Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
09.21 02:09
l6E.exe
09.20 01:09
setup.exe
09.20 11:09
3uTools.exe
09.20 11:09
66ecb4573225b_vsbhfdg1...
09.20 10:09
66ecb452ba19c_sfbdsgfd...
09.20 10:09
66ecb44c35444_vfdhsgdf...
09.20 10:09
66ec0e61998bf_setup30.exe
09.20 10:09
66ebf725efe38_lyla.exe
09.20 10:09
Desktop_Explorer.exe
09.20 10:09
66ec3528901bb_winupdat...

Latest News
09.21 02:09
This New Video Game Is...
09.21 02:09
FTC finds social media...
09.21 02:09
FTC finds social media...
09.21 01:09
Automate detection and...
09.21 01:09
Hackaday Podcast Episo...
09.21 01:09
The Russian Bot Army T...
09.21 01:09
Australia’s Labor Part...
09.21 12:09
Inviting the Public to...
09.21 12:09
How Ransomhub Ransomwa...
09.21 12:09
Middle East backdoored...

Dropped Files | ZeroBOX

Name	96bcec06264976f3_2d85f72862b55c4eadd9e66e06947f3d Submit file
Filepath	C:\Users\test22\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\2D85F72862B55C4EADD9E66E06947F3D
Size	1.4KB
Processes	2640 (ws.exe)
Type	data
MD5	`0cd2f9e0da1773e9ed864da5e370e74e`
SHA1	`cabd2a79a1076a31f21d253635cb039d4329a5e8`
SHA256	`96bcec06264976f37460779acf28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6`
CRC32	`65E5A5B2`
ssdeep	`24:ooVdTH2NMU+I3E0Ulcrgdaf3sWrATrnkC4EmCUkmGMkfQo1fSZotWzD1:ooVguI3Kcx8WIzNeCUkJMmSuMX1`
Yara	None matched
VirusTotal	Search for analysis

Name	a83f50c1a41c0983_ws.exe Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\ws.exe
Size	86.5KB
Processes	2556 (Deathmatics.exe)
Type	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5	`7c1cfd20b24b912534716c2ca03af538`
SHA1	`f374744c9c7ecff644cc9fb11a77eb10b737577d`
SHA256	`a83f50c1a41c0983d132fef61d20693e6807792534e4ab4b6ea77a32ea5c18d4`
CRC32	`1543CBEE`
ssdeep	`1536:ne1RdaIfAtWdTcvOGP0l0dMi488Jax/ddMcLrMYEDAFB9bMmqxrbM+tFMVj/fZAA:URStWdTcvOGP0l0dMi4DJcdRMYCQ9bMQ`
Yara	Win32_Trojan_PWS_Net_1_Zero - Win32 Trojan PWS .NET Azorult Is_DotNET_EXE - (no description) PE_Header_Zero - PE File Signature Win_Backdoor_AsyncRAT_Zero - Win Backdoor AsyncRAT IsPE32 - (no description)
VirusTotal	Search for analysis

Name	67add1166b020ae6_c8408fe5ca4467ee4da84a76ef238fe3 Submit file
Filepath	C:\Users\test22\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C8408FE5CA4467EE4DA84A76EF238FE3
Size	1.3KB
Processes	2640 (ws.exe)
Type	data
MD5	`e829e65d7c4307d6fbc13c179e037a36`
SHA1	`a053375bfe84e8b748782c7cee15827a6af5a405`
SHA256	`67add1166b020ae61b8f5fc96813c04c2aa589960796865572a3c7e737613dfd`
CRC32	`0088E167`
ssdeep	`24:yvLxG88i7ZDlwjwN9CMDy0cjHbpLZ+cq0EoUbaeswo+Ks2FCU:UG8nZZVmNjHVM6Eos9jK5`
Yara	None matched
VirusTotal	Search for analysis

Name	e61fee16e25dda73_c8408fe5ca4467ee4da84a76ef238fe3 Submit file
Filepath	C:\Users\test22\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C8408FE5CA4467EE4DA84A76EF238FE3
Size	192.0B
Processes	2640 (ws.exe)
Type	data
MD5	`3df58e584f3ee2bf6061edbf4df59896`
SHA1	`ec5dcc7a96e84d60f6a8a117f39371e5539487fa`
SHA256	`e61fee16e25dda73ef35ecbf4e9c88d4efce146b1d67be2e251b3af05c56cd7d`
CRC32	`6158A2E4`
ssdeep	`3:kkFklHM8tfllXlE/tdKje11U+lJuRdxPlIXlel9OlMHt:kKh80oyUa8RdE169OlMN`
Yara	None matched
VirusTotal	Search for analysis

Name	9b22c3f8facbaa7e_2d85f72862b55c4eadd9e66e06947f3d Submit file
Filepath	C:\Users\test22\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\2D85F72862B55C4EADD9E66E06947F3D
Size	192.0B
Processes	2640 (ws.exe)
Type	data
MD5	`1f579d560708cfa1f1d378883ddf95e9`
SHA1	`13c68492da35087b3d7d93fb827ff4149d51ee98`
SHA256	`9b22c3f8facbaa7e6e53eda44362411aaf8e8f5ff222a13f53fa37e83798dd3c`
CRC32	`9562E6A6`
ssdeep	`3:kkFklloC5NtfllXlE/zMcn+zttNNX8RolJuRdyo1dlUKlGXJlDdt:kKX8q1kNMa8Rdy+UKcXP`
Yara	None matched
VirusTotal	Search for analysis