Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
11.13 04:11
hello.exe
11.13 03:11
espsemhvcioff.exe
11.13 02:11
Geek_se.exe
11.13 02:11
cred64.dll
11.13 02:11
svhost.exe
11.13 02:11
nb.exe
11.13 02:11
svcyr.exe
11.13 02:11
Ghost_1.5.11.5.exe
11.13 02:11
PowderGpl.exe
11.13 02:11
goodlabel%E6%89%93%E5%...

Latest News
11.15 11:11
Semperis HIP conferenc...
11.15 10:11
양평물맑은시장, 건강·문화·경영 아우르는...
11.15 10:11
메타인입시컨설팅, 고3 대상 11월 맞춤...
11.15 10:11
위글위글, 전국 매장 ‘미리 크리스마스’...
11.15 10:11
아르콘-한경기획 MOU 체결...F&am...
11.15 10:11
Google fixes 2 Vertex ...
11.15 10:11
위지윅스튜디오, 콘텐츠·뉴미디어 사업 성...
11.15 09:11
동방사회복지회, 여성 한부모와 자녀 위한...
11.15 09:11
코위크위더스, 회원 수 3만 명 돌파 기...
11.15 09:11
㈜클린앤환경, 24시간 논스톱 클린 서비...

Dropped Files | ZeroBOX

Name	bdb1fe88c613af8e_process.txt Submit file
Filepath	C:\Users\test22\AppData\Local\42e42f7b46404dc0765cceebe321467e\test22@TEST22-PC_ko-KR\System\Process.txt
Size	2.1KB
Processes	2548 (None)
Type	ASCII text
MD5	`13c83e754f2aa08003402e3acfb430a5`
SHA1	`e099c6f09c23d38df0f639b2231bfcf3db1a2a26`
SHA256	`bdb1fe88c613af8e89e03f22c2395c1f4a60a35291dc229f2017c133dfa4a27f`
CRC32	`85FD4A81`
ssdeep	`24:CCq4B1EpyQUYTZV6QpLVb6dO3nTFf5IdlnR+Dv0RtKyY2nJiG+6XvORp1Xk1IpWZ:G4HyfBMdsTZCLsmc2`
Yara	None matched
VirusTotal	Search for analysis

Name	6b6dd8b11f84fb78_scanningnetworks.txt Submit file
Filepath	C:\Users\test22\AppData\Local\42e42f7b46404dc0765cceebe321467e\test22@TEST22-PC_ko-KR\System\ScanningNetworks.txt
Size	59.0B
Processes	2548 (None)
Type	ASCII text, with CRLF line terminators
MD5	`409930721dbce1ee58227d109cca4570`
SHA1	`767f86ffec769d8415f07b4372a108cba1bf7221`
SHA256	`6b6dd8b11f84fb78e3e8cfaa7c5fca569d79402b9fc5861b00960b25607c911e`
CRC32	`CE532972`
ssdeep	`3:joFkaQXMtS1ME/M2en:jYVQXOS1TUn`
Yara	None matched
VirusTotal	Search for analysis

Name	bbc59eb43822e646_tmp42BD.tmp.dat Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\tmp42BD.tmp.dat
Size	18.0KB
Type	SQLite 3.x database, last written using SQLite version 3021000
MD5	`53ea322f91d6f0de8448b68583284d22`
SHA1	`b6c835867fbf7e432b834f7366eb0407f3eebbfa`
SHA256	`bbc59eb43822e64660cc4ccbca37d6dc016eaa9b85b2c6f5b40826bb03188b34`
CRC32	`CA013001`
ssdeep	`24:LLY10KL7G0TMJHUyyJtmCm0XKY6lOKQAE9V8MffD4fOzeCmly6Uwc6ocW:4z+JH3yJUheCVE9V8MX0PFlNU12W`
Yara	None matched
VirusTotal	Search for analysis

Name	a2ce3a0fa7d2a833_e0f5c59f9fa661f6f4c50b87fef3a15a Submit file
Filepath	C:\Users\test22\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E0F5C59F9FA661F6F4C50B87FEF3A15A
Size	893.0B
Processes	2548 (None)
Type	data
MD5	`d4ae187b4574036c2d76b6df8a8c1a30`
SHA1	`b06f409fa14bab33cbaf4a37811b8740b624d9e5`
SHA256	`a2ce3a0fa7d2a833d1801e01ec48e35b70d84f3467cc9f8fab370386e13879c7`
CRC32	`1C31685D`
ssdeep	`24:hBntmDvKUQQDvKUr7C5fpqp8gPvXHmXvponXux:3ntmD5QQD5XC5RqHHXmXvp++x`
Yara	None matched
VirusTotal	Search for analysis

Name	c84c98bbf5e0ef9c_bookmarks.txt Submit file
Filepath	C:\Users\test22\AppData\Local\42e42f7b46404dc0765cceebe321467e\test22@TEST22-PC_ko-KR\Browsers\Firefox\Bookmarks.txt
Size	105.0B
Processes	2548 (None)
Type	ASCII text
MD5	`2e9d094dda5cdc3ce6519f75943a4ff4`
SHA1	`5d989b4ac8b699781681fe75ed9ef98191a5096c`
SHA256	`c84c98bbf5e0ef9c8d0708b5d60c5bb656b7d6be5135d7f7a8d25557e08cf142`
CRC32	`06923351`
ssdeep	`3:RGtjybXLGSWK+ZjMGvRS3ZMz9GSOLj2SjyRE2qJ:hvWF7Ipg9OL2RE2m`
Yara	None matched
VirusTotal	Search for analysis

Name	82bf074112a8d275_e0f5c59f9fa661f6f4c50b87fef3a15a Submit file
Filepath	C:\Users\test22\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E0F5C59F9FA661F6F4C50B87FEF3A15A
Size	252.0B
Processes	2548 (None)
Type	data
MD5	`180b13d86b37a2412e01fb8c06aeb1b2`
SHA1	`da17e86064d49f43e50d36f07af6a9fb7e22f3e8`
SHA256	`82bf074112a8d27529384c0cbe454490e1b7fcfa27b7f95ed0038d2de9ab2257`
CRC32	`49D69F4B`
ssdeep	`3:kkFklUp18klfllXlE/Bi9llPlzRkwWBARLNDU+ZMlKlBkvclcMlVHblB15RNU2U3:kKlb8kgiZliBAIdQZV742MN`
Yara	None matched
VirusTotal	Search for analysis

Name	1aeaae9e348e4a90_pictures.txt Submit file
Filepath	C:\Users\test22\AppData\Local\42e42f7b46404dc0765cceebe321467e\test22@TEST22-PC_ko-KR\Directories\Pictures.txt
Size	38.0B
Processes	2548 (None)
Type	ASCII text, with CRLF line terminators
MD5	`dd263295db0ff3f186fc82005f424092`
SHA1	`2e6aad15cb235693738d7b3357daa028e8108aa4`
SHA256	`1aeaae9e348e4a9032750e15981663added0c233873341a37135c38adeb0c312`
CRC32	`223EC129`
ssdeep	`3:YBrLKch+Aks:srLKLAR`
Yara	None matched
VirusTotal	Search for analysis

Name	e8f95c9867d16510_productkey.txt Submit file
Filepath	C:\Users\test22\AppData\Local\42e42f7b46404dc0765cceebe321467e\test22@TEST22-PC_ko-KR\System\ProductKey.txt
Size	29.0B
Processes	2548 (None)
Type	ASCII text, with no line terminators
MD5	`9000a0dc84b680b8d346d909f9db12ae`
SHA1	`5ee9044160d2b93fd5d36df9ebc31f3ef1df1804`
SHA256	`e8f95c9867d16510b7cc48f733d1d7904c15f3e9f3b8ed77bfba4729a347cbf1`
CRC32	`105DE556`
ssdeep	`3:N3QNug9KcoTn:NgNu4/O`
Yara	None matched
VirusTotal	Search for analysis

Name	0b8607fdf72f3e65_tmp4310.tmp.dat Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\tmp4310.tmp.dat
Size	96.0KB
Type	SQLite 3.x database, user version 12, last written using SQLite version 3038003
MD5	`d367ddfda80fdcf578726bc3b0bc3e3c`
SHA1	`23fcd5e4e0e5e296bee7e5224a8404ecd92cf671`
SHA256	`0b8607fdf72f3e651a2a8b0ac7be171b4cb44909d76bb8d6c47393b8ea3d84a0`
CRC32	`842B3569`
ssdeep	`12:DQAwfWk73Fmdmc/OPVJXfPNn43etRRfYR5O8atLqxeYaNcDakMG/lO:DQAwff32mNVpP965Ra8KN0MG/lO`
Yara	None matched
VirusTotal	Search for analysis

Name	a67aa329b7d878de_videos.txt Submit file
Filepath	C:\Users\test22\AppData\Local\42e42f7b46404dc0765cceebe321467e\test22@TEST22-PC_ko-KR\Directories\Videos.txt
Size	23.0B
Processes	2548 (None)
Type	ASCII text, with CRLF line terminators
MD5	`1fddbf1169b6c75898b86e7e24bc7c1f`
SHA1	`d2091060cb5191ff70eb99c0088c182e80c20f8c`
SHA256	`a67aa329b7d878de61671e18cd2f4b011d11cbac67ea779818c6dafad2d70733`
CRC32	`0E4761EF`
ssdeep	`3:k+JrLKB:k+JrLKB`
Yara	None matched
VirusTotal	Search for analysis

Name	2f345865397ff195_history.txt Submit file
Filepath	C:\Users\test22\AppData\Local\42e42f7b46404dc0765cceebe321467e\test22@TEST22-PC_ko-KR\Browsers\Firefox\History.txt
Size	94.0B
Processes	2548 (None)
Type	UTF-8 Unicode text
MD5	`61cdd7492189720d58f6c5c975d6dfbd`
SHA1	`6966afe0dec5b0abd90291fa12c0f6b7ef73ed43`
SHA256	`2f345865397ff1952921db0588a6b589baf30e67a90e11f7064e515ac162e862`
CRC32	`E765C263`
ssdeep	`3:RGEnGPHA9lfMJJEFAN2DSLvIJiMhKVX3L2WdXuvn:DG/CF0EFAN2OLciA8d+v`
Yara	None matched
VirusTotal	Search for analysis

Name	6f9f69cd6b50578c_worldwind.jpg Submit file
Filepath	C:\Users\test22\AppData\Local\42e42f7b46404dc0765cceebe321467e\test22@TEST22-PC_ko-KR\System\WorldWind.jpg
Size	23.5KB
Processes	2548 (None)
Type	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1024x768, frames 3
MD5	`829eaaa635c603838c4c54323cee31e9`
SHA1	`f2c6442c7e109ffcb632c4b7258b2a49e87b9c5c`
SHA256	`6f9f69cd6b50578ce81dbdf76a80e1c511b7967d705cf5762f4d789bfb0cc080`
CRC32	`FBA78019`
ssdeep	`384:0JaiPMgnbQA5s9D6wdhBEmz1+tisuqnoRYUn:0Abus9D6wdDEmp+t37oRYU`
Yara	JPEG_Format_Zero - JPEG Format
VirusTotal	Search for analysis

Name	7c9d9a7eaaf831f1_documents.txt Submit file
Filepath	C:\Users\test22\AppData\Local\42e42f7b46404dc0765cceebe321467e\test22@TEST22-PC_ko-KR\Directories\Documents.txt
Size	824.0B
Processes	2548 (None)
Type	ASCII text, with CRLF line terminators
MD5	`a698f6837469a19747185bfb4a452101`
SHA1	`686bdf8018686430e8f63064dc3f8ce125b37d1c`
SHA256	`7c9d9a7eaaf831f1ae92211a7d9f69560d22df48b0e9553127c28435fcd1c13a`
CRC32	`1313C026`
ssdeep	`24:arE12nHAogMdJMWIyRI7fIQFYbhxvTVYKS7M7RqXv:7eHAhYCyi7fYbhJwXv`
Yara	None matched
VirusTotal	Search for analysis

Name	28d86bd68fbc05cb_temp.txt Submit file
Filepath	C:\Users\test22\AppData\Local\42e42f7b46404dc0765cceebe321467e\test22@TEST22-PC_ko-KR\Directories\Temp.txt
Size	3.7KB
Processes	2548 (None)
Type	UTF-8 Unicode text, with CRLF line terminators
MD5	`b1b4a3460b3a4833db5fd18125ee123d`
SHA1	`877f9abd3c818c57ebc21162f358daef58e46c21`
SHA256	`28d86bd68fbc05cb4fca16cfbd0fba9bf1fc3c83cca153c144704975d57289e2`
CRC32	`32F1E8B6`
ssdeep	`96:ptAzrbkc4vSaJI/m1AdriUlWv45KTctxQLCeAprOaNFuwrfGZ2tnOyere:4zkccY4aNFuw5eS`
Yara	anti_vm_detect - Possibly employs anti-virtualization techniques
VirusTotal	Search for analysis

Name	bc70f1c6d6c29573_desktop.txt Submit file
Filepath	C:\Users\test22\AppData\Local\42e42f7b46404dc0765cceebe321467e\test22@TEST22-PC_ko-KR\Directories\Desktop.txt
Size	37.0B
Processes	2548 (None)
Type	ASCII text, with CRLF line terminators
MD5	`0b3aadcd559146d41265f1caa7430e54`
SHA1	`9aa21aa80161fd86bbc5041dedd850925a84ffff`
SHA256	`bc70f1c6d6c29573c7ac7f4e781242641caa970ddfb933f2f7ccdcc90bda6992`
CRC32	`5C68A1AA`
ssdeep	`3:oAov8LKch+Ag:vov8LKLAg`
Yara	None matched
VirusTotal	Search for analysis

Name	512e4e95427a8c66_tmp42BE.tmp.dat Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\tmp42BE.tmp.dat
Size	36.0KB
Type	SQLite 3.x database, last written using SQLite version 3021000
MD5	`f4c540f52d5c08d24a79805eda1d7abf`
SHA1	`22be46826df7693f58736adb232ab2da790f2571`
SHA256	`512e4e95427a8c66b2993b27bb23d99cdab2ebd6e9e8937c7f6a39ed8c6a5b94`
CRC32	`95C9FB3A`
ssdeep	`24:TLmg/5UcJOyTGVZTPaFpEvg3obNmCFk6Uwcc85fB34444z:T5/ecVTgPOpEveoJZFrU1cQB34444z`
Yara	None matched
VirusTotal	Search for analysis

Name	5feceb66ffc86f38_msgid.dat Submit file
Filepath	C:\Users\test22\AppData\Local\452c7434cb3f450dc6135b0ce495ecc5\msgid.dat
Size	1.0B
Processes	2548 (None)
Type	very short file (no magic)
MD5	`cfcd208495d565ef66e7dff9f98764da`
SHA1	`b6589fc6ab0dc82cf12099d1c2d40ab994e8410c`
SHA256	`5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9`
CRC32	`F4DBDF21`
ssdeep	`3:V:V`
Yara	None matched
VirusTotal	Search for analysis

Name	582a0a96d76d3688_downloads.txt Submit file
Filepath	C:\Users\test22\AppData\Local\42e42f7b46404dc0765cceebe321467e\test22@TEST22-PC_ko-KR\Directories\Downloads.txt
Size	26.0B
Processes	2548 (None)
Type	ASCII text, with CRLF line terminators
MD5	`df43f7da877de3ab3774aa024d5b929c`
SHA1	`e39dfffb4c9b627b68ff92f9f0ba026551b1e662`
SHA256	`582a0a96d76d3688fff52d48079910cba2b4fb53af678aa3bbfd872dd6c7466b`
CRC32	`B0353909`
ssdeep	`3:jLtgrLKB:3tSLKB`
Yara	None matched
VirusTotal	Search for analysis

Name	16187ff9b5096b21_tmp4311.tmp.dat Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\tmp4311.tmp.dat
Size	5.0MB
Type	SQLite 3.x database, user version 69, last written using SQLite version 3038003
MD5	`837705c24eaa032145b6f82119af4eea`
SHA1	`7d38a13b37105ef0f6c24c585de581949616f32c`
SHA256	`16187ff9b5096b217d405d1492c115a096f8d63d72befbf5851e19b61581f857`
CRC32	`8BF87D31`
ssdeep	`192:StsqHQnwkYjcoBMc+uK6ik4QtjJz3ig48pp0:StsbwVTBMc+uK6ikPpJz3E8`
Yara	None matched
VirusTotal	Search for analysis

Name	5ee454eb05fcbbc0_tmp42BF.tmp.dat Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\tmp42BF.tmp.dat
Size	120.0KB
Type	SQLite 3.x database, last written using SQLite version 3021000
MD5	`64202674f6acaafa94c3390b0cc720b9`
SHA1	`38c8537feccfaabb095805d290af69272aeb32f1`
SHA256	`5ee454eb05fcbbc0ac1ff5662ba2be1f22688ddb97d3cc357d4da5cff5b5e5e9`
CRC32	`3685166F`
ssdeep	`48:TGjDU66tTKfxNPp+suktLReRK+NaUvdWSZ00LTL0drQHHp7C5fVcS2+VANUXq6uG:BeJQpWSZ00LTL0QCbc0VANPjwQU+`
Yara	None matched
VirusTotal	Search for analysis

Name	9a8ea0e2df7554c5_tmp429D.tmp.dat Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\tmp429D.tmp.dat
Size	72.0KB
Type	SQLite 3.x database, last written using SQLite version 3021000
MD5	`0539a773e44d21a84fd97fee0dffd4a3`
SHA1	`5904058c20aad54c552edc57826babd36ab61149`
SHA256	`9a8ea0e2df7554c57fb4ee6a8a12782f5a2474a3e4c23dc61e4768631dc4eb9f`
CRC32	`964BC0B2`
ssdeep	`96:P0CWo3dOOctAYyY9MsH738Hsa/NTIdE8uKIaPdUDFBlrrVY/qBOnx4yWTJereWbY:PXt769TYndTJMb3j0`
Yara	None matched
VirusTotal	Search for analysis

Name	f92f43e592bfd79a_startup.txt Submit file
Filepath	C:\Users\test22\AppData\Local\42e42f7b46404dc0765cceebe321467e\test22@TEST22-PC_ko-KR\Directories\Startup.txt
Size	73.0B
Processes	2548 (None)
Type	UTF-8 Unicode text, with CRLF line terminators
MD5	`8f96f81a2318c2feab75135449711a25`
SHA1	`2fbb1b072c91c0cda23723db2c291efbd5b7689c`
SHA256	`f92f43e592bfd79a252224f101cf06ea21942d7455dbd2d3513128ee0427a522`
CRC32	`0E718DBF`
ssdeep	`3:jgihjJVxOQtllfYLKYa/v:jtHIQtlGLK5v`
Yara	None matched
VirusTotal	Search for analysis