Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
11.18 02:11
DOCTOR FIRM ORDER FORM...
11.18 09:11
babababa.exe
11.18 09:11
Jagtfalkenes.vbs
11.18 09:11
windows_update.dll
11.18 09:11
nicko.exe
11.18 09:11
GHO%E9%95%9C%E5%83%8F%...
11.18 09:11
stories.exe
11.17 10:11
wwbizsrvs.exe
11.15 01:11
wwbizsrvs.exe
11.15 01:11
op.exe

Latest News
11.18 05:11
Strela: A newcomer in ...
11.18 05:11
A week in security (No...
11.18 05:11
A week in security (No...
11.18 04:11
카페 어니언과 함께하는 2025 코리아브...
11.18 04:11
Singapore Oil Tycoon O...
11.18 04:11
Exploit attempts for u...
11.18 04:11
NSO Group Exploited Wh...
11.18 03:11
대한민국 전통가마 연구소 ‘태고사’ 20...
11.18 03:11
더 청담, '2024 전통문화혁신사업 수...
11.18 03:11
동방이기제작소, '2024 전통문화혁신사...

Dropped Files | ZeroBOX

Name	2a6a3a66e401a97a_recoverystore.{d9e22c5f-d02d-11ed-948e-94de278c3274}.dat Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{D9E22C5F-D02D-11ED-948E-94DE278C3274}.dat
Size	4.5KB
Processes	2728 (iexplore.exe)
Type	Composite Document File V2 Document, Cannot read section info
MD5	`635c85e80ecce86321147017082d7b77`
SHA1	`6bd45891c0c10652d96f772d7345e7d205d37398`
SHA256	`2a6a3a66e401a97a0ea4b1fd339b5b06be3bbb75489886fc4220376337f50c38`
CRC32	`6F1A35C6`
ssdeep	`12:rlfF2gHrEg5+IaCrI0F7+F2TQrEg5+IaCrI0F7ugQNlTqbaxOANlTqbaxuS:rqgH5/1k5/3QNlW2NlW`
Yara	Microsoft_Office_File_Zero - Microsoft Office File
VirusTotal	Search for analysis

Name	4e378cd382c3a16b_identify[1].htm Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\identify[1].htm
Size	6.6KB
Processes	2812 (iexplore.exe)
Type	XML 1.0 document, UTF-8 Unicode text, with very long lines
MD5	`07658ac222f90a76f5c6a5fa82e6269c`
SHA1	`1d9042a080f6b3b860b291b1581d31034ab33b33`
SHA256	`4e378cd382c3a16b131bccad6618ec5d3229d2b4bba83e26af697ea46646a677`
CRC32	`8FC9B0E4`
ssdeep	`96:vUwPIsrFm7sTIaBPhvXdxBPEw1Go6GW0r7ymTBnoIJ63AziINB0ouChAhgjU:vHtIaHJsVoJjy8noIkQzRL0otO`
Yara	None matched
VirusTotal	Search for analysis

Name	c636a92a12eb3362_favicon[5].png Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\favicon[5].png
Size	5.3KB
Processes	2812 (iexplore.exe)
Type	MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
MD5	`de76b0c210c815ef282d5b59de8a0567`
SHA1	`023038e2dfd649047be4fbba79c78dd80bc4cd90`
SHA256	`c636a92a12eb33629e6dcadc67e49651ac54e8f3b18a03c805668505f05c885a`
CRC32	`D599B0CD`
ssdeep	`96:fkb03+8ItBBBuxc+6QQQQQiRRRRRRRRRRJJO9P111118B:cucjRRRRRRRRRRi90`
Yara	icon_file_format - icon file format
VirusTotal	Search for analysis

Name	b1733e3fc609941a_2xs6jaqwoal[1].png Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\2xs6jaqwoaL[1].png
Size	13.3KB
Processes	2812 (iexplore.exe)
Type	PNG image data, 301 x 1208, 8-bit colormap, non-interlaced
MD5	`e4442ca22fee86bc5cc7fdfe28093789`
SHA1	`93cdd53ce314ffead6435fad78313381f00f1527`
SHA256	`b1733e3fc609941a74de9c53b960b1de453ec0d26d266ecdd4cf93abe2cf0365`
CRC32	`BDD9E734`
ssdeep	`384:LvgXbYZatJzpGDRq2pFPgtJ8r7WUuiuTQFS80:LgXMs3ITQJdTl80`
Yara	PNG_Format_Zero - PNG Format
VirusTotal	Search for analysis

Name	548f2d6f4d0d820c_hsts-pixel[1].gif Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BYECVYBT\hsts-pixel[1].gif
Size	43.0B
Processes	2812 (iexplore.exe)
Type	GIF image data, version 89a, 1 x 1
MD5	`df3e567d6f16d040326c7a0ea29a4f41`
SHA1	`ea7df583983133b62712b5e73bffbcd45cc53736`
SHA256	`548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87`
CRC32	`AB68BD76`
ssdeep	`3:CU9yltxlHh/:m/`
Yara	None matched
VirusTotal	Search for analysis

Name	e0ff2e0f45b6ac64_k97pj8-or6s[1].png Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\k97pj8-or6s[1].png
Size	809.0B
Processes	2812 (iexplore.exe)
Type	PNG image data, 77 x 16, 8-bit gray+alpha, non-interlaced
MD5	`65f2f1eb5798b53c504ed8de3d90c958`
SHA1	`2ee3007e36e6babdf0448cd51b6ac2f7aa31814c`
SHA256	`e0ff2e0f45b6ac64540fe750795196238188e4e3a5ae9138318dd555b23a2eae`
CRC32	`F5C28033`
ssdeep	`24:3gx5d5wCKQJ6voWa9nXL/Z03VwDd0Tmt2pGppfSaY3s:Qx5cfQB7RSlKt/76aY3s`
Yara	PNG_Format_Zero - PNG Format
VirusTotal	Search for analysis

Name	745f1c4a12bce7d7_{d9e22c60-d02d-11ed-948e-94de278c3274}.dat Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{D9E22C60-D02D-11ED-948E-94DE278C3274}.dat
Size	7.0KB
Processes	2728 (iexplore.exe)
Type	Composite Document File V2 Document, Cannot read section info
MD5	`2ec5688ba47b409df0c36aff848528b5`
SHA1	`177c8731422b91e44106a2ebf57e0cb8b4c72c45`
SHA256	`745f1c4a12bce7d7997c17e95bf507609a866fb47749570803bbd7c936aff725`
CRC32	`4C57753D`
ssdeep	`96:jETkfT77f8xJWyC90ZTgTWTofT77MJWYTvsZJW1+:jgsTXNyy0tEygTz8l4`
Yara	Microsoft_Office_File_Zero - Microsoft Office File
VirusTotal	Search for analysis

Name	041e2b2262922194_jrv53zbe.txt Submit file
Filepath	C:\Users\test22\AppData\Roaming\Microsoft\Windows\Cookies\JRV53ZBE.txt
Size	91.0B
Processes	2812 (iexplore.exe)
Type	ASCII text
MD5	`0cbda12e79fc1e3675c2d7b9deaca52d`
SHA1	`ebf2a2781744f5af5272311785d29f252db4620e`
SHA256	`041e2b2262922194fa03be73f9051e9e4710dff5c1cec6c5509247516a654579`
CRC32	`55C61F90`
ssdeep	`3:B8dS083ENphSXbXRZc/v/USYWURvXn:B8dSKrSXbBZc/v/UStEXn`
Yara	None matched
VirusTotal	Search for analysis