Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

Dropped Files | ZeroBOX

Name	b80a5cba69d1853e_system.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\nsqF2CE.tmp\System.dll
Size	11.0KB
Processes	2580 (win32.exe)
Type	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5	`c9473cb90d79a374b2ba6040ca16e45c`
SHA1	`ab95b54f12796dce57210d65f05124a6ed81234a`
SHA256	`b80a5cba69d1853ed5979b0ca0352437bf368a5cfb86cb4528edadd410e11352`
CRC32	`D2D3E667`
ssdeep	`192:cPtkumJX7zBE2kGwfy9S9VkPsFQ1MZ1c:N7O2k5q9wA1MZa`
Yara	IsDLL - (no description) PE_Header_Zero - PE File Signature IsPE32 - (no description)
VirusTotal	Search for analysis

Name	f0f4410c453932ea_printerfunktionen.ste Submit file
Filepath	C:\Users\test22\AppData\Local\underkbelser\Homam\Slangens\Uniformer\Printerfunktionen.Ste
Size	12.9KB
Processes	2580 (win32.exe)
Type	data
MD5	`54dec5cfd6e222b62a6d46361445f263`
SHA1	`b8511f28e37998a503d3896b2ab47be385cbcbbc`
SHA256	`f0f4410c453932ea9a97626d183ce6c06116d676fc25e8fe27549f86881898a7`
CRC32	`D4412A5D`
ssdeep	`384:ThuxguYkJsL0OQorT58jWATZhikNtWm7JMq:Tk6YfTo2ZFT7Wq`
Yara	None matched
VirusTotal	Search for analysis

Name	de5cb894d4f1251a_duckblind.rad Submit file
Filepath	C:\Users\test22\AppData\Local\underkbelser\Homam\Slangens\Uniformer\duckblind.rad
Size	1.5KB
Processes	2580 (win32.exe)
Type	data
MD5	`8df1e45a327c9075028c62a61a489003`
SHA1	`1f24b42953d7aba75270e180089ecfb0797c7ae3`
SHA256	`de5cb894d4f1251af34eb9668721bd029b105e05995457a3e6267b1a7b106a91`
CRC32	`ADBBEDA7`
ssdeep	`24:VIH/kHG6AcE3OcxB0aV08YYfdtcYT+Ou9qVGczL7mdiKO7Lwnyst0xzw1iwEbkNm:4sG6AcYTxB0806fPB9uQGczLidiKaj6S`
Yara	None matched
VirusTotal	Search for analysis

Name	f669b2f481127b86_chikanren.deg Submit file
Filepath	C:\Users\test22\AppData\Local\underkbelser\Homam\Slangens\Uniformer\chikanren.Deg
Size	118.1KB
Processes	2580 (win32.exe)
Type	data
MD5	`999bcb0b8e16c9359f9b5352e6bc576d`
SHA1	`d3d527a5596fbe340925de8f892d4702edf260be`
SHA256	`f669b2f481127b8643a7a4b428cacb1db299a0fdde1df7a0b6cfaa94601345b8`
CRC32	`76FD860A`
ssdeep	`3072:aHwxiJOit12Rwmf3oT6Y4LlZVJVX7LLC8/gf/:aHwcJ/tkwA3oTkRL34f/`
Yara	None matched
VirusTotal	Search for analysis

Name	e3b0c44298fc1c14_nsaF136.tmp Empty file or file not found
Filepath	C:\Users\test22\AppData\Local\Temp\nsaF136.tmp
Size	0.0B
Type	empty
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
CRC32	`00000000`
ssdeep	`3::`
Yara	None matched
VirusTotal	Search for analysis

Name	370e47364561fa50_nsexec.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\nsqF2CE.tmp\nsExec.dll
Size	6.5KB
Processes	2580 (win32.exe)
Type	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5	`0a6f707fa22c3f3e5d1abb54b0894ad6`
SHA1	`610cb2c3623199d0d7461fc775297e23cef88c4e`
SHA256	`370e47364561fa501b1300b056fb53fae12b1639fdf5f113275bee03546081c0`
CRC32	`A7F53748`
ssdeep	`96:e97GUxNkO6GR0t9GKKr1Zd8NHYVVHp4dEeY3kRnHdMqqyVgN0u3e:eBXhHR0aTQN4gRHdMqJVgN0N`
Yara	IsDLL - (no description) Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsPE32 - (no description)
VirusTotal	Search for analysis

Name	b224326922962ae7_overnatninger.ove Submit file
Filepath	C:\Users\test22\AppData\Local\underkbelser\Tilbagekomsternes\Contactor\Tornirisker\Karpe121\overnatninger.ove
Size	1.6KB
Processes	2580 (win32.exe)
Type	data
MD5	`c632e1386d8eae74d06833026dbcb321`
SHA1	`1422c1a8b3426f6c4ed38e4e9f505702c7c9b250`
SHA256	`b224326922962ae71c1ca90bba3c06e5197819962f69510bdd05b5eb94df4696`
CRC32	`2B6A1A2F`
ssdeep	`24:3UluTlreqBtpDOwGA+6mKjnGOtqHxuSadRpG1oZpPoYN9ig0hZ:3OuTNeqpDHJ+6NGOMRuSH1CpRQxhZ`
Yara	None matched
VirusTotal	Search for analysis

Name	bd6245a0ccd88fcd_greenhead.lej Submit file
Filepath	C:\Users\test22\AppData\Local\underkbelser\Tilbagekomsternes\Contactor\Tornirisker\Karpe121\greenhead.lej
Size	1.2KB
Processes	2580 (win32.exe)
Type	data
MD5	`12f12716c7f669ed0d9137372ac4b2ef`
SHA1	`6dffad176c3ca7d2c44fbb0c17b6da70b7440ed0`
SHA256	`bd6245a0ccd88fcd76d4c288f9e1526bb89eb8b4b68e3c2f38ecf9e340f24871`
CRC32	`0B585473`
ssdeep	`24:glSV/y9sYWzezKzAxdG/l1HAaAx5rGNAE+0D:gopzKQXxAf66EX`
Yara	None matched
VirusTotal	Search for analysis