Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

Dropped Files | ZeroBOX

Name	fb7aaf7a7bdf3d31_recoverystore.{e0704085-d031-11ed-948e-94de278c3274}.dat Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{E0704085-D031-11ED-948E-94DE278C3274}.dat
Size	4.5KB
Processes	2620 (iexplore.exe)
Type	Composite Document File V2 Document, Cannot read section info
MD5	`62db13a05c30c79cc63c0b4f4fe10ade`
SHA1	`7450f736dcd56d593a3af4ea7e069ac5db480fb8`
SHA256	`fb7aaf7a7bdf3d3130238c70afbfce2557c564e726828b0abd55013c7ddfecb9`
CRC32	`56599FC5`
ssdeep	`12:rlfF2XRQrEg5+IaCrI0F7+F24arEg5+IaCrI0F7ugQNlTqbaxUNlTqbax:rqBQ5/1x5/3QNlWVNlW`
Yara	Microsoft_Office_File_Zero - Microsoft Office File
VirusTotal	Search for analysis

Name	c636a92a12eb3362_favicon[5].png Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\favicon[5].png
Size	5.3KB
Processes	2704 (iexplore.exe)
Type	MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
MD5	`de76b0c210c815ef282d5b59de8a0567`
SHA1	`023038e2dfd649047be4fbba79c78dd80bc4cd90`
SHA256	`c636a92a12eb33629e6dcadc67e49651ac54e8f3b18a03c805668505f05c885a`
CRC32	`D599B0CD`
ssdeep	`96:fkb03+8ItBBBuxc+6QQQQQiRRRRRRRRRRJJO9P111118B:cucjRRRRRRRRRRi90`
Yara	icon_file_format - icon file format
VirusTotal	Search for analysis

Name	7e41f11fd8a5a2db_{e0704086-d031-11ed-948e-94de278c3274}.dat Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{E0704086-D031-11ED-948E-94DE278C3274}.dat
Size	7.0KB
Processes	2620 (iexplore.exe)
Type	Composite Document File V2 Document, Cannot read section info
MD5	`49a5cd8f9c19525bfdb9b28de515a6e3`
SHA1	`0bb384f1c0e3f790d5a88b1c449eeda73ca2d1cf`
SHA256	`7e41f11fd8a5a2db9a0456e0c7a379a6a7bccd9914463f2036760841ca5c0cf0`
CRC32	`C7A5A38D`
ssdeep	`96:nETkfT77f8xJWyC90ZTgTWTofT77MJWYTvEZJW1+:ngsTXNyy0tEygTz8d4`
Yara	Microsoft_Office_File_Zero - Microsoft Office File
VirusTotal	Search for analysis

Name	522789c96e714d92_r73mpu9f.txt Submit file
Filepath	C:\Users\test22\AppData\Roaming\Microsoft\Windows\Cookies\R73MPU9F.txt
Size	91.0B
Processes	2704 (iexplore.exe)
Type	ASCII text
MD5	`902e86e269fe1a2414dfa3095ce8491c`
SHA1	`348670fc4e860f2ec0d8fce8cd6f4e6d13d4b918`
SHA256	`522789c96e714d92561d9bfb06247041f24882415dd361bd3f6aabfed8c65b80`
CRC32	`A475B675`
ssdeep	`3:7JJyRzvDvAHKhSXbXQcIddv5q5vZiin:7JJyRzc2SXb5I3hE3n`
Yara	None matched
VirusTotal	Search for analysis

Name	0572ef2085fd37a8_identify[1].htm Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\identify[1].htm
Size	6.6KB
Processes	2704 (iexplore.exe)
Type	XML 1.0 document, UTF-8 Unicode text, with very long lines
MD5	`698761c284fdba63d1dae08b45425361`
SHA1	`be240ec53338bb809466f049875addd07df3a892`
SHA256	`0572ef2085fd37a86b372355c7e4cbfde2d044666e7072bcc577065f15b0b924`
CRC32	`558FD599`
ssdeep	`96:vawPIsrFm7sTIaBPhvXdxBPEw1Go6GW0r7ymTBnoIJ6YAzCINB0ouChAhgjU:vZtIaHJsVoJjy8noIkFzxL0otO`
Yara	None matched
VirusTotal	Search for analysis

Name	b1733e3fc609941a_2xs6jaqwoal[1].png Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\2xs6jaqwoaL[1].png
Size	13.3KB
Processes	2704 (iexplore.exe)
Type	PNG image data, 301 x 1208, 8-bit colormap, non-interlaced
MD5	`e4442ca22fee86bc5cc7fdfe28093789`
SHA1	`93cdd53ce314ffead6435fad78313381f00f1527`
SHA256	`b1733e3fc609941a74de9c53b960b1de453ec0d26d266ecdd4cf93abe2cf0365`
CRC32	`BDD9E734`
ssdeep	`384:LvgXbYZatJzpGDRq2pFPgtJ8r7WUuiuTQFS80:LgXMs3ITQJdTl80`
Yara	PNG_Format_Zero - PNG Format
VirusTotal	Search for analysis

Name	548f2d6f4d0d820c_hsts-pixel[1].gif Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BYECVYBT\hsts-pixel[1].gif
Size	43.0B
Processes	2704 (iexplore.exe)
Type	GIF image data, version 89a, 1 x 1
MD5	`df3e567d6f16d040326c7a0ea29a4f41`
SHA1	`ea7df583983133b62712b5e73bffbcd45cc53736`
SHA256	`548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87`
CRC32	`AB68BD76`
ssdeep	`3:CU9yltxlHh/:m/`
Yara	None matched
VirusTotal	Search for analysis

Name	e0ff2e0f45b6ac64_k97pj8-or6s[1].png Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\k97pj8-or6s[1].png
Size	809.0B
Processes	2704 (iexplore.exe)
Type	PNG image data, 77 x 16, 8-bit gray+alpha, non-interlaced
MD5	`65f2f1eb5798b53c504ed8de3d90c958`
SHA1	`2ee3007e36e6babdf0448cd51b6ac2f7aa31814c`
SHA256	`e0ff2e0f45b6ac64540fe750795196238188e4e3a5ae9138318dd555b23a2eae`
CRC32	`F5C28033`
ssdeep	`24:3gx5d5wCKQJ6voWa9nXL/Z03VwDd0Tmt2pGppfSaY3s:Qx5cfQB7RSlKt/76aY3s`
Yara	PNG_Format_Zero - PNG Format
VirusTotal	Search for analysis