popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 0ed5b0823e71e0e3_590aee7bdd69b59b.customDestinations-ms~RF22752bb.TMP
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-ms~RF22752bb.TMP
Size 7.8KB
Processes 1564 (powershell.exe) 2792 (powershell.exe)
Type data
MD5 f4a8a3e56bca0190031a365f104571cf
SHA1 7a4eac7016b8feca961f757cfe05bfeb4b76c10f
SHA256 0ed5b0823e71e0e3262a8a73ff269499135b20c9c5aa71e34b57a9f43218ed41
CRC32 E95A2C69
ssdeep 96:QtuC6GCPDXBqvsqvJCwoFtuC6GCPDXBqvsEHyqvJCworQStDHXyWlUVul:QtbXoFtbbHnorFTyo
Yara
  • Generic_Malware_Zero - Generic Malware
  • Antivirus - Contains references to security software
VirusTotal Search for analysis
Name 61ad61089cc24900_{319eff42-be1c-11ed-ac50-94de278c3274}.dat
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{319EFF42-BE1C-11ED-AC50-94DE278C3274}.dat
Size 7.0KB
Processes 3068 (iexplore.exe)
Type Composite Document File V2 Document, Cannot read section info
MD5 359f94495d873e2f80772f875f9e5c6a
SHA1 95af389471c4109c08ea419d27c2203fda614e1d
SHA256 61ad61089cc24900dcd01728693c4f21f9897a0981c1b725635328ea26330761
CRC32 50D3C5BC
ssdeep 48:rNGpUK/UwhPRAWvS2z+pZvykhPRAWvJyz+Jz+/z+FEV+5QkbTv2z+Uvyk:C1Oy8Zv12gOWC+5T3yLh
Yara
  • Microsoft_Office_File_Zero - Microsoft Office File
VirusTotal Search for analysis
Name 81702c709b646666_recoverystore.{319eff41-be1c-11ed-ac50-94de278c3274}.dat
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{319EFF41-BE1C-11ED-AC50-94DE278C3274}.dat
Size 4.5KB
Processes 3068 (iexplore.exe)
Type Composite Document File V2 Document, Cannot read section info
MD5 1137685a639a8ef316d7bf3de99a1d2f
SHA1 5046088db40b0f1737c9c57c3a8b56f457f5b4c6
SHA256 81702c709b64666684fdf85c228e4714a68d5a56cb9609494cdbc1342d6bf0ca
CRC32 13BB4340
ssdeep 12:rlfF2qrEg5+IaCrI0F7+F2OrEg5+IaCrI0F7ugQNlTqbax3U2+16NlTqbax3U2+U:rqq5/1O5/3QNlWp2+16NlWp2+1a1
Yara
  • Microsoft_Office_File_Zero - Microsoft Office File
VirusTotal Search for analysis