popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 0b8607fdf72f3e65_cookies.sqlite
Submit file
Filepath C:\Users\test22\AppData\Roaming\lflttt4n.2f4\Firefox\Profiles\1pfa5s83.default-release\cookies.sqlite
Size 96.0KB
Type SQLite 3.x database, user version 12, last written using SQLite version 3038003
MD5 d367ddfda80fdcf578726bc3b0bc3e3c
SHA1 23fcd5e4e0e5e296bee7e5224a8404ecd92cf671
SHA256 0b8607fdf72f3e651a2a8b0ac7be171b4cb44909d76bb8d6c47393b8ea3d84a0
CRC32 842B3569
ssdeep 12:DQAwfWk73Fmdmc/OPVJXfPNn43etRRfYR5O8atLqxeYaNcDakMG/lO:DQAwff32mNVpP965Ra8KN0MG/lO
Yara None matched
VirusTotal Search for analysis
Name edb006e05cfa8501_Cookies
Submit file
Filepath C:\Users\test22\AppData\Roaming\lflttt4n.2f4\Chrome\Default\Cookies
Size 36.0KB
Type SQLite 3.x database, last written using SQLite version 3033000
MD5 3f5ca3e29b1b60e298aeca0a32164c03
SHA1 f9b5ee59c31a3b06a6b8e476b22d2d7cf1fa8b66
SHA256 edb006e05cfa85015aa76c758d6298c279fd318cff0dbb286927c7ad45105488
CRC32 E1ACA097
ssdeep 24:TL2C0RlPbXaFpEO5bNmISHdL6UwcOxvo5:TYLOpEO5J/KdGU1Eo5
Yara None matched
VirusTotal Search for analysis
Name d6431d5645fffd05_d93f411851d7c929.customDestinations-ms~RF15e3bca.TMP
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d93f411851d7c929.customDestinations-ms~RF15e3bca.TMP
Size 7.8KB
Processes 2660 (powershell.exe) 2720 (powershell.exe)
Type data
MD5 260d23ce04a8f8555a73b7d2dc15e911
SHA1 ebad746fb7de847c50f7502a44f6e35534733efd
SHA256 d6431d5645fffd05a23166d630253bc7ce8c099cf6e9c956f8ae5e1249ee8588
CRC32 11D6B213
ssdeep 96:ctuCeGCPDXBqvsqvJCwo5tuCeGCPDXBqvsEHyqvJCworSP7Hwxf2lUVul:ctvXo5tvbHnorrxQ
Yara
  • Antivirus - Contains references to security software
  • Generic_Malware_Zero - Generic Malware
VirusTotal Search for analysis
Name 4a4d2a86e0a39d89_tmp4ED2.tmp
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\tmp4ED2.tmp
Size 1.5KB
Processes 2064 (csrssop.exe)
Type XML 1.0 document, ASCII text
MD5 1ed25246b12276a21e3285ae659ac391
SHA1 a26d321547942febea86f2465f5369fe3f39497f
SHA256 4a4d2a86e0a39d898bb1d583b0ecf4fd31e41877f543802db8734ffb0534909c
CRC32 45CD220E
ssdeep 24:2di4+S2qhH/1ny1mEUnrKMhEMOFGpwOzNgU3ODOiIQRvh7hwrgXuNt3axvn:cgefAYrFdOFzOzN33ODOiDdKrsuT3uv
Yara None matched
VirusTotal Search for analysis
Name a9220271c0eb79e5_d93f411851d7c929.customDestinations-ms~RF15e3ad0.TMP
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d93f411851d7c929.customDestinations-ms~RF15e3ad0.TMP
Size 7.8KB
Type data
MD5 b0c9ff441742f3847ea27da9dee7f2cd
SHA1 c42a1eb32ba953a0ce5d8635caabf71b5b281495
SHA256 a9220271c0eb79e5750e0d0e62058ecac560e09cdf9e82ef61aeeabada5d48a4
CRC32 0BBCAB1A
ssdeep 96:RutuCOGCPDXBqvsqvJCwo+utuCOGCPDXBqvsEHyqvJCworSP7Hwxf2lUVul:UtvXoxtvbHnorrxQ
Yara
  • Antivirus - Contains references to security software
  • Generic_Malware_Zero - Generic Malware
VirusTotal Search for analysis
Name 88f9dc0b9a633e43_cookies.sqlite
Submit file
Filepath C:\Users\test22\AppData\Roaming\lflttt4n.2f4\Thunderbird\Profiles\g8t0pe67.default-release\cookies.sqlite
Size 512.0KB
Type SQLite 3.x database, user version 11, last written using SQLite version 3031001
MD5 dd47ebe6866ad2ab59d0caa1de28d09e
SHA1 afdf6eb7a01bb7ef4c9d768b65abbbeae5ba2663
SHA256 88f9dc0b9a633e43c6d2c6fae136e782c15aa38c1601dcff948987f1c2a391c3
CRC32 8DEE9EEA
ssdeep 24:DQHtJl32mNVpP965hKN0MG/lZpNjCKRIaU5BnCMOkC0JCpL3FYay:DQfrbWTTTqtStLm
Yara None matched
VirusTotal Search for analysis