Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

Dropped Files | ZeroBOX

Name	020c62098fd363d4_wcezblgemx.zbk Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\wcezblgemx.zbk
Size	7.5KB
Processes	1680 (smss.exe)
Type	data
MD5	`5855794998ee97442a671422186f50b5`
SHA1	`f25101ac64eef3c97eec681537b68eacd106096c`
SHA256	`020c62098fd363d42c6d6a57900ef2190b9626758bb12ab7e768ad87a6ec6ee3`
CRC32	`F15F8133`
ssdeep	`192:NeETCDfAGM3+GepCvLX2n5FXdDPCxP4Vgj/warrz1digd76xSrpCb:NemCjZJGepCvLXE5ldDmM6wSn1Ag0Wp4`
Yara	None matched
VirusTotal	Search for analysis

Name	2ddeed5e14501286_fqtxbjy.bvn Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\fqtxbjy.bvn
Size	85.1KB
Processes	1680 (smss.exe)
Type	data
MD5	`ecb3d375288a1aeaf883ad959d383208`
SHA1	`1d1bca02559c9785d3ffa27e4aa3dd9b5a50906e`
SHA256	`2ddeed5e14501286de9708ef85fffcf170d18026cd7b2915e8519c334dc62b9f`
CRC32	`54781F04`
ssdeep	`1536:AF4guKpvldY5TCidWJXOYw5KDn01Cddf/I/h8Qoy9mbqes2ZdxvDwA85zPaQLB:o4guqdaCZLw5KDn0+u/h8Qoy9qfZdBDy`
Yara	None matched
VirusTotal	Search for analysis

Name	251aef3ea7ac5458_hxdtkof.exe Submit file
Filepath	C:\Users\test22\AppData\Roaming\gbrvmd\hxdtkof.exe
Size	168.5KB
Processes	1680 (smss.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
MD5	`d9e03dba3c5cce141156dc0cdd710b31`
SHA1	`2576bd00025e68e3a8d123e8ff92535cf04d6291`
SHA256	`251aef3ea7ac5458e72e00f5c2ab96203de6467ed11871f29070904bc675739c`
CRC32	`7A48D998`
ssdeep	`3072:3fY/TU9fE9PEtuwb+/mGGUHUGOGj2/2REKu5Yc6R0r3/f4Lxd0:vYa6E8mGGUHIGquRSvb/fJ`
Yara	UPX_Zero - UPX packed file Malicious_Library_Zero - Malicious_Library NSIS_Installer - Null Soft Installer PE_Header_Zero - PE File Signature IsPE32 - (no description)
VirusTotal	Search for analysis

Name	2d51c1d9c8226798_xilnixp.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\nshC0BD.tmp\xilnixp.dll
Size	83.5KB
Processes	1680 (smss.exe)
Type	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5	`238cfec5437f0995f659b943b3134ea7`
SHA1	`2dd34c986c23ccf1a5336d48cd0f11514eebbb11`
SHA256	`2d51c1d9c82267980c92225667660baccd0c98e00e155a9f832285248097d252`
CRC32	`CF645D03`
ssdeep	`1536:EH+a7j/RLmHWR2LTujFWIci/Zt21sWv9cd5zTSvmxOWNR:Z4RLmHFLTujF7v2Xs5zuOxOWNR`
Yara	UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check Malicious_Library_Zero - Malicious_Library IsDLL - (no description) PE_Header_Zero - PE File Signature IsPE32 - (no description)
VirusTotal	Search for analysis

Name	e3b0c44298fc1c14_nsrC0AB.tmp Empty file or file not found
Filepath	C:\Users\test22\AppData\Local\Temp\nsrC0AB.tmp
Size	0.0B
Type	empty
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
CRC32	`00000000`
ssdeep	`3::`
Yara	None matched
VirusTotal	Search for analysis