popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 0b8607fdf72f3e65_cookies.sqlite
Submit file
Filepath C:\Users\test22\AppData\Roaming\2din22fj.2na\Firefox\Profiles\1pfa5s83.default-release\cookies.sqlite
Size 96.0KB
Type SQLite 3.x database, user version 12, last written using SQLite version 3038003
MD5 d367ddfda80fdcf578726bc3b0bc3e3c
SHA1 23fcd5e4e0e5e296bee7e5224a8404ecd92cf671
SHA256 0b8607fdf72f3e651a2a8b0ac7be171b4cb44909d76bb8d6c47393b8ea3d84a0
CRC32 842B3569
ssdeep 12:DQAwfWk73Fmdmc/OPVJXfPNn43etRRfYR5O8atLqxeYaNcDakMG/lO:DQAwff32mNVpP965Ra8KN0MG/lO
Yara None matched
VirusTotal Search for analysis
Name edb006e05cfa8501_Cookies
Submit file
Filepath C:\Users\test22\AppData\Roaming\2din22fj.2na\Chrome\Default\Cookies
Size 36.0KB
Type SQLite 3.x database, last written using SQLite version 3033000
MD5 3f5ca3e29b1b60e298aeca0a32164c03
SHA1 f9b5ee59c31a3b06a6b8e476b22d2d7cf1fa8b66
SHA256 edb006e05cfa85015aa76c758d6298c279fd318cff0dbb286927c7ad45105488
CRC32 E1ACA097
ssdeep 24:TL2C0RlPbXaFpEO5bNmISHdL6UwcOxvo5:TYLOpEO5J/KdGU1Eo5
Yara None matched
VirusTotal Search for analysis
Name 75afd3884d048eb9_osejwqtr.p
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\osejwqtr.p
Size 266.1KB
Processes 1940 (foktdy.exe)
Type data
MD5 1787eb0c2be283b7e98010b7b754ca2a
SHA1 f2d005c5bd3cbecb37df2638725b06850a7190ff
SHA256 75afd3884d048eb907183ef498c4e80634f14e0fe67ffd26863479977781fed0
CRC32 A750FB9D
ssdeep 6144:7uZNiLAF1gTCqb8xE3okecdI2DqGUVFlk5Ck9KMlz:yriWhS3njDuxkT1t
Yara None matched
VirusTotal Search for analysis
Name e4efde914404f84a_klhjpztqx.cel
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\klhjpztqx.cel
Size 7.5KB
Processes 1940 (foktdy.exe)
Type data
MD5 fb2243fa614568d10cdb2404422045f3
SHA1 13bf462e17276baa05bb7bd035d017f6e63a4e3a
SHA256 e4efde914404f84a6385ffae599976779336d44fb7ad28b5f5369e0e30a50e1e
CRC32 57B4DF4E
ssdeep 192:darcitQvArWiPv61b9Lzp7gFKBN/Ha0Tm6S4Yw1sNI:uCYrNPv6JYFKBNfa0T1S4vs+
Yara None matched
VirusTotal Search for analysis
Name 88f9dc0b9a633e43_cookies.sqlite
Submit file
Filepath C:\Users\test22\AppData\Roaming\2din22fj.2na\Thunderbird\Profiles\g8t0pe67.default-release\cookies.sqlite
Size 512.0KB
Type SQLite 3.x database, user version 11, last written using SQLite version 3031001
MD5 dd47ebe6866ad2ab59d0caa1de28d09e
SHA1 afdf6eb7a01bb7ef4c9d768b65abbbeae5ba2663
SHA256 88f9dc0b9a633e43c6d2c6fae136e782c15aa38c1601dcff948987f1c2a391c3
CRC32 8DEE9EEA
ssdeep 24:DQHtJl32mNVpP965hKN0MG/lZpNjCKRIaU5BnCMOkC0JCpL3FYay:DQfrbWTTTqtStLm
Yara None matched
VirusTotal Search for analysis
Name e3b0c44298fc1c14_nsaBCE2.tmp
Empty file or file not found
Filepath C:\Users\test22\AppData\Local\Temp\nsaBCE2.tmp
Size 0.0B
Type empty
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
CRC32 00000000
ssdeep 3::
Yara None matched
VirusTotal Search for analysis
Name 76315271eba51034_foktdy.exe
Submit file
Filepath C:\Users\test22\AppData\Roaming\duqaj\foktdy.exe
Size 361.5KB
Processes 1680 (qmcho.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 051384be7daac29913f98832fb8b1060
SHA1 cf44e1a5c6ee62ab802cbfe656298887424a876a
SHA256 76315271eba510343d58ce2a7be5e5a9006cf20e7b09fadf02868e73ff659955
CRC32 B380A6D3
ssdeep 6144:XWYtu0D9bhoKSoj/QED03mc8+z1zQpb+g4keMF:XWYI0D9bhoK1j/HD03n1zvAF
Yara
  • IsPE32 - (no description)
  • OS_Processor_Check_Zero - OS Processor Check
  • PE_Header_Zero - PE File Signature
  • Malicious_Library_Zero - Malicious_Library
  • UPX_Zero - UPX packed file
VirusTotal Search for analysis