Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
11.18 02:11
DOCTOR FIRM ORDER FORM...
11.18 09:11
babababa.exe
11.18 09:11
Jagtfalkenes.vbs
11.18 09:11
windows_update.dll
11.18 09:11
nicko.exe
11.18 09:11
GHO%E9%95%9C%E5%83%8F%...
11.18 09:11
stories.exe
11.17 10:11
wwbizsrvs.exe
11.15 01:11
wwbizsrvs.exe
11.15 01:11
op.exe

Latest News
11.18 05:11
Strela: A newcomer in ...
11.18 05:11
A week in security (No...
11.18 05:11
A week in security (No...
11.18 04:11
카페 어니언과 함께하는 2025 코리아브...
11.18 04:11
Singapore Oil Tycoon O...
11.18 04:11
Exploit attempts for u...
11.18 04:11
NSO Group Exploited Wh...
11.18 03:11
대한민국 전통가마 연구소 ‘태고사’ 20...
11.18 03:11
더 청담, '2024 전통문화혁신사업 수...
11.18 03:11
동방이기제작소, '2024 전통문화혁신사...

Dropped Files | ZeroBOX

Name	340c8464c2007ce3_cred64.dll Submit file
Filepath	C:\Users\test22\AppData\Roaming\a091ec0a6e2227\cred64.dll
Size	162.0B
Processes	2180 (oneetx.exe)
Type	HTML document, ASCII text, with CRLF line terminators
MD5	`1b7c22a214949975556626d7217e9a39`
SHA1	`d01c97e2944166ed23e47e4a62ff471ab8fa031f`
SHA256	`340c8464c2007ce3f80682e15dfafa4180b641d53c14201b929906b7b0284d87`
CRC32	`CC58D737`
ssdeep	`3:qVoB3tURObOb0qHXboAcMBXqWrKb0GklIVLLPROZ/eIwcWWGu:q43tIkObRHXiMIWObtklI5LPROeIpfGu`
Yara	None matched
VirusTotal	Search for analysis

Name	e3b0c44298fc1c14_t40qOrtfDw5JAOa.exe Empty file or file not found
Filepath	C:\Users\test22\AppData\Local\Temp\1000015001\t40qOrtfDw5JAOa.exe
Size	0.0B
Type	empty
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
CRC32	`00000000`
ssdeep	`3::`
Yara	None matched
VirusTotal	Search for analysis

Name	865d5dd81f34540c_clip64.dll Submit file
Filepath	C:\Users\test22\AppData\Roaming\a091ec0a6e2227\clip64.dll
Size	89.0KB
Processes	2180 (oneetx.exe)
Type	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5	`dddb7f44df311203facdf9bb248f80ad`
SHA1	`a25e8a78fc5d298c8605180a1296300f4e2827d0`
SHA256	`865d5dd81f34540c2a931aec5a5280571a7c910fb6dde4b174756d4ba3fbd38d`
CRC32	`0181535B`
ssdeep	`1536:Oo4NPCKLbqoYkbpplW9YoUsxXzbcouNhj2ZszsWuKcdJU6paB89p:OoUCWbBNpplToUs1uNhj25LJUaaB89p`
Yara	UPX_Zero - UPX packed file Malicious_Library_Zero - Malicious_Library OS_Processor_Check_Zero - OS Processor Check IsDLL - (no description) IsPE32 - (no description) Admin_Tool_IN_Zero - Admin Tool Sysinternals PE_Header_Zero - PE File Signature
VirusTotal	Search for analysis

Name	7d78eaf93743bb0b_oneetx.exe Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\5cb6818d6c\oneetx.exe
Size	229.0KB
Processes	3004 (y42DC44.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`95de8905bfbec3ab00a00d6d6213e2c5`
SHA1	`94782ede1691863afd80c833c67ffc9aecf29ad7`
SHA256	`7d78eaf93743bb0b238636c2ee65fe5ea5bbea2ebe7ebde270a9e76106fd11fa`
CRC32	`AA52BD5C`
ssdeep	`6144:DSF1gG75tJMUFUVNfzAKFiuFSJoZAEDe:GhaU6bguFSyZI`
Yara	UPX_Zero - UPX packed file Malicious_Library_Zero - Malicious_Library OS_Processor_Check_Zero - OS Processor Check Malicious_Packer_Zero - Malicious Packer IsPE32 - (no description) PE_Header_Zero - PE File Signature
VirusTotal	Search for analysis

Name	1cc41323330fc929_cc.exe Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\1000003001\cc.exe
Size	275.0KB
Processes	2180 (oneetx.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`35d54c279cf89b4a1e91f1e49a7c7396`
SHA1	`83ad0f751d6e2ab339d8ddf1f28ddc917bf22d79`
SHA256	`1cc41323330fc929b82e88f8c86f2424e34334415db018d48cede7e34672939e`
CRC32	`575A9763`
ssdeep	`6144:CYUAz9l1Yz+NJS4IwDpT36G3yaPCDrScA7BTwFMzJPlqM0GBv:sTz+NvTV3yaPQy9TlP1`
Yara	UPX_Zero - UPX packed file Malicious_Library_Zero - Malicious_Library OS_Processor_Check_Zero - OS Processor Check IsPE32 - (no description) PE_Header_Zero - PE File Signature
VirusTotal	Search for analysis