Dropped Files | ZeroBOX

Name	3a255c0024916f19_590aee7bdd69b59b.customDestinations-ms~RFcc1ffb.TMP Submit file
Filepath	C:\Users\test22\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-ms~RFcc1ffb.TMP
Size	7.8KB
Processes	2612 (poweRSHeLl.EXe) 2768 (powershell.exe)
Type	data
MD5	`6fd29def73b2779e0ae71c4eecd304f7`
SHA1	`4ba660e4db856e04eb93a01c59ee764259ec55e7`
SHA256	`3a255c0024916f19c5b3f5d4aa5cde453cc5d90b0784a15f0456e57e71a764b6`
CRC32	`1F966CD8`
ssdeep	`96:ctuCeGCPDXBqvsqvJCwo5tuCeGCPDXBqvsEHyqvJCworDPtDHXyf2lUVul:ctvXo5tvbHnorxTyQ`
Yara	Antivirus - Contains references to security software Generic_Malware_Zero - Generic Malware
VirusTotal	Search for analysis

Name	c94c9a3f973a76f9_recoverystore.{9f173fd9-221c-11ee-91c7-080027c2f7b0}.dat Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{9F173FD9-221C-11EE-91C7-080027C2F7B0}.dat
Size	4.5KB
Processes	632 (iexplore.exe)
Type	Composite Document File V2 Document, Cannot read section info
MD5	`776c50eaa6f5d14313e7f7d2b26b3114`
SHA1	`61f566053e13d2e4a66e03cbca33ad1da065847e`
SHA256	`c94c9a3f973a76f9f39e6670ed4d5d9bc699b7192d48e12bd2ccda2da36f7f80`
CRC32	`A8CCDD7F`
ssdeep	`12:rlfF2z2QrEg5+IaCrI0F7+F2M8rEg5+IaCrI0F7ugQNlTqbaxdWNlTqbaxd:rqx5/1M85/3QNlWCWNlWC`
Yara	Microsoft_Office_File_Zero - Microsoft Office File
VirusTotal	Search for analysis

Name	46ee2263efb98d68_{9f173fda-221c-11ee-91c7-080027c2f7b0}.dat Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{9F173FDA-221C-11EE-91C7-080027C2F7B0}.dat
Size	4.5KB
Processes	632 (iexplore.exe)
Type	Composite Document File V2 Document, Cannot read section info
MD5	`babd58ebda688df887c387c994f0c271`
SHA1	`1d6adc67e346a6cba7f6beb86b4074f5746b18c4`
SHA256	`46ee2263efb98d682d36914986e76ee84a96e35e1fb5171cc812bc8966c5a001`
CRC32	`3CA0965E`
ssdeep	`12:rl0ZGFkrEgmfe76F6QrEgmfV7qgONlH5baxQm/Q1Tp4LNlX9bax8KtHaK+wA4:rgGdGzONlZhRJ0NlNSlh+`
Yara	Microsoft_Office_File_Zero - Microsoft Office File
VirusTotal	Search for analysis