Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

Dropped Files | ZeroBOX

Name	2c638e95988c0ad0_smart.vbs Submit file
Filepath	C:\Users\Public\Smart.vbs
Size	678.0B
Processes	2548 (powershell.exe)
Type	ASCII text, with CRLF line terminators
MD5	`ec2d6bb60ec988ae19374dbbdf69801e`
SHA1	`d11aada90e375450b617f5677833a36e8bb843d7`
SHA256	`2c638e95988c0ad027addbf0225eb0849898175ef1354a41bb303d375a4d364a`
CRC32	`3C52B002`
ssdeep	`6:VtGTl/Gu67HJr+jJ0ZJhuPJ/W+5MIKxkYM/2VtGTWa5M23HTxg+S3pEaHhZ:VtW/2Ht+9OQRT7fYeytKM23HN7Ot`
Yara	None matched
VirusTotal	Search for analysis

Name	b7c225ef3cc3e875_d93f411851d7c929.customdestinations-ms Submit file
Filepath	c:\users\test22\appdata\roaming\microsoft\windows\recent\customdestinations\d93f411851d7c929.customdestinations-ms
Size	7.8KB
Processes	2548 (powershell.exe)
Type	data
MD5	`81ca4510272caf505e8091e9a28cb716`
SHA1	`71414aeec9f1e4a6f5a461b01700cc9cc992cd9e`
SHA256	`b7c225ef3cc3e87506150eb140e7b9cc127a3469c50a808854acac71a53d98bf`
CRC32	`FC31E90F`
ssdeep	`96:EtuCcBGCPDXBqvsqvJCwoRtuCcBGCPDXBqvsEHyqvJCwor/47HwxGlUVul:EtCgXoRtCgbHnorLxY`
Yara	Antivirus - Contains references to security software Generic_Malware_Zero - Generic Malware
VirusTotal	Search for analysis

Name	767f41676a26a088_smart.xml Submit file
Filepath	C:\Users\Public\smart.xml
Size	1.1KB
Processes	2548 (powershell.exe)
Type	ASCII text, with CRLF line terminators
MD5	`51ce14157daa34744c3d2011facfc395`
SHA1	`8289e345238b210f0ef5c095323d4d5b07d209ad`
SHA256	`767f41676a26a088d5225a369e7d4cb487c8ce95c7ae6b7f46d37d28f17e9657`
CRC32	`BE423B88`
ssdeep	`24:/4+S3drp8dM4YeGlMhEMjn5pwjVgUYODOLD9RJh7h8gail/ctn:DyItuydbQx3YODOLNdq6i`
Yara	None matched
VirusTotal	Search for analysis

Name	563eeab8a156a77e_smart.bat Submit file
Filepath	C:\Users\Public\Smart.bat
Size	82.0B
Processes	2548 (powershell.exe)
Type	ASCII text, with no line terminators
MD5	`874fcca68171fd672633da597359b840`
SHA1	`0c18330d61c10d7315bd85da73e5272a84539e63`
SHA256	`563eeab8a156a77e4b25cd85a6a18fa467191a8e75f44b3d0339188d846c992d`
CRC32	`5C60DCEA`
ssdeep	`3:+yAJJFIeUrh5RI8FW5ePaHF52ZHn:w8P1PfW5ePaHKn`
Yara	None matched
VirusTotal	Search for analysis

Name	9fbe4eace5a47f2e_smart.ps1 Submit file
Filepath	C:\Users\Public\Smart.ps1
Size	427.8KB
Processes	2548 (powershell.exe)
Type	ASCII text, with very long lines, with CRLF line terminators
MD5	`d8d7215a2e2e921419d304836227347d`
SHA1	`05450be8ae8090102dc88e0ed4cdc60eda0adb0d`
SHA256	`9fbe4eace5a47f2ecfce9b1809221a635cc3c76e5e096697a8c3310a05ae7495`
CRC32	`B96F8161`
ssdeep	`3072:JGjAdqBiqe/H315g3Apx4ypzUeE6Ue+VM8fpBTUv1vZuWQIW:Jpdk7e/H315g3Apx0VNRBRWQIW`
Yara	hide_executable_file - Hide executable file
VirusTotal	Search for analysis