Dropped Files | ZeroBOX

Name	849c3f74e13ecf01_~$tracted_at_0x1bd9e.rtf Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\~$tracted_at_0x1bd9e.rtf
Size	162.0B
Processes	3024 (WINWORD.EXE)
Type	data
MD5	`61a17b7bf6750114cc3e8991a20dbb24`
SHA1	`93782263187eaca872aaac1390126c55bb746c1d`
SHA256	`849c3f74e13ecf01f3935896346001903ccea334e62ea7d5320d1eb4c8ac6f2f`
CRC32	`CF6CC10D`
ssdeep	`3:yW2lWRdvL7YMlbK7g7lxIt50iSjlVtYsl7Xhn:y1lWnlxK7ghqqFYsJxn`
Yara	None matched
VirusTotal	Search for analysis

Name	c1da9597cca50fd3_~wrs{43b0b59b-2b01-4808-bebc-f9dec2429f96}.tmp Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{43B0B59B-2B01-4808-BEBC-F9DEC2429F96}.tmp
Size	58.0B
Processes	3024 (WINWORD.EXE)
Type	data
MD5	`cd9ca374bfb6d17816e4c2da024a4fbe`
SHA1	`fab7c72c3b4669a22efc2ab113931c49caf8f3a4`
SHA256	`c1da9597cca50fd39024eab6a9f48b4668e45925168d8c3c581b15ea1e7e7009`
CRC32	`16E49392`
ssdeep	`3:elTl0lTgPCltPK:el6zl0`
Yara	None matched
VirusTotal	Search for analysis

Name	d516a371b6fc0a52_~$normal.dotm Submit file
Filepath	C:\Users\test22\AppData\Roaming\Microsoft\Templates\~$Normal.dotm
Size	162.0B
Processes	3024 (WINWORD.EXE)
Type	data
MD5	`56a4532b2fc2cf6fd4ec62a29758d231`
SHA1	`60f68bd8ac5b3f7290daa236bebd5f9c0f1510fd`
SHA256	`d516a371b6fc0a5270a1323f271bc2a36bc34f9cf06c783a642020c0da8948c3`
CRC32	`E93E4529`
ssdeep	`3:yW2lWRdvL7YMlbK7g7lxIt50iSjlVtNmk/tyXhn:y1lWnlxK7ghqqFNT/tyxn`
Yara	None matched
VirusTotal	Search for analysis

Name	4826c0d860af884d_~wrs{10b18537-129a-4506-9734-d84d5b7cf6ac}.tmp Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{10B18537-129A-4506-9734-D84D5B7CF6AC}.tmp
Size	1.0KB
Processes	3024 (WINWORD.EXE)
Type	data
MD5	`5d4d94ee7e06bbb0af9584119797b23a`
SHA1	`dbb111419c704f116efa8e72471dd83e86e49677`
SHA256	`4826c0d860af884d3343ca6460b0006a7a2ce7dbccc4d743208585d997cc5fd1`
CRC32	`23C03491`
ssdeep	`3:ol3lYdn:4Wn`
Yara	None matched
VirusTotal	Search for analysis