popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 94f2fca95a67501e_recoverystore.{bd3eecb3-ba49-11ed-ac50-94de278c3274}.dat
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{BD3EECB3-BA49-11ED-AC50-94DE278C3274}.dat
Size 5.0KB
Processes 612 (iexplore.exe)
Type Composite Document File V2 Document, Cannot read section info
MD5 c72ab5f20fa9ff28035392748b307a1e
SHA1 968cf24b44641049628378fcb8bfb6d4099f3a11
SHA256 94f2fca95a67501ef159aa0afb2303aac51157d4867bcfbb0d31c93635a67742
CRC32 9D7DF836
ssdeep 12:rlfF2nxrEg5+IaCrI0CI7eF24cTrEgmZ+IaCrI0CIc8GmRVOeMiqI771NlTqbaxa:rqnx5/fLTG5/k85jBM+NlWzNlWq
Yara
  • Microsoft_Office_File_Zero - Microsoft Office File
VirusTotal Search for analysis
Name 4293c1d8574dc87c_mozi[1].zip
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\mozi[1].zip
Size 132.6KB
Processes 2252 (iexplore.exe)
Type ELF 32-bit MSB executable, MIPS, MIPS-I version 1 (SYSV), statically linked, stripped
MD5 59ce0baba11893f90527fc951ac69912
SHA1 5857a7dd621c4c3ebb0b5a3bec915d409f70d39f
SHA256 4293c1d8574dc87c58360d6bac3daa182f64f7785c9d41da5e0741d2b1817fc7
CRC32 057611CE
ssdeep 3072:phNlHuBafLeBtfCzpta8xlBIOdVo3/4sxLJ10xioP:p3lOYoaja8xzx/0wsxzSi2
Yara
  • SUSP_ELF_LNX_UPX_Compressed_File - Detects a suspicious ELF binary with UPX compression
  • Mozi_botnet_IoT_malware - Mozi botnet IoT malware
  • IsELF - Executable and Linking Format executable file (Linux/Unix)
VirusTotal Search for analysis
Name 9fa280d45e2fc447_{bd3eecb4-ba49-11ed-ac50-94de278c3274}.dat
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{BD3EECB4-BA49-11ED-AC50-94DE278C3274}.dat
Size 4.5KB
Processes 612 (iexplore.exe)
Type Composite Document File V2 Document, Cannot read section info
MD5 7165afbc54eacdcda8ab6020dfa48171
SHA1 8ed391a7198505d0d00c98ea62998df815a1db50
SHA256 9fa280d45e2fc447e6a8bd22fb81857ad6a64cf81b57411636e31144e215135c
CRC32 F13A40C5
ssdeep 12:rlxAFvljrEgm8GL7KFQxrEgm8G77qsANl26abax1NlwfRbaxxtfDTe8:rahG8AxG8mANlIoNlcQtfDTn
Yara
  • Microsoft_Office_File_Zero - Microsoft Office File
VirusTotal Search for analysis