ERUIdxV0UnRQkhV0Pv:YwXZFhIX4vdT0U2+0X
Yara None matched
VirusTotal Search for analysis
Name 7546521414be5c77_xskuw.dll
Submit file
Filepath c:\windows\system32\gsfmvcbavaoeoykle\xskuw.dll
Size 610.5KB
Processes 2064 (EXCEL.EXE) 2472 (regsvr32.exe)
Type PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5 0f46346a0ea2eba960754aae2aa7188e
SHA1 c050e8e35ec803fa1b6a517c652e01b7f60be8ff
SHA256 7546521414be5c77a560296cbfc6901f0725f51ca09867b23710d0466d20de8f
CRC32 D6C80C94
ssdeep 12288:+hcyNpc2d8YyI1+ZTk9W2RmZOVu5giuk9HNlBVWuEPSI:WcyN+Yt1+ZTk42Aks5ukTHV
Yara
  • Malicious_Library_Zero - Malicious_Library
  • IsDLL - (no description)
  • PE_Header_Zero - PE File Signature
  • IsPE64 - (no description)
  • Malicious_Packer_Zero - Malicious Packer
VirusTotal Search for analysis