Dropped Files | ZeroBOX

Name	aa71723e37ccc4d4_~$tracted_at_0x21f74.rtf Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\~$tracted_at_0x21f74.rtf
Size	162.0B
Processes	1648 (WINWORD.EXE)
Type	data
MD5	`9f262e38983ef8825d6ce4b1f5ae86b1`
SHA1	`6c26cf369b67372b6f8541a1c373eb55ab12cb7e`
SHA256	`aa71723e37ccc4d4e3033f5bd5bbec782eb1bb14815b4ee01c4c4aeaa3acdde4`
CRC32	`5262326B`
ssdeep	`3:yW2lWRdBVttiyW6L7WPnjTK72IPhglFItMFtdx:y1lWVVtQyWm6PXK72IP2lWMFZ`
Yara	None matched
VirusTotal	Search for analysis

Name	f04f0488310e6b24_~wrs{f5717022-49c2-4d0e-a626-69025836dd8c}.tmp Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{F5717022-49C2-4D0E-A626-69025836DD8C}.tmp
Size	14.0B
Processes	1648 (WINWORD.EXE)
Type	data
MD5	`ea5668af956fb6a8853d22d53389144e`
SHA1	`77749b94b9388fd3e7d637bd1ad54843b852b9cf`
SHA256	`f04f0488310e6b2470171b56d23a8edc266be909c70e7783cfb7a18136454706`
CRC32	`2E3EED90`
ssdeep	`3:KlrMM:+rMM`
Yara	None matched
VirusTotal	Search for analysis

Name	f9c71709e1d03100_~$normal.dotm Submit file
Filepath	C:\Users\test22\AppData\Roaming\Microsoft\Templates\~$Normal.dotm
Size	162.0B
Processes	1648 (WINWORD.EXE)
Type	data
MD5	`4cfbfc6188eb709c90ff62e36912d068`
SHA1	`a82b41215d068940d677d671dd78eac29888b46d`
SHA256	`f9c71709e1d0310071c5c0a3454a45a2f221f07e88bc225161bc873f9ee27d9c`
CRC32	`ADD2BDC2`
ssdeep	`3:yW2lWRdBVttiyW6L7WPnjTK72IPhglFItMFtdrl:y1lWVVtQyWm6PXK72IP2lWMFjl`
Yara	None matched
VirusTotal	Search for analysis

Name	4826c0d860af884d_~wrs{31d3564d-5cdc-4ae5-9630-1138e3515487}.tmp Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{31D3564D-5CDC-4AE5-9630-1138E3515487}.tmp
Size	1.0KB
Processes	1648 (WINWORD.EXE)
Type	data
MD5	`5d4d94ee7e06bbb0af9584119797b23a`
SHA1	`dbb111419c704f116efa8e72471dd83e86e49677`
SHA256	`4826c0d860af884d3343ca6460b0006a7a2ce7dbccc4d743208585d997cc5fd1`
CRC32	`23C03491`
ssdeep	`3:ol3lYdn:4Wn`
Yara	None matched
VirusTotal	Search for analysis