Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
11.08 05:11
locker.exe
11.08 05:11
PowerView.ps1
11.08 05:11
cred64.dll
11.08 05:11
ngrok.exe
11.08 05:11
CollosalLoader.exe
11.08 05:11
SharpHound.exe
11.08 05:11
Reaper%20cfx%20Spoofer...
11.08 05:11
dxwebsetup.exe
11.08 05:11
hell9o.exe
11.08 05:11
jerniuiopu.exe

Latest News
11.11 12:11
Strom und Heizkosten i...
11.11 12:11
Koffein-Tracking per A...
11.11 12:11
Ryzen 7 9800X3D: AMDs ...
11.11 12:11
Ethische KI: Wie Fairn...
11.10 11:11
Apple’s Future Hinges ...
11.10 09:11
Building a DIY Nipkow ...
11.10 07:11
Windows-Update für Win...
11.10 06:11
A Beautifully Illustra...
11.10 06:11
Malware and cryptograp...
11.10 05:11
Daten gefahrlos geschl...

Dropped Files | ZeroBOX

Name	4cce5f45f185524b_LogpalometacbzmSmoqvFiIMOkOOdfHmOHfQLjwqrteKRpHcgabardines Submit file
Filepath	C:\Users\test22\AppData\Roaming\Microsoft\Windows\Templates\TEST22-PC-test22\LogpalometacbzmSmoqvFiIMOkOOdfHmOHfQLjwqrteKRpHcgabardines
Size	1.2MB
Type	SQLite 3.x database, user version 30, last written using SQLite version 3031001
MD5	`fe169ca1afaa6be2776a175c90427b38`
SHA1	`72bb87cd1b2b000088d1ee4c14675b2c19de4aa9`
SHA256	`4cce5f45f185524b6c75c819ad5923d70dcb9662e833b5e1229022693f471235`
CRC32	`8B4FBD0F`
ssdeep	`96:D7/cYoynhZlbJPZOwr4oR84J4Aqx4ZA7O9jgv106WEWbEm2JioMetQ:3cYoEn/oGJYxapEWAm2J2`
Yara	None matched
VirusTotal	Search for analysis

Name	41553e3508f99327_mnvimf.j Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\mnvimf.j
Size	456.3KB
Processes	1440 (ChromeSetup.exe)
Type	data
MD5	`c96b50efd584b50516934a02ae70d3a5`
SHA1	`dd148526905452780cdf47af52367c4dc50b5483`
SHA256	`41553e3508f993276a2a723b703387eb31e010d512c91ec99e8d89b28f21504e`
CRC32	`0BAAD70D`
ssdeep	`6144:k2PTgjEY8RAvErYJs7YJLWbx6OhNA8PYaVRgjDTLyABu2PKoJNqCxBPqUqE4v7Sc:k2r88Rg8MhxZ0mLPPfxjMBou5FLF`
Yara	None matched
VirusTotal	Search for analysis

Name	ad9af6543f3eda2c_fryers.exe Submit file
Filepath	C:\Users\test22\AppData\Roaming\Microsoft\Windows\Templates\fryers.exe
Size	428.3KB
Processes	1000 (ChromeSetup.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
MD5	`70462b94519e8f0354cdde7584e536ce`
SHA1	`82216609abd57d9bb0b363d29c7456a7812b106e`
SHA256	`ad9af6543f3eda2c556ad005fc4f5b3b3b5298f54312d1fda5354534903f55af`
CRC32	`B55095F8`
ssdeep	`12288:/Y3DFejc4eN4rbwpN+Ftb4v3Gi2M/eXhjPC6cJ44MmSFJq:/Y3RwnbwpN6F4/gj1fe13Sq`
Yara	UPX_Zero - UPX packed file NSIS_Installer - Null Soft Installer Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsPE32 - (no description)
VirusTotal	Search for analysis

Name	824fae3331b95e2f_LogpalometacbzmSmoqvFiIMOkOOdfHmOHfQLjwqrteKRpHcgabardines Submit file
Filepath	C:\Users\test22\AppData\Roaming\Microsoft\Windows\Templates\TEST22-PC-test22\LogpalometacbzmSmoqvFiIMOkOOdfHmOHfQLjwqrteKRpHcgabardines
Size	40.0KB
Type	SQLite 3.x database, last written using SQLite version 3033000
MD5	`41c19a9e8541fcb934c13c075bf47721`
SHA1	`648a7622d533d79b9a0bb31dc370134ec3a75ed7`
SHA256	`824fae3331b95e2f88ca60c87a6c9569086906ec76fc1db8d6dee9adddc4e80c`
CRC32	`560F7642`
ssdeep	`48:+35TqYzDGF/8LKBwUf9KfWfkMUEilGc7xBM6vu3f+fmyJqhU:Ulce7mlcwilGc7Ha3f+u`
Yara	None matched
VirusTotal	Search for analysis

Name	bcdcc4f83a2efab5_xhpimil.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\nsgC020.tmp\xhpimil.dll
Size	51.0KB
Processes	1440 (ChromeSetup.exe)
Type	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5	`64b9c07dcd922f595b814eb764ac0493`
SHA1	`fa0db12b16a5e0921052979434db327fe0ced2b5`
SHA256	`bcdcc4f83a2efab5150c8d67f17d93361878275088fa04448dde4a5ede837ca6`
CRC32	`C52556E6`
ssdeep	`768:NTgwkyc3pa8IGxvtiZpbYziE7NWANK6Xs4yxdjjTtBp/lLg:NTjubxteUjXs7jTtBp/`
Yara	UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check IsDLL - (no description) Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsPE32 - (no description)
VirusTotal	Search for analysis

Name	dcfcd16fbf0511d3_vbsqlite3.dll Submit file
Filepath	C:\Users\Public\Libraries\vbsqlite3.dll
Size	161.5KB
Processes	1000 (ChromeSetup.exe)
Type	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, UPX compressed
MD5	`073a17b6cfb1112c6c838b2fba06a657`
SHA1	`a54bb22489eaa8c52eb3e512aee522320530b0be`
SHA256	`dcfcd16fbf0511d3f2b3792e5493fa22d7291e4bb2efbfa5ade5002a04fc2cab`
CRC32	`9619DAD7`
ssdeep	`3072:eNFwdmspaPg9g9oOavAQBNrPkVdc88GjU+vF6nuxRocX5GOOUleo+c:e8d1/w5KA81IJ8GpF6nuTmOOU`
Yara	UPX_Zero - UPX packed file IsDLL - (no description) PE_Header_Zero - PE File Signature IsPE32 - (no description)
VirusTotal	Search for analysis

Name	c119a54b6bef3a48_WebData Submit file
Filepath	C:\Users\test22\AppData\Roaming\Microsoft\Windows\Templates\TEST22-PC-test22\WebData
Size	80.0KB
Type	SQLite 3.x database, last written using SQLite version 3033000
MD5	`255929949dea51a2f43a1f40e63764ec`
SHA1	`8f32ab419264fdad05f4f3828db3c1cd38d919fd`
SHA256	`c119a54b6bef3a48234950dc07fe70f73b69d1390ef0235e66481faa1048ead6`
CRC32	`F7A79605`
ssdeep	`96:5Bc7fYLKYZCIdE8XwUWaPdUDg738Hsa/NhuK0l0q8oc5PyWTJereWb3lxzasq9u4:5BPOUNlCTJMb3rEDFAa6E/`
Yara	None matched
VirusTotal	Search for analysis

Name	89c57cdff7f53e45_ThunderBirdContacts.txt Submit file
Filepath	C:\Users\test22\AppData\Roaming\Microsoft\Windows\Templates\TEST22-PC-test22\ThunderBirdContacts.txt
Size	21.0B
Processes	1000 (ChromeSetup.exe)
Type	ASCII text, with CRLF line terminators
MD5	`aae099b12d63d4ff58e570ea2fdb126e`
SHA1	`72c2652e15cc35394dedefaeedfe711b159c0ecc`
SHA256	`89c57cdff7f53e45bfb5c04d9ed99c3ad4c182a503bba441ebbc4bb5de45f9bb`
CRC32	`99E67AA1`
ssdeep	`3:HvzIyHy:HvzID`
Yara	None matched
VirusTotal	Search for analysis

Name	e3b0c44298fc1c14_nsbBFFF.tmp Empty file or file not found
Filepath	C:\Users\test22\AppData\Local\Temp\nsbBFFF.tmp
Size	0.0B
Type	empty
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
CRC32	`00000000`
ssdeep	`3::`
Yara	None matched
VirusTotal	Search for analysis