Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
09.20 01:09
setup.exe
09.20 11:09
3uTools.exe
09.20 11:09
66ecb4573225b_vsbhfdg1...
09.20 10:09
66ecb452ba19c_sfbdsgfd...
09.20 10:09
66ecb44c35444_vfdhsgdf...
09.20 10:09
66ec0e61998bf_setup30.exe
09.20 10:09
66ebf725efe38_lyla.exe
09.20 10:09
Desktop_Explorer.exe
09.20 10:09
66ec3528901bb_winupdat...
09.20 10:09
Inquiry-Dubai.js

Latest News
09.21 01:09
Hackaday Podcast Episo...
09.21 01:09
The Russian Bot Army T...
09.21 01:09
Australia’s Labor Part...
09.21 12:09
Inviting the Public to...
09.21 12:09
How Ransomhub Ransomwa...
09.21 12:09
Middle East backdoored...
09.21 12:09
Updated CISA exploited...
09.21 12:09
Several orgs purported...
09.21 12:09
New CISA guidance seek...
09.21 12:09
Lumma Stealer deployed...

Dropped Files | ZeroBOX

Name	d8ffff7323fb1098_bODs7gDHaDKLeNzf Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\bODs7gDHaDKLeNzf
Size	36.0KB
Type	SQLite 3.x database, last written using SQLite version 3033000
MD5	`c6245b90bf8c988ff712cc3beea7294e`
SHA1	`0bbe6de4a53092a11ed8b94ec8eab1df274e4544`
SHA256	`d8ffff7323fb10983bd9b79ad871251cb93aa7b585bc95d8b1b25c639f10f3e9`
CRC32	`FB98645B`
ssdeep	`24:TLfHB0RlPbXaFpEO5bNmISHdL6UwcOxvDUR:TLMLOpEO5J/KdGU1ED+`
Yara	None matched
VirusTotal	Search for analysis

Name	383f6a8aac6ecde2_bODs7gDHaDKLeNzf.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\bODs7gDHaDKLeNzf.dll
Size	778.8KB
Processes	3000 (Banana.exe)
Type	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5	`ca426ad13949eb03954cf6af14ed9ccb`
SHA1	`f5f46048711a3b10fdd243d450f38c70b2bda65d`
SHA256	`383f6a8aac6ecde29d4cbde8e31be84a528892cc7295985f1c877fdfbe9e2a2f`
CRC32	`AA24F516`
ssdeep	`24576:btK/pV2q+CpVclMEAjFoS4ADKnq8UCOmxIHGQ3L3:Y/pkKTclB2Fo51UCOKImYz`
Yara	UPX_Zero - UPX packed file Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE32 - (no description) ASPack_Zero - ASPack packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	33d34934e1095ee3_4375vtb45tv8225nv4285n2.txt Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\4375vtb45tv8225nv4285n2.txt
Size	6.2KB
Processes	3000 (Banana.exe)
Type	ASCII text
MD5	`aea4dae5e399de02d397cf2c58b972e0`
SHA1	`8bde798ed1f8e9a1a295b50d192f24ac72fe3fea`
SHA256	`33d34934e1095ee383ccd103bc8e762cf5d78973855e5160deb1d27e42aad573`
CRC32	`BA7D0371`
ssdeep	`96:F3JCiaIT5o5KKjvuLaeIXk/Ikakkl+kNkkqYnVkAHkokpykTNVkW/kmpkl1kUIit:VTojdtm3u`
Yara	infoStealer_browser_b_Zero - browser info stealer
VirusTotal	Search for analysis

Name	0b8607fdf72f3e65_oe8n4BrmpZdBZgMN Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\oe8n4BrmpZdBZgMN
Size	96.0KB
Type	SQLite 3.x database, user version 12, last written using SQLite version 3038003
MD5	`d367ddfda80fdcf578726bc3b0bc3e3c`
SHA1	`23fcd5e4e0e5e296bee7e5224a8404ecd92cf671`
SHA256	`0b8607fdf72f3e651a2a8b0ac7be171b4cb44909d76bb8d6c47393b8ea3d84a0`
CRC32	`842B3569`
ssdeep	`12:DQAwfWk73Fmdmc/OPVJXfPNn43etRRfYR5O8atLqxeYaNcDakMG/lO:DQAwff32mNVpP965Ra8KN0MG/lO`
Yara	None matched
VirusTotal	Search for analysis

Name	e9f22bb3efb1a02d_bODs7gDHaDKLeNzf Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\bODs7gDHaDKLeNzf
Size	116.0KB
Type	SQLite 3.x database, last written using SQLite version 3033000
MD5	`c8304a0c482e007e470b9354e46f838e`
SHA1	`d7ffe4c1b0f02470ccca8c3d97f13be1d5e4b728`
SHA256	`e9f22bb3efb1a02d1899a4b0f0e4dd9eef3b989594a2f4ca904fd7ff54e63695`
CRC32	`1F51492F`
ssdeep	`48:TWKtPl3C7nNfVcS2+VANULn36uw5NPM5ETQTpUPxK2PIs6kJL5R2+zaSZ00LTL0J:i4PJC7n/c0VANUjwQU+KraSZ00LTL0J`
Yara	None matched
VirusTotal	Search for analysis

Name	aa0eec3ac9c66836_oe8n4BrmpZdBZgMN Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\oe8n4BrmpZdBZgMN
Size	5.0MB
Type	SQLite 3.x database, user version 69, last written using SQLite version 3038003
MD5	`ce269783e2d95e4ca12d68aa90f6ac11`
SHA1	`f21c1a3e76e5f29d895e0a011cba6d2bf9eccc1b`
SHA256	`aa0eec3ac9c66836a2b4fa7745f24c1d4b4f687526a1a83accfbc84a54ec0fd5`
CRC32	`4E4077A1`
ssdeep	`192:StsqHQnwkYjcoBMc+u8jrQ+q3hDw9pp0:StsbwVTBMc+u8jM93y9`
Yara	None matched
VirusTotal	Search for analysis

Name	824fae3331b95e2f_bODs7gDHaDKLeNzf Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\bODs7gDHaDKLeNzf
Size	40.0KB
Type	SQLite 3.x database, last written using SQLite version 3033000
MD5	`41c19a9e8541fcb934c13c075bf47721`
SHA1	`648a7622d533d79b9a0bb31dc370134ec3a75ed7`
SHA256	`824fae3331b95e2f88ca60c87a6c9569086906ec76fc1db8d6dee9adddc4e80c`
CRC32	`560F7642`
ssdeep	`48:+35TqYzDGF/8LKBwUf9KfWfkMUEilGc7xBM6vu3f+fmyJqhU:Ulce7mlcwilGc7Ha3f+u`
Yara	None matched
VirusTotal	Search for analysis

Name	209792467d07aa3c_bODs7gDHaDKLeNzf Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\bODs7gDHaDKLeNzf
Size	80.0KB
Type	SQLite 3.x database, last written using SQLite version 3033000
MD5	`46df6fce3bee11d055a88246d1b09bca`
SHA1	`978b0c9c3964c29eff6a43b6b3a04a05d45b5fb6`
SHA256	`209792467d07aa3c00a6947eb554d32ddce385ee04b1be5f3ea8de5d506f4757`
CRC32	`1F2D8672`
ssdeep	`96:pBc7fYLKYZCIdE8XwUWaPdUDg738Hsa/NhuK0l0q8oc5PyWTJereWb3lxzasq9ub:pBPOUNlCTJMb3rEDFAa6r/`
Yara	None matched
VirusTotal	Search for analysis