popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name d6431d5645fffd05_d93f411851d7c929.customdestinations-ms
Submit file
Filepath c:\users\test22\appdata\roaming\microsoft\windows\recent\customdestinations\d93f411851d7c929.customdestinations-ms
Size 7.8KB
Processes 2152 (powershell.exe)
Type data
MD5 260d23ce04a8f8555a73b7d2dc15e911
SHA1 ebad746fb7de847c50f7502a44f6e35534733efd
SHA256 d6431d5645fffd05a23166d630253bc7ce8c099cf6e9c956f8ae5e1249ee8588
CRC32 11D6B213
ssdeep 96:ctuCeGCPDXBqvsqvJCwo5tuCeGCPDXBqvsEHyqvJCworSP7Hwxf2lUVul:ctvXo5tvbHnorrxQ
Yara
  • Antivirus - Contains references to security software
  • Generic_Malware_Zero - Generic Malware
VirusTotal Search for analysis
Name b0abe318200dcde4_error[2]
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\error[2]
Size 1.7KB
Processes 940 (mshta.exe)
Type UTF-8 Unicode (with BOM) text, with CRLF line terminators
MD5 b9bec45642ff7a2588dc6cb4131ea833
SHA1 4d150a53276c9b72457ae35320187a3c45f2f021
SHA256 b0abe318200dcde42e2125df1f0239ae1efa648c742dbf9a5b0d3397b903c21d
CRC32 3FC3F274
ssdeep 48:NIAbzyYh8rRLkRVNaktqavP61GJZoF+SMy:xWqxztqaHO
Yara None matched
VirusTotal Search for analysis
Name 7990e703ae060c24_error[1]
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\error[1]
Size 3.2KB
Processes 940 (mshta.exe)
Type HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators
MD5 16aa7c3bebf9c1b84c9ee07666e3207f
SHA1 bf0afa2f8066eb7ee98216d70a160a6b58ec4aa1
SHA256 7990e703ae060c241eba6257d963af2ecf9c6f3fbdb57264c1d48dda8171e754
CRC32 B319CFA5
ssdeep 96:vKFlZ/kxjqD9zqp36wxVJddFAdd5Ydddopdyddv+dd865FhlleXckVDuca:C0pv+GkduSDl6LRa
Yara None matched
VirusTotal Search for analysis
Name a9220271c0eb79e5_d93f411851d7c929.customDestinations-ms~RF1cb8803.TMP
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d93f411851d7c929.customDestinations-ms~RF1cb8803.TMP
Size 7.8KB
Type data
MD5 b0c9ff441742f3847ea27da9dee7f2cd
SHA1 c42a1eb32ba953a0ce5d8635caabf71b5b281495
SHA256 a9220271c0eb79e5750e0d0e62058ecac560e09cdf9e82ef61aeeabada5d48a4
CRC32 0BBCAB1A
ssdeep 96:RutuCOGCPDXBqvsqvJCwo+utuCOGCPDXBqvsEHyqvJCworSP7Hwxf2lUVul:UtvXoxtvbHnorrxQ
Yara
  • Antivirus - Contains references to security software
  • Generic_Malware_Zero - Generic Malware
VirusTotal Search for analysis
Name 5f95eff2bcaaea82_warning[1]
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\warning[1]
Size 1.0KB
Processes 940 (mshta.exe)
Type GIF image data, version 89a, 36 x 38
MD5 124a9e7b6976f7570134b7034ee28d2b
SHA1 e889bfc2a2e57491016b05db966fc6297a174f55
SHA256 5f95eff2bcaaea82d0ae34a007de3595c0d830ac4810ea4854e6526e261108e9
CRC32 EED13E6B
ssdeep 12:z4ENetWsdvCMtkEFk+t2cd3ikIbOViGZVsMLfE4DMWUcC/GFvyVEZd6vcmadxVtS:nA/ag/QSi6/LKZzqKVQgJOexQkYfG6E
Yara None matched
VirusTotal Search for analysis