Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
11.15 01:11
wwbizsrvs.exe
11.15 01:11
op.exe
11.15 01:11
msf.exe
11.15 01:11
lum250.exe
11.15 01:11
msf443.exe
11.13 04:11
hello.exe
11.13 03:11
espsemhvcioff.exe
11.13 02:11
Geek_se.exe
11.13 02:11
cred64.dll
11.13 02:11
svhost.exe

Latest News
11.17 06:11
Classic LED Bubble Dis...
11.17 06:11
DIN-Download: Neue Vor...
11.17 06:11
IT Sicherheitsnews stü...
11.17 05:11
[AIS 2024 영상] 최원혁 누리랩 ...
11.17 05:11
[강연 영상] 김직동 개인정보위 과장 “...
11.17 05:11
Diese KI-Oma soll Betr...
11.17 05:11
ChatGPT knackt Rekord:...
11.17 05:11
Ancient TP-Link Backdo...
11.17 04:11
Malware Analysis - Wri...
11.17 03:11
Register Renaming: The...

Dropped Files | ZeroBOX

Name	f5e4085641693bb9_wizardimage.dat Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\IF{134D8976-69D7-4C57-B1E6-6F59D037E196}\wizardImage.dat
Size	247.4KB
Processes	2080 (2d7f71dfd2399ffc78575f12b3d751fae218432618e41204ce0e9b850e25e9ac.exe)
Type	PC bitmap, Windows 98/2000 and newer format, 211 x 300 x 32
MD5	`d073eb365f9b0e378e306cbea2d6761c`
SHA1	`45a9f9e585e4c4e52fb23faaa8399c75e3636359`
SHA256	`f5e4085641693bb958c7c5e8fc12b9468194fb534203689e74931f51d5f41089`
CRC32	`4DA98431`
ssdeep	`6144:M72Vn49whGFJUIv/oehrTwGv8fAmn3hvqWok/:IU`
Yara	bmp_file_format - bmp file format
VirusTotal	Search for analysis

Name	7e8cf735e10dc4f4_licence.rtf Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\IF{134D8976-69D7-4C57-B1E6-6F59D037E196}\licence.rtf
Size	114.0B
Processes	2080 (2d7f71dfd2399ffc78575f12b3d751fae218432618e41204ce0e9b850e25e9ac.exe)
Type	Rich Text Format data, version 1, ANSI
MD5	`564974489d478be646af0642ef0eed26`
SHA1	`1072c265121f951da418f8981a8e518db98fd0a5`
SHA256	`7e8cf735e10dc4f450dbac0c774d7cfaeb71b127f724bb3c9a7d267289470ba7`
CRC32	`50227451`
ssdeep	`3:gOz4RJXDVWidQcz7eViFvezbOGU5YB5DN72n:L4VXdLz6wER5d2`
Yara	None matched
VirusTotal	Search for analysis

Name	0504ebb98d0a4b28_headerimage.dat Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\IF{134D8976-69D7-4C57-B1E6-6F59D037E196}\headerImage.dat
Size	351.7KB
Processes	2080 (2d7f71dfd2399ffc78575f12b3d751fae218432618e41204ce0e9b850e25e9ac.exe)
Type	PC bitmap, Windows 98/2000 and newer format, 300 x 300 x 32
MD5	`94aff33aefbc291f1802b3577e70dcba`
SHA1	`f67ed85ae47a60d4d9b097f81736c76124f14595`
SHA256	`0504ebb98d0a4b28b67743b2163cfaa77f8e0bfafb74a6f762da9c2799b527ec`
CRC32	`72D9C41D`
ssdeep	`6144:LaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaPaaaaaaaaaaaaaS:Laaaaaaaaaaaaaaaaaaaaaaaaaaaaaa3`
Yara	bmp_file_format - bmp file format
VirusTotal	Search for analysis

Name	ba03d68efcc17a09_français.ifl Submit file
Size	3.6KB
Type	UTF-8 Unicode (with BOM) text, with CRLF line terminators
MD5	`86d062e7f9790d4a43a1e87761b7aaf2`
SHA1	`57471d14cc8c922df6d9213332410cf58414e8bf`
SHA256	`ba03d68efcc17a09abf33f251d9cc06efc1d6d0a02e34a9f95aa529990d62f23`
CRC32	`EF25FA30`
ssdeep	`48:pIvG+jmfmtysMhLDmY7JeVdLm/SU7vt3NLLrOMf2Gh2+QdO48lMvavOtw9Lt/Sji:paGeCCTO23sBB2MH48lMDSuRiZjl`
Yara	None matched
VirusTotal	Search for analysis

Name	a792f4f5edee0e15_deutsch.ifl Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\IF{134D8976-69D7-4C57-B1E6-6F59D037E196}\Deutsch.ifl
Size	3.4KB
Processes	2080 (2d7f71dfd2399ffc78575f12b3d751fae218432618e41204ce0e9b850e25e9ac.exe)
Type	UTF-8 Unicode (with BOM) text, with CRLF line terminators
MD5	`981077ef92410cbf204c59e5465de5dd`
SHA1	`ad253930fd3a5edd8a81dc473f89132ff2243699`
SHA256	`a792f4f5edee0e158798b75b82f6ac720e51957498450161b04ee812101f801c`
CRC32	`01AE838C`
ssdeep	`48:MTRoitpmwlfmw/fSq4+04ppDmkA0V5zjM8n7j1aDOiw06XnayDa1s0B0t19skAfj:MSinpppnPs4mkvzwKj5i8qyIuy/q18Fv`
Yara	None matched
VirusTotal	Search for analysis

Name	7dd8471c35427652_desktop.dat Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\IF{134D8976-69D7-4C57-B1E6-6F59D037E196}\Desktop.dat
Size	73.0B
Processes	2080 (2d7f71dfd2399ffc78575f12b3d751fae218432618e41204ce0e9b850e25e9ac.exe)
Type	ASCII text, with CRLF line terminators
MD5	`a07e0776f21eaced9d24caae59e8a24c`
SHA1	`17ec0cb90d382f19713899cc1f148e42732645fa`
SHA256	`7dd8471c354276521bebf74bc310b2e35a9c747163cb9f65448a0f80ffed42b8`
CRC32	`A3D53322`
ssdeep	`3:4JAVwI1MzjMqtaSiiVA1MB:4bIGzjMqJX64`
Yara	None matched
VirusTotal	Search for analysis

Name	275ef115ae87fcb0_languages.dat Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\IF{134D8976-69D7-4C57-B1E6-6F59D037E196}\languages.dat
Size	29.0B
Processes	2080 (2d7f71dfd2399ffc78575f12b3d751fae218432618e41204ce0e9b850e25e9ac.exe)
Type	UTF-8 Unicode text, with CRLF line terminators
MD5	`159a8024a44018a05873cc9a7aa0ff5e`
SHA1	`edd47c41e143778229b9fd80326f83bc4fcb78b9`
SHA256	`275ef115ae87fcb062b56a8c7595b3d92f87a05f4f0afeb7672ea10aa42c791a`
CRC32	`9AEFA784`
ssdeep	`3:RXWKUnv:J/Uv`
Yara	None matched
VirusTotal	Search for analysis

Name	20f6d12eac29bd6d_english.ifl Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\IF{134D8976-69D7-4C57-B1E6-6F59D037E196}\English.ifl
Size	3.0KB
Processes	2080 (2d7f71dfd2399ffc78575f12b3d751fae218432618e41204ce0e9b850e25e9ac.exe)
Type	UTF-8 Unicode (with BOM) text, with CRLF line terminators
MD5	`2922d0c758d9c3c10cbdc59f91979d0c`
SHA1	`feb69bdf58d06cca776db63036811af0764ca013`
SHA256	`20f6d12eac29bd6ddc6a99dd276c5e200fac25c976ab4293195b58ec164c253f`
CRC32	`AF2C3848`
ssdeep	`48:Q5MSH5mNWUm8/7UzY8Dmwwn0VYNv7TO4L/kpLlpfX9+XD/Vyx2iBGG+KX2ihd8r5:y5ZhUP/7UURn55Tf/ipX9+XrV4RtX38`
Yara	None matched
VirusTotal	Search for analysis

Name	c195a140f6e79b17_os.dat Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\IF{134D8976-69D7-4C57-B1E6-6F59D037E196}\OS.dat
Size	194.0B
Processes	2080 (2d7f71dfd2399ffc78575f12b3d751fae218432618e41204ce0e9b850e25e9ac.exe)
Type	UTF-8 Unicode (with BOM) text, with CRLF line terminators
MD5	`6720b01a0ad716bd2f8f7c67a0429029`
SHA1	`95558d9c17f4b41d1b76f7b9f4893ea803b75b76`
SHA256	`c195a140f6e79b1791e126a3a27561d74971b035987262eec9204ea265335c96`
CRC32	`F614CBDB`
ssdeep	`6:tqkU/Vim+xyf3BKyf3wHf3BByf3Va3eUvf3/o93Bcu:tqkU/AmOyPBKOwvBByPITPEBcu`
Yara	None matched
VirusTotal	Search for analysis

Name	71b5dd2f719bb408_sc.dat Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\IF{134D8976-69D7-4C57-B1E6-6F59D037E196}\SC.dat
Size	883.0B
Processes	2080 (2d7f71dfd2399ffc78575f12b3d751fae218432618e41204ce0e9b850e25e9ac.exe)
Type	UTF-8 Unicode (with BOM) text, with CRLF line terminators
MD5	`34150f3d1062b518359b91c291a05d6b`
SHA1	`6ca5ca0ec46dd3650682535756f27a6b670b171f`
SHA256	`71b5dd2f719bb4088127868d41f65a37df920859fab6ed855099f8706ed71125`
CRC32	`82F3BA8A`
ssdeep	`24:y6SjqUzhovUXWaEe07vS3/i/jhtZiIiK7iUKBU1MkE/hvAEU:y6Sq65V07vsKLhtwIiTUeU1LE/hvAEU`
Yara	None matched
VirusTotal	Search for analysis

Name	307dcabc31e1005a_setupconfiguration.archive Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\IF{134D8976-69D7-4C57-B1E6-6F59D037E196}\setupConfiguration.archive
Size	35.5KB
Processes	2080 (2d7f71dfd2399ffc78575f12b3d751fae218432618e41204ce0e9b850e25e9ac.exe)
Type	7-zip archive data, version 0.3
MD5	`d842564e48e3492fc1e50cea0d30bdfc`
SHA1	`4f0d5fabe075fe7184896d76485f139583ad5abf`
SHA256	`307dcabc31e1005a012f9638bbe08518f2c0a88a2827e43632db36249620bd3a`
CRC32	`813169BB`
ssdeep	`768:c9I5ilQkeVKX4G/dfPPuDKnirG7kCVl928A5GpnD3x3hIFjC:QMXNg48PPWBkkCV12GpnD3x3hIk`
Yara	None matched
VirusTotal	Search for analysis