popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 418c01b399403eb9_~$readme.doc
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\~$readme.doc
Size 162.0B
Processes 3068 (WINWORD.EXE)
Type data
MD5 692db057e9078ecbdca23f3410b04de1
SHA1 ecad80b9c628797190ee86789a8cdd9bb416cf5c
SHA256 418c01b399403eb9d980894495792cfe658942833824a2ac1be5a85bed1ce8dd
CRC32 297DBD1E
ssdeep 3:yW2lWRdvL7YMlbK7g7lxIt50iSjlVt6l/4Xhn:y1lWnlxK7ghqqF+4xn
Yara None matched
VirusTotal Search for analysis
Name 4826c0d860af884d_~wrs{4f161ea4-12fc-4f5a-bb40-d14e8da31ad2}.tmp
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{4F161EA4-12FC-4F5A-BB40-D14E8DA31AD2}.tmp
Size 1.0KB
Processes 3068 (WINWORD.EXE)
Type data
MD5 5d4d94ee7e06bbb0af9584119797b23a
SHA1 dbb111419c704f116efa8e72471dd83e86e49677
SHA256 4826c0d860af884d3343ca6460b0006a7a2ce7dbccc4d743208585d997cc5fd1
CRC32 23C03491
ssdeep 3:ol3lYdn:4Wn
Yara None matched
VirusTotal Search for analysis
Name 45701d2d9fc44be5_version.xml
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Office\version.xml
Size 223.0B
Processes 3068 (WINWORD.EXE)
Type ASCII text, with CRLF line terminators
MD5 f585dc303aad4de57575dc4382ba2827
SHA1 1bf72039e61dfc7bc585e61fac7bd23c6e9c2656
SHA256 45701d2d9fc44be557bfda499062255d899757f6c2958e671050e4bca149fa3a
CRC32 6BBC67DF
ssdeep 6:9cNAWdgUMu9K1tFsHsvKLrE6IgsGKyHGXgFF2VAATB:9vWdEyK1HsHjrE6IcX3ylTB
Yara None matched
VirusTotal Search for analysis
Name d516a371b6fc0a52_~$normal.dotm
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Templates\~$Normal.dotm
Size 162.0B
Processes 3068 (WINWORD.EXE)
Type data
MD5 56a4532b2fc2cf6fd4ec62a29758d231
SHA1 60f68bd8ac5b3f7290daa236bebd5f9c0f1510fd
SHA256 d516a371b6fc0a5270a1323f271bc2a36bc34f9cf06c783a642020c0da8948c3
CRC32 E93E4529
ssdeep 3:yW2lWRdvL7YMlbK7g7lxIt50iSjlVtNmk/tyXhn:y1lWnlxK7ghqqFNT/tyxn
Yara None matched
VirusTotal Search for analysis