Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

Dropped Files | ZeroBOX

Name	2d00f2194e9c74b8_airways_14.bmp Submit file
Filepath	C:\Users\test22\AppData\Roaming\Havesanger\Nondyspeptic\Garnetberry\Muriciform\Airways_14.bmp
Size	7.7KB
Processes	2552 (wins.exe)
Type	JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=3], baseline, precision 8, 110x110, frames 3
MD5	`4500ee6294e6dd7ebc558442a45cd4a2`
SHA1	`e8dadc287fdc1d254e00fe6797732a6d7665ea61`
SHA256	`2d00f2194e9c74b879c37b05af189682dbd551c8366f5145fc5d84200070a265`
CRC32	`6ADDCFFF`
ssdeep	`96:BSTzREAr5vY+BeASEciQC3a1Sgs7wiqPi5uJvI5ezU9oC/ZMlZCLISsOlHmxewSn:oXR5rEA3ciXq1Sgs7LouLyzAHKSoe2sr`
Yara	JPEG_Format_Zero - JPEG Format
VirusTotal	Search for analysis

Name	e3b0c44298fc1c14_nsjEE19.tmp Empty file or file not found
Filepath	C:\Users\test22\AppData\Local\Temp\nsjEE19.tmp
Size	0.0B
Type	empty
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
CRC32	`00000000`
ssdeep	`3::`
Yara	None matched
VirusTotal	Search for analysis

Name	09b145f1026dc77e_network-cellular-connected-symbolic.svg Submit file
Filepath	C:\Users\test22\AppData\Roaming\Havesanger\Nondyspeptic\network-cellular-connected-symbolic.svg
Size	900.0B
Processes	2552 (wins.exe)
Type	SVG Scalable Vector Graphics image
MD5	`5e13e015c209ea0ab666e45a9972c423`
SHA1	`5ecb2203d5e897bb113e1d631ba59eccc4268bb8`
SHA256	`09b145f1026dc77e4cc4994303c3b3f62e53d221f8161d226f9cc894d9cb086d`
CRC32	`535782F1`
ssdeep	`24:t4CpZJkrl+EdXErlXrGAOAUMsVvSJfWflxAFQdFfoAeWrGDT/N:/Jk9dX8lCAPspflxoaoAe3DT/N`
Yara	None matched
VirusTotal	Search for analysis

Name	5a38ef3a0fa8bc8c_clich.nub Submit file
Filepath	C:\Users\test22\AppData\Roaming\Havesanger\Nondyspeptic\Garnetberry\Muriciform\Clich.Nub
Size	246.8KB
Processes	2552 (wins.exe)
Type	data
MD5	`dd07fce185c88d3c46d081ec64d4ba13`
SHA1	`4cf43af775f945d821c700177a3c61242ea84250`
SHA256	`5a38ef3a0fa8bc8c089c3cb09120ad9ebe9ab8cc5ca19414db35c4129e6250c0`
CRC32	`6C01DF0B`
ssdeep	`3072:XcGUNUXiPrs6O1Kfi+okJFXERxLPqPSg2rGQ+dAl0liWKzrNMZIHzpCCfmX5OF:XcFUXiD1q8okJFXERpyPX2rh2iZtceAI`
Yara	None matched
VirusTotal	Search for analysis

Name	4c86b238e64ecfaa_system.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\nsoEED5.tmp\System.dll
Size	11.0KB
Processes	2552 (wins.exe)
Type	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5	`375e8a08471dc6f85f3828488b1147b3`
SHA1	`1941484ac710fc301a7d31d6f1345e32a21546af`
SHA256	`4c86b238e64ecfaabe322a70fd78db229a663ccc209920f3385596a6e3205f78`
CRC32	`F3BCE476`
ssdeep	`192:MPtkumJX7zB22kGwfy0mtVgkCPOs91un:9702k5qpds9Qn`
Yara	IsDLL - (no description) PE_Header_Zero - PE File Signature IsPE32 - (no description)
VirusTotal	Search for analysis

Name	c655c545de5f07d8_libpixbufloader-icns.dll Submit file
Filepath	C:\Users\test22\AppData\Roaming\Havesanger\Nondyspeptic\libpixbufloader-icns.dll
Size	19.4KB
Processes	2552 (wins.exe)
Type	PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
MD5	`7dea5dab23582505c0eb671ef816c927`
SHA1	`cbb8443e8511df1a6cdbd5ab6d1a8982b881b52e`
SHA256	`c655c545de5f07d85f588599043d8429cc7682ffa9e1dc55fd5275308abca20e`
CRC32	`16F80747`
ssdeep	`384:GNe90VEZnTALI8BHHJOpA6nHPrrNUgNGcRr:Gg90WAI8BnJ1KTRr`
Yara	IsDLL - (no description) IsPE64 - (no description) PE_Header_Zero - PE File Signature
VirusTotal	Search for analysis