Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

Dropped Files | ZeroBOX

Name	824fae3331b95e2f_f..xqtK.tmp Submit file
Filepath	C:\Users\test22\AppData\Roaming\f..xqtK.tmp
Size	40.0KB
Type	SQLite 3.x database, last written using SQLite version 3033000
MD5	`41c19a9e8541fcb934c13c075bf47721`
SHA1	`648a7622d533d79b9a0bb31dc370134ec3a75ed7`
SHA256	`824fae3331b95e2f88ca60c87a6c9569086906ec76fc1db8d6dee9adddc4e80c`
CRC32	`560F7642`
ssdeep	`48:+35TqYzDGF/8LKBwUf9KfWfkMUEilGc7xBM6vu3f+fmyJqhU:Ulce7mlcwilGc7Ha3f+u`
Yara	None matched
VirusTotal	Search for analysis

Name	8ee073cd510eb345_htqygalo.ng Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\htqygalo.ng
Size	118.1KB
Processes	1000 (dd.exe)
Type	data
MD5	`3d3e06496ecd4fd0c8e107a36c22497b`
SHA1	`523de187063f50932715250e63f6a44dc92d05a2`
SHA256	`8ee073cd510eb345bde2cb8830dba7373a734216f5f9c7bc9243ba2db0646efd`
CRC32	`A8715049`
ssdeep	`3072:49+6tbidB4Bq5OXVIevsLjQENydCrCnmJbk8yEE:EztbI+M5devwQe+CrL5k8k`
Yara	None matched
VirusTotal	Search for analysis

Name	c3d94470e73881d4_iixlutvelg.f Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\iixlutvelg.f
Size	7.7KB
Processes	1000 (dd.exe)
Type	data
MD5	`ed1ff27b53c7a823f1edc1a02db4ba44`
SHA1	`78f9efe810f2442ef82d062f630507cadbb0d317`
SHA256	`c3d94470e73881d45b0fb9bb083350483d872b4aa4a023e27935181bc4da4f73`
CRC32	`4E16EBDF`
ssdeep	`192:NeETCDfAGM3+GepCvLK0FgGNDj34RMdECESnnypahr21w7Zc76sSrpCb:NemCjZJGepCvLT6QDAvmnnypcS1YZ4W2`
Yara	None matched
VirusTotal	Search for analysis

Name	1bd37e45940236ca_cboxe.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\nsqC11A.tmp\cboxe.dll
Size	86.0KB
Processes	1000 (dd.exe)
Type	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5	`aa50cb734973bb1f000bf0248ecea36c`
SHA1	`548e2c420b78154f29291a445e442071e7f7d779`
SHA256	`1bd37e45940236ca8711794cbf93da23958aefdf51702c6b4cc03a2b87310d2f`
CRC32	`CDFC5D3E`
ssdeep	`1536:KewzVr7ZXF84In4FhhK4HBHyYWe8D5wSA5tnzsWY0cdbWWqyO7r:nwzVBV8Rn4FhpBHEw/6bWWE7r`
Yara	UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check Malicious_Library_Zero - Malicious_Library IsDLL - (no description) PE_Header_Zero - PE File Signature IsPE32 - (no description)
VirusTotal	Search for analysis

Name	03de1b6d7dc6b32f_vrrbwggplttdy.exe Submit file
Filepath	C:\Users\test22\AppData\Roaming\uennjsooxhddm\vrrbwggplttdy.exe
Size	189.7KB
Processes	1000 (dd.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
MD5	`6ea6237fd00b52f59dbb5ad00f11bd9d`
SHA1	`1f60127952726027a647f33cf198855e880e32d5`
SHA256	`03de1b6d7dc6b32f6b46bd2729f7ca9fbf44c377296bac8240a54ad1baff0198`
CRC32	`C4B5EFE4`
ssdeep	`3072:3fY/TU9fE9PEtuWbtBBndc6xExWBbzSzgrK3PxX7T5RNA50GORh7YmLaEsN7YbIb:vYa6WPJdcVFkrK3PxXJRNU/O/bI80`
Yara	UPX_Zero - UPX packed file Malicious_Library_Zero - Malicious_Library NSIS_Installer - Null Soft Installer PE_Header_Zero - PE File Signature IsPE32 - (no description)
VirusTotal	Search for analysis

Name	e3b0c44298fc1c14_nsbC109.tmp Empty file or file not found
Filepath	C:\Users\test22\AppData\Local\Temp\nsbC109.tmp
Size	0.0B
Type	empty
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
CRC32	`00000000`
ssdeep	`3::`
Yara	None matched
VirusTotal	Search for analysis