Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

Dropped Files | ZeroBOX

Name	47c2e00fe0ccc4b1_chrome.lnk Submit file
Filepath	C:\Users\test22\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Chrome.lnk
Size	2.4KB
Processes	2656 (rc.exe)
Type	MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Wed Jan 31 21:43:01 2018, mtime=Wed Jan 31 21:43:01 2018, atime=Tue Jan 23 22:48:00 2018, length=1581912, window=hide
MD5	`1d00f8e270e8cb84c11d8de1a1ab5132`
SHA1	`581f60c7672d2a3a7df5789eea33bf517914954e`
SHA256	`47c2e00fe0ccc4b1cb6d3e093af701204cba35e0f7f1f9156bbc88f01d9837da`
CRC32	`8822B296`
ssdeep	`48:812HzdOHjQvrCUsRymiMVd/KR+d/WWCPQqDqf/d/KRCipAKRKQy/M8I:812IWmyzWIOQ9`
Yara	Lnk_Format_Zero - LNK Format
VirusTotal	Search for analysis

Name	69a6278ae708210c_google chrome.lnk Submit file
Filepath	C:\Users\test22\Desktop\Google Chrome.lnk
Size	2.3KB
Processes	2656 (rc.exe)
Type	MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has command line arguments, Icon number=0, Archive, ctime=Wed Jan 31 21:43:01 2018, mtime=Wed Apr 4 19:59:09 2018, atime=Mon Mar 19 20:59:56 2018, length=1589592, window=hide
MD5	`b0bd4416668cde74b2b5c34f5330da9d`
SHA1	`fd4e973f896236374e725fe8acef80eedb1e4522`
SHA256	`69a6278ae708210c5f03991c3dbc7ddb3196e277cd33206f1762b438d133922a`
CRC32	`2F48F3C7`
ssdeep	`48:8A+z3dOHDQi+Rymi7Vd/KRSCPYqDqf/d/KR+/KRqnyR8I:8fzUH9Znm`
Yara	Lnk_Format_Zero - LNK Format
VirusTotal	Search for analysis

Name	3b85bdeeca0d7b6e_chrome.lnk Submit file
Filepath	C:\Users\test22\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Chrome.lnk
Size	2.5KB
Processes	2656 (rc.exe)
Type	MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Wed Jan 31 21:43:01 2018, mtime=Wed Jan 31 21:43:01 2018, atime=Tue Jan 23 22:48:00 2018, length=1581912, window=hide
MD5	`61e1f8082e1064993694f5e04e2d8d07`
SHA1	`23989c4cb405f686286a8552ae96e83128f8705b`
SHA256	`3b85bdeeca0d7b6e43805f4a6b6a95ff072028ac68cc19355e06791bdeab1683`
CRC32	`D655EEFC`
ssdeep	`48:812j3dOHjQ1P0UsRymiMLd/KR+d/WWCPQqDqf/d/KRCipAKRKxyqE98I:8124NyNWIOxCp`
Yara	Lnk_Format_Zero - LNK Format
VirusTotal	Search for analysis

Name	8ca2b0968108ee76_Chrome.lnk Submit file
Filepath	C:\Users\test22\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Chrome.lnk
Size	2.2KB
Type	MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working directory, Icon number=0, Archive, ctime=Wed Jan 31 21:43:01 2018, mtime=Wed Jan 31 21:43:01 2018, atime=Tue Jan 23 22:48:00 2018, length=1581912, window=hide
MD5	`87cc25993c1253fb0ecb90df60aece7e`
SHA1	`8891412b50697d314a3f30c2e98c38c88ba7c3d7`
SHA256	`8ca2b0968108ee7653b4d864f9a00fbea4fa89e0103318d66a58bbdf8fed3a3d`
CRC32	`364DFF61`
ssdeep	`48:8V2j3dOHjQ1P0UsRymiM/d/KR+d/Md/KRCipAKRKxyqE98I:8V24NyyOxCp`
Yara	Lnk_Format_Zero - LNK Format
VirusTotal	Search for analysis

Name	23bca46a90ccc580_Chrome.lnk Submit file
Filepath	C:\Users\test22\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Chrome.lnk
Size	2.2KB
Type	MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working directory, Icon number=0, Archive, ctime=Wed Jan 31 21:43:01 2018, mtime=Wed Jan 31 21:43:01 2018, atime=Tue Jan 23 22:48:00 2018, length=1581912, window=hide
MD5	`99da45a75af311b9cad3531c6784a704`
SHA1	`ad2fff6c65be66806827b986f766c1f252b55f95`
SHA256	`23bca46a90ccc580b5aa2d61b116193351ff607decbd97cd5885a851bcb6c65d`
CRC32	`72A92558`
ssdeep	`48:8V2HzdOHjQvrCUsRymiMVd/KR+d/Md/KRCipAKRKQy/M8I:8V2IWmyUOQ9`
Yara	Lnk_Format_Zero - LNK Format
VirusTotal	Search for analysis

Name	a36f1ac32942455f_main.js Submit file
Filepath	C:\Users\test22\AppData\Roaming\extension_chrome\main.js
Size	174.0B
Processes	2656 (rc.exe)
Type	ASCII text, with CRLF line terminators
MD5	`101da414c759e49091ed4c7c393e4b88`
SHA1	`ca66105564379ea52890b55364f61d6d967facce`
SHA256	`a36f1ac32942455f7f16f3ac4ce90b91c504a82c22f9d529e0ba7bf64a24b757`
CRC32	`8AAFF6CD`
ssdeep	`3:qQAFY+RyRmgO9lNF4MoLTauQh7N5XRWpGxToLj99LR20gJYRWNtAoHrGEOPTTaA5:qQAFl8mgO9lXmTxAN5BzxM99LbDRWNtG`
Yara	None matched
VirusTotal	Search for analysis

Name	52e7a136a4f39bb8_manifest.json Submit file
Filepath	C:\Users\test22\AppData\Roaming\extension_chrome\manifest.json
Size	614.0B
Processes	2656 (rc.exe)
Type	ASCII text, with CRLF line terminators
MD5	`0688a45c7472ba90c4acbd8a4fbc928a`
SHA1	`0f6f86ebac77f35cf2b8f3bb2595597bc786de6b`
SHA256	`52e7a136a4f39bb826f30f5c89c6fa28ca9945acefc775068a39d21328e47275`
CRC32	`546451EE`
ssdeep	`12:kX18KplmHMxADHW8+8QGmLzwpR2uW7WRABIFdF8e/3Y:81vplmit8+8tO8pR2uWiABQme/o`
Yara	None matched
VirusTotal	Search for analysis

Name	a7929366648541bd_background.js Submit file
Filepath	C:\Users\test22\AppData\Roaming\extension_chrome\background.js
Size	2.6KB
Processes	2656 (rc.exe)
Type	ASCII text, with CRLF line terminators
MD5	`6200ca0889334cfb6aec68e0d16ec1ae`
SHA1	`484b2db1bccfcd5a683faf4d4fe9bc4a26b669fd`
SHA256	`a7929366648541bdbc0770e2e46c396c1febabab88fb6f9399706f7faceef18a`
CRC32	`5C41CB04`
ssdeep	`48:kZ7zT8Hlp1ogoVsE4CvLMn1IsUtoAwCLZ6KLsun/7Z08wHjT7v:nnoa1tUtoADZ6KLsYmHjTr`
Yara	None matched
VirusTotal	Search for analysis

Name	1b891114519885e8_chrome.lnk Submit file
Filepath	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chrome.lnk
Size	2.4KB
Processes	2656 (rc.exe)
Type	MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Wed Jan 31 21:43:01 2018, mtime=Wed Apr 4 19:59:09 2018, atime=Mon Mar 19 20:59:56 2018, length=1589592, window=hide
MD5	`7228771d79fea293f29dc4a61e0dcbb8`
SHA1	`5f3f06daa38b7f0d9d78975f7ed7e8735b74a1f1`
SHA256	`1b891114519885e857ebb476e3c91e5863f19f99c170443776f8b47dd7746c34`
CRC32	`BD716E67`
ssdeep	`48:8Q+zmmdOHDQHvRymiM/d/KR+d/WWCPQqDqf/d/KRCipAKRKfE98I:8vzmnnxWIO8p`
Yara	Lnk_Format_Zero - LNK Format
VirusTotal	Search for analysis

Name	068099d8a73d2fef_Chrome.lnk Submit file
Filepath	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chrome.lnk
Size	2.1KB
Type	MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working directory, Icon number=0, Archive, ctime=Wed Jan 31 21:43:01 2018, mtime=Wed Apr 4 19:59:09 2018, atime=Mon Mar 19 20:59:56 2018, length=1589592, window=hide
MD5	`618735b9664ad764001cfa9a86dd4c24`
SHA1	`ed5430c617d3e091f154a4e78213102c0e7b91e5`
SHA256	`068099d8a73d2fef998119f07767d58b9f0c99b8690d0a35289956533542fc73`
CRC32	`968E65C7`
ssdeep	`48:8w+zmmdOHDQHvRymiM/d/KR+d/Md/KRCipAKRKfE98I:8PzmnnyO8p`
Yara	Lnk_Format_Zero - LNK Format
VirusTotal	Search for analysis

Name	f24438de391eac0b_rc.exe Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\rc.exe
Size	141.5KB
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`50e9958bb2a5b6ae6ed8da1b1d97a5bb`
SHA1	`afd7485b1313cc54c321cc18c4b1c19e5ae415af`
SHA256	`f24438de391eac0b538c0f2f19697daeace979bf8657a8bcc74db6cb4ecb52c5`
CRC32	`B89CCE08`
ssdeep	`3072:ca+7cuLPeNoqEcBwokMUHb8uwX6SVjfLq3fNh9kPfe3:ca0vL2HEcmokbzEVzeVgfe3`
Yara	UPX_Zero - UPX packed file Malicious_Library_Zero - Malicious_Library OS_Processor_Check_Zero - OS Processor Check IsPE32 - (no description) PE_Header_Zero - PE File Signature
VirusTotal	Search for analysis

Name	d37fcb160d37cfdd_settings.dat Submit file
Filepath	C:\Users\test22\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
Size	40.0B
Processes	3004 (chrome.exe)
Type	data
MD5	`a3122d4670c51912628b97bdd6fffb80`
SHA1	`45d2e3060e09f46071125d6125983c81ae4970a1`
SHA256	`d37fcb160d37cfddefea794094044b7e588d44c4883c72ba0ef1503e5f9c7d59`
CRC32	`77809701`
ssdeep	`3:FkXD3WyqUm:+ix`
Yara	None matched
VirusTotal	Search for analysis