Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
11.17 10:11
wwbizsrvs.exe
11.15 01:11
wwbizsrvs.exe
11.15 01:11
op.exe
11.15 01:11
msf.exe
11.15 01:11
lum250.exe
11.15 01:11
msf443.exe
11.13 04:11
hello.exe
11.13 03:11
espsemhvcioff.exe
11.13 02:11
Geek_se.exe
11.13 02:11
cred64.dll

Latest News
11.18 08:11
[AIS 2024 영상] 최광희 세종 고...
11.18 08:11
Asia’s Richest Man Joi...
11.18 07:11
[AIS 2024 영상] 김기홍 샌즈랩 ...
11.18 07:11
Wall Street Bankers Sp...
11.18 07:11
Vor 40 Jahren: der Btx...
11.18 07:11
IT Sicherheitsnews stü...
11.18 06:11
US’s UFO-Hunting Aeria...
11.18 06:11
Truth Social, Late Cal...
11.18 06:11
Trump Team Said to Wan...
11.18 05:11
IT Sicherheitsnews stü...

Dropped Files | ZeroBOX

Name	0b8607fdf72f3e65_cookies.sqlite Submit file
Filepath	C:\Users\test22\AppData\Roaming\p4ngvyzi.b3g\Firefox\Profiles\1pfa5s83.default-release\cookies.sqlite
Size	96.0KB
Type	SQLite 3.x database, user version 12, last written using SQLite version 3038003
MD5	`d367ddfda80fdcf578726bc3b0bc3e3c`
SHA1	`23fcd5e4e0e5e296bee7e5224a8404ecd92cf671`
SHA256	`0b8607fdf72f3e651a2a8b0ac7be171b4cb44909d76bb8d6c47393b8ea3d84a0`
CRC32	`842B3569`
ssdeep	`12:DQAwfWk73Fmdmc/OPVJXfPNn43etRRfYR5O8atLqxeYaNcDakMG/lO:DQAwff32mNVpP965Ra8KN0MG/lO`
Yara	None matched
VirusTotal	Search for analysis

Name	edb006e05cfa8501_Cookies Submit file
Filepath	C:\Users\test22\AppData\Roaming\p4ngvyzi.b3g\Chrome\Default\Cookies
Size	36.0KB
Type	SQLite 3.x database, last written using SQLite version 3033000
MD5	`3f5ca3e29b1b60e298aeca0a32164c03`
SHA1	`f9b5ee59c31a3b06a6b8e476b22d2d7cf1fa8b66`
SHA256	`edb006e05cfa85015aa76c758d6298c279fd318cff0dbb286927c7ad45105488`
CRC32	`E1ACA097`
ssdeep	`24:TL2C0RlPbXaFpEO5bNmISHdL6UwcOxvo5:TYLOpEO5J/KdGU1Eo5`
Yara	None matched
VirusTotal	Search for analysis

Name	fe3622efa1be49f9_qohrdglwlxa.ate Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\qohrdglwlxa.ate
Size	7.5KB
Processes	1932 (dwm.exe)
Type	data
MD5	`37b92794f0f9f338a63872d26afe833e`
SHA1	`01f64122f93612965fb106b12ca3554803418a97`
SHA256	`fe3622efa1be49f9a22caba8abbf49392379125e42d3ea4597ad9cfbf8a83f7a`
CRC32	`DA534C9B`
ssdeep	`192:2LsBtKXtqXeo18fZ3c3qD97vgpDdnTKbo1q4VKjuchlnv:/BtK9q78fFc3G7aIm8jjBv`
Yara	None matched
VirusTotal	Search for analysis

Name	56c984d653ca197e_bsmtqria.xdy Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\bsmtqria.xdy
Size	141.3KB
Processes	1932 (dwm.exe)
Type	data
MD5	`864d5106e8347471e1d80ad85a3004fa`
SHA1	`176695c3e330ce857152e4013bc7aba84472bc46`
SHA256	`56c984d653ca197e50642d21d4657cb33baf79bd3b11b519000cf3aea846413d`
CRC32	`12D283C6`
ssdeep	`3072:xW9dw5ELVSPqay/N6sAE6ibRpkY+8E72WJICihuUMek21rRjlL9jddDqMfS:Q9dlqaIUb8Y+haCbnozlRnGMfS`
Yara	None matched
VirusTotal	Search for analysis

Name	3936e80279349b44_xfgmvqcyu.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\nsaC07E.tmp\xfgmvqcyu.dll
Size	5.0KB
Processes	1932 (dwm.exe)
Type	PE32 executable (DLL) (console) Intel 80386, for MS Windows
MD5	`308a6027d65fe1853454df6cad8dc306`
SHA1	`c74802757fd7b90423abdcf7c92e0cbff4f52cc3`
SHA256	`3936e80279349b44362a8bc7f7de70efc5320b168b6acdfe3ed80a5b13c1deb4`
CRC32	`207AAFF8`
ssdeep	`48:q5DUxDMKbuMS/etZ3ASDD4ASD+Cp1uGr63wrvAIz/9WZ90gRd:uDUfuMSMJASDkASD+CruGr66vAIrk0`
Yara	IsDLL - (no description) PE_Header_Zero - PE File Signature IsPE32 - (no description)
VirusTotal	Search for analysis

Name	e3b0c44298fc1c14_nsvC05D.tmp Empty file or file not found
Filepath	C:\Users\test22\AppData\Local\Temp\nsvC05D.tmp
Size	0.0B
Type	empty
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
CRC32	`00000000`
ssdeep	`3::`
Yara	None matched
VirusTotal	Search for analysis

Name	88f9dc0b9a633e43_cookies.sqlite Submit file
Filepath	C:\Users\test22\AppData\Roaming\p4ngvyzi.b3g\Thunderbird\Profiles\g8t0pe67.default-release\cookies.sqlite
Size	512.0KB
Type	SQLite 3.x database, user version 11, last written using SQLite version 3031001
MD5	`dd47ebe6866ad2ab59d0caa1de28d09e`
SHA1	`afdf6eb7a01bb7ef4c9d768b65abbbeae5ba2663`
SHA256	`88f9dc0b9a633e43c6d2c6fae136e782c15aa38c1601dcff948987f1c2a391c3`
CRC32	`8DEE9EEA`
ssdeep	`24:DQHtJl32mNVpP965hKN0MG/lZpNjCKRIaU5BnCMOkC0JCpL3FYay:DQfrbWTTTqtStLm`
Yara	None matched
VirusTotal	Search for analysis

Name	8782056d9091e507_aqhl.exe Submit file
Filepath	C:\Users\test22\AppData\Roaming\wrimdhxotkbfv\aqhl.exe
Size	187.7KB
Processes	1932 (dwm.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
MD5	`6aa04c7bb5c5eb8386238f282825f57e`
SHA1	`f479766b721437497ee50418c40fc1d6abb8fc24`
SHA256	`8782056d9091e507124a6a17d8b3063f8f5d9dee912c70bbaf3f7b62783d388d`
CRC32	`055B43E6`
ssdeep	`3072:HfY/TU9fE9PEtuYbGQbKrMaG7qVN6roGm6CP8aJGQ8PcLXfo+JPtl3GjllB:/Ya6c4QaY3sGinJBSqz7l3UlH`
Yara	UPX_Zero - UPX packed file Malicious_Library_Zero - Malicious_Library NSIS_Installer - Null Soft Installer PE_Header_Zero - PE File Signature IsPE32 - (no description)
VirusTotal	Search for analysis