Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

Dropped Files | ZeroBOX

Name	381a5c6f05bb6422_hbayardxh.xta Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\hbayardxh.xta
Size	5.7KB
Processes	1532 (pamac2.1.exe)
Type	data
MD5	`26031e9ee62261b60c28003aca779736`
SHA1	`b666851e1f4f4a56e9c5717f438accefb7c1218c`
SHA256	`381a5c6f05bb642219f953345f3217436c0d8377a9e7f440eb67d42e6e15eead`
CRC32	`884FB393`
ssdeep	`96:8UfTtXiAlVO0aqVfiL+jWF2VU8FlbFz4JnWQEIk2HU8PfqqenUt+NIvDGwv:tTtXiA37iYo4ZWXhHU8Pf/t+yDGwv`
Yara	None matched
VirusTotal	Search for analysis

Name	0b8607fdf72f3e65_cookies.sqlite Submit file
Filepath	C:\Users\test22\AppData\Roaming\cwn33mhp.opj\Firefox\Profiles\1pfa5s83.default-release\cookies.sqlite
Size	96.0KB
Type	SQLite 3.x database, user version 12, last written using SQLite version 3038003
MD5	`d367ddfda80fdcf578726bc3b0bc3e3c`
SHA1	`23fcd5e4e0e5e296bee7e5224a8404ecd92cf671`
SHA256	`0b8607fdf72f3e651a2a8b0ac7be171b4cb44909d76bb8d6c47393b8ea3d84a0`
CRC32	`842B3569`
ssdeep	`12:DQAwfWk73Fmdmc/OPVJXfPNn43etRRfYR5O8atLqxeYaNcDakMG/lO:DQAwff32mNVpP965Ra8KN0MG/lO`
Yara	None matched
VirusTotal	Search for analysis

Name	edb006e05cfa8501_Cookies Submit file
Filepath	C:\Users\test22\AppData\Roaming\cwn33mhp.opj\Chrome\Default\Cookies
Size	36.0KB
Type	SQLite 3.x database, last written using SQLite version 3033000
MD5	`3f5ca3e29b1b60e298aeca0a32164c03`
SHA1	`f9b5ee59c31a3b06a6b8e476b22d2d7cf1fa8b66`
SHA256	`edb006e05cfa85015aa76c758d6298c279fd318cff0dbb286927c7ad45105488`
CRC32	`E1ACA097`
ssdeep	`24:TL2C0RlPbXaFpEO5bNmISHdL6UwcOxvo5:TYLOpEO5J/KdGU1Eo5`
Yara	None matched
VirusTotal	Search for analysis

Name	a50844597a48b1ed_usuxnzddwj.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\nsmC0CC.tmp\usuxnzddwj.dll
Size	80.5KB
Processes	1532 (pamac2.1.exe)
Type	PE32 executable (DLL) (console) Intel 80386, for MS Windows
MD5	`92e8ab02ae328381c7b0d9f230b61e67`
SHA1	`138dfc90c5ad038cfe7146f8cd3ae6bc8ec90ecc`
SHA256	`a50844597a48b1eda3cf071cc726eb2daca671bc67df4c3949a22da7ba673d69`
CRC32	`018DD528`
ssdeep	`1536:W5Zgs53AOsEMO4gHsN0TlvL4S3i1qRSeksW9Wcdbk200U5We:W5qsuOZMO4P0Ty1qxcbkqgWe`
Yara	UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check IsDLL - (no description) Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsPE32 - (no description)
VirusTotal	Search for analysis

Name	c36d02fa5a7bd7d0_skvxy.g Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\skvxy.g
Size	265.5KB
Processes	1532 (pamac2.1.exe)
Type	data
MD5	`01e2938d3bd8f2dca6ea27ea72a4e825`
SHA1	`36809f3fa6fa87296d6c1db5f39bee08c4df2bea`
SHA256	`c36d02fa5a7bd7d001c439f6a34a4a03e5b11fd127945aed1b289b36531bdcec`
CRC32	`4748D676`
ssdeep	`6144:SrK0X2W915MG5EVRqo3m/IBDn8amFlh+3QGfyPnR7:kK0mW91mG5AhkIBDkhowfR`
Yara	None matched
VirusTotal	Search for analysis

Name	e3b0c44298fc1c14_nshC0AB.tmp Empty file or file not found
Filepath	C:\Users\test22\AppData\Local\Temp\nshC0AB.tmp
Size	0.0B
Type	empty
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
CRC32	`00000000`
ssdeep	`3::`
Yara	None matched
VirusTotal	Search for analysis

Name	88f9dc0b9a633e43_cookies.sqlite Submit file
Filepath	C:\Users\test22\AppData\Roaming\cwn33mhp.opj\Thunderbird\Profiles\g8t0pe67.default-release\cookies.sqlite
Size	512.0KB
Type	SQLite 3.x database, user version 11, last written using SQLite version 3031001
MD5	`dd47ebe6866ad2ab59d0caa1de28d09e`
SHA1	`afdf6eb7a01bb7ef4c9d768b65abbbeae5ba2663`
SHA256	`88f9dc0b9a633e43c6d2c6fae136e782c15aa38c1601dcff948987f1c2a391c3`
CRC32	`8DEE9EEA`
ssdeep	`24:DQHtJl32mNVpP965hKN0MG/lZpNjCKRIaU5BnCMOkC0JCpL3FYay:DQfrbWTTTqtStLm`
Yara	None matched
VirusTotal	Search for analysis