popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 5d4425ccfeddf59e_{bdbd4956-ba49-11ed-ac50-94de278c3274}.dat
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{BDBD4956-BA49-11ED-AC50-94DE278C3274}.dat
Size 4.5KB
Processes 2024 (iexplore.exe)
Type Composite Document File V2 Document, Cannot read section info
MD5 3e0d28080feabde576a28185c2836f6a
SHA1 600e3a0a9ddf701a8ea8791b398bd1cabc961c10
SHA256 5d4425ccfeddf59e218f95befc2330685b09fff50c1dc6ee6e129739c1575b9d
CRC32 0E1AE110
ssdeep 12:rlxAF0ljrEgm8GL7KFkfDrEgm8GD7qsLNl26abax1NlIfRbax1cuGPxc:rxhG8cG8+LNlIoNlE9uc
Yara
  • Microsoft_Office_File_Zero - Microsoft Office File
VirusTotal Search for analysis
Name cbf2b6841b31eb52_handdiy_3[1].exe
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\handdiy_3[1].exe
Size 1.4MB
Processes 2036 (iexplore.exe)
Type PE32 executable (GUI) Intel 80386, for MS Windows
MD5 f48570526e4923521a63c718ea4a15d3
SHA1 ce2b2aba350b1750249a44d90e13673670348a70
SHA256 cbf2b6841b31eb52fc1bdc23e9559c2e0b635f4e0d1955728a2788b359caec50
CRC32 4885E901
ssdeep 24576:YGU0HpRGUYHKaPUM0Hqy69NgA+iVvRuPpND5TqJ6y5eXt7dRnb5hqSY:DpEUIvU0N9jkpjweXt77b5kF
Yara
  • Malicious_Packer_Zero - Malicious Packer
  • OS_Processor_Check_Zero - OS Processor Check
  • Win32_Trojan_Gen_2_0904B0_Zero - Win32 Trojan Gen
  • Credential_User_Data_Check_Zero - Credential User Data Check
  • SQLite_cookies_Check_Zero - SQLite Cookie Check... select
  • UPX_Zero - UPX packed file
  • IsPE32 - (no description)
  • PE_Header_Zero - PE File Signature
  • Malicious_Library_Zero - Malicious_Library
  • Trojan_PWS_Stealer_1_Zero - Trojan.PWS.Stealer Zero
VirusTotal Search for analysis
Name 4476d1e1dcfb5bc1_recoverystore.{bdbd4955-ba49-11ed-ac50-94de278c3274}.dat
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{BDBD4955-BA49-11ED-AC50-94DE278C3274}.dat
Size 5.0KB
Processes 2024 (iexplore.exe)
Type Composite Document File V2 Document, Cannot read section info
MD5 2cf0c21436fbf0d0d8e083907891aac8
SHA1 6e0e708d2553743d8ebc9037601f71bf5e58d843
SHA256 4476d1e1dcfb5bc12360eb0f77422ac9d19b1f7bb99870ab15d5e3f10c6f55c5
CRC32 495BD232
ssdeep 24:rqc5/fwSiTG5/k85jBM+NlWN7iUNlWN3+x:r55eG5cojBSN7i5N3+x
Yara
  • Microsoft_Office_File_Zero - Microsoft Office File
VirusTotal Search for analysis