Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
09.20 01:09
setup.exe
09.20 11:09
3uTools.exe
09.20 11:09
66ecb4573225b_vsbhfdg1...
09.20 10:09
66ecb452ba19c_sfbdsgfd...
09.20 10:09
66ecb44c35444_vfdhsgdf...
09.20 10:09
66ec0e61998bf_setup30.exe
09.20 10:09
66ebf725efe38_lyla.exe
09.20 10:09
Desktop_Explorer.exe
09.20 10:09
66ec3528901bb_winupdat...
09.20 10:09
Inquiry-Dubai.js

Latest News
09.21 12:09
Middle East backdoored...
09.21 12:09
Updated CISA exploited...
09.21 12:09
Several orgs purported...
09.21 12:09
New CISA guidance seek...
09.21 12:09
Lumma Stealer deployed...
09.21 12:09
InfoSec World Intervie...
09.21 12:09
InfoSec World CRTV Liv...
09.21 12:09
FTC: Mass surveillance...
09.21 12:09
Disney reportedly ditc...
09.21 12:09
Dell claimed to be bre...

Dropped Files | ZeroBOX

Name	bbc59eb43822e646_maueUsnlr4sUppOu Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\maueUsnlr4sUppOu
Size	18.0KB
Type	SQLite 3.x database, last written using SQLite version 3021000
MD5	`53ea322f91d6f0de8448b68583284d22`
SHA1	`b6c835867fbf7e432b834f7366eb0407f3eebbfa`
SHA256	`bbc59eb43822e64660cc4ccbca37d6dc016eaa9b85b2c6f5b40826bb03188b34`
CRC32	`CA013001`
ssdeep	`24:LLY10KL7G0TMJHUyyJtmCm0XKY6lOKQAE9V8MffD4fOzeCmly6Uwc6ocW:4z+JH3yJUheCVE9V8MX0PFlNU12W`
Yara	None matched
VirusTotal	Search for analysis

Name	512e4e95427a8c66_maueUsnlr4sUppOu Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\maueUsnlr4sUppOu
Size	36.0KB
Type	SQLite 3.x database, last written using SQLite version 3021000
MD5	`f4c540f52d5c08d24a79805eda1d7abf`
SHA1	`22be46826df7693f58736adb232ab2da790f2571`
SHA256	`512e4e95427a8c66b2993b27bb23d99cdab2ebd6e9e8937c7f6a39ed8c6a5b94`
CRC32	`95C9FB3A`
ssdeep	`24:TLmg/5UcJOyTGVZTPaFpEvg3obNmCFk6Uwcc85fB34444z:T5/ecVTgPOpEveoJZFrU1cQB34444z`
Yara	None matched
VirusTotal	Search for analysis

Name	de1a914734dcc075_4375vtb45tv8225nv4285n2.txt Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\4375vtb45tv8225nv4285n2.txt
Size	6.3KB
Processes	2576 (buildqwer.exe)
Type	ASCII text
MD5	`83e06e883754d4e14d7ed7c461dadac8`
SHA1	`94c4ba79e389825f613bc1a7cf4304b5f9192cbe`
SHA256	`de1a914734dcc075afbf9f39b2cdf2427c581c9d4c5da277460d1ad34a7d56c6`
CRC32	`D9487C38`
ssdeep	`96:bvv+jjRzdkdCkq+kX0k/+kaYnJks3kowp4kT/JkmvkWtkXpkAIIkB2k3pkKdk2vO:bOBjDy9O`
Yara	infoStealer_browser_b_Zero - browser info stealer
VirusTotal	Search for analysis

Name	5ee454eb05fcbbc0_maueUsnlr4sUppOu Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\maueUsnlr4sUppOu
Size	120.0KB
Type	SQLite 3.x database, last written using SQLite version 3021000
MD5	`64202674f6acaafa94c3390b0cc720b9`
SHA1	`38c8537feccfaabb095805d290af69272aeb32f1`
SHA256	`5ee454eb05fcbbc0ac1ff5662ba2be1f22688ddb97d3cc357d4da5cff5b5e5e9`
CRC32	`3685166F`
ssdeep	`48:TGjDU66tTKfxNPp+suktLReRK+NaUvdWSZ00LTL0drQHHp7C5fVcS2+VANUXq6uG:BeJQpWSZ00LTL0QCbc0VANPjwQU+`
Yara	None matched
VirusTotal	Search for analysis

Name	16187ff9b5096b21_Cs7gHCnNZMwsffXH Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Cs7gHCnNZMwsffXH
Size	5.0MB
Type	SQLite 3.x database, user version 69, last written using SQLite version 3038003
MD5	`837705c24eaa032145b6f82119af4eea`
SHA1	`7d38a13b37105ef0f6c24c585de581949616f32c`
SHA256	`16187ff9b5096b217d405d1492c115a096f8d63d72befbf5851e19b61581f857`
CRC32	`8BF87D31`
ssdeep	`192:StsqHQnwkYjcoBMc+uK6ik4QtjJz3ig48pp0:StsbwVTBMc+uK6ikPpJz3E8`
Yara	None matched
VirusTotal	Search for analysis

Name	9a8ea0e2df7554c5_maueUsnlr4sUppOu Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\maueUsnlr4sUppOu
Size	72.0KB
Type	SQLite 3.x database, last written using SQLite version 3021000
MD5	`0539a773e44d21a84fd97fee0dffd4a3`
SHA1	`5904058c20aad54c552edc57826babd36ab61149`
SHA256	`9a8ea0e2df7554c57fb4ee6a8a12782f5a2474a3e4c23dc61e4768631dc4eb9f`
CRC32	`964BC0B2`
ssdeep	`96:P0CWo3dOOctAYyY9MsH738Hsa/NTIdE8uKIaPdUDFBlrrVY/qBOnx4yWTJereWbY:PXt769TYndTJMb3j0`
Yara	None matched
VirusTotal	Search for analysis

Name	0b8607fdf72f3e65_Cs7gHCnNZMwsffXH Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Cs7gHCnNZMwsffXH
Size	96.0KB
Type	SQLite 3.x database, user version 12, last written using SQLite version 3038003
MD5	`d367ddfda80fdcf578726bc3b0bc3e3c`
SHA1	`23fcd5e4e0e5e296bee7e5224a8404ecd92cf671`
SHA256	`0b8607fdf72f3e651a2a8b0ac7be171b4cb44909d76bb8d6c47393b8ea3d84a0`
CRC32	`842B3569`
ssdeep	`12:DQAwfWk73Fmdmc/OPVJXfPNn43etRRfYR5O8atLqxeYaNcDakMG/lO:DQAwff32mNVpP965Ra8KN0MG/lO`
Yara	None matched
VirusTotal	Search for analysis

Name	383f6a8aac6ecde2_09wrgiiHEg1zP8b2.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\09wrgiiHEg1zP8b2.dll
Size	778.8KB
Processes	2576 (buildqwer.exe)
Type	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5	`ca426ad13949eb03954cf6af14ed9ccb`
SHA1	`f5f46048711a3b10fdd243d450f38c70b2bda65d`
SHA256	`383f6a8aac6ecde29d4cbde8e31be84a528892cc7295985f1c877fdfbe9e2a2f`
CRC32	`AA24F516`
ssdeep	`24576:btK/pV2q+CpVclMEAjFoS4ADKnq8UCOmxIHGQ3L3:Y/pkKTclB2Fo51UCOKImYz`
Yara	UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check IsDLL - (no description) Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature ASPack_Zero - ASPack packed file IsPE32 - (no description)
VirusTotal	Search for analysis