popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 0b8607fdf72f3e65_cookies.sqlite
Submit file
Filepath C:\Users\test22\AppData\Roaming\un2yedzm.4rq\Firefox\Profiles\qxo5wa6x.default-release\cookies.sqlite
Size 96.0KB
Type SQLite 3.x database, user version 12, last written using SQLite version 3038003
MD5 d367ddfda80fdcf578726bc3b0bc3e3c
SHA1 23fcd5e4e0e5e296bee7e5224a8404ecd92cf671
SHA256 0b8607fdf72f3e651a2a8b0ac7be171b4cb44909d76bb8d6c47393b8ea3d84a0
CRC32 842B3569
ssdeep 12:DQAwfWk73Fmdmc/OPVJXfPNn43etRRfYR5O8atLqxeYaNcDakMG/lO:DQAwff32mNVpP965Ra8KN0MG/lO
Yara None matched
VirusTotal Search for analysis
Name 512e4e95427a8c66_Cookies
Submit file
Filepath C:\Users\test22\AppData\Roaming\un2yedzm.4rq\Chrome\Default\Cookies
Size 36.0KB
Type SQLite 3.x database, last written using SQLite version 3021000
MD5 f4c540f52d5c08d24a79805eda1d7abf
SHA1 22be46826df7693f58736adb232ab2da790f2571
SHA256 512e4e95427a8c66b2993b27bb23d99cdab2ebd6e9e8937c7f6a39ed8c6a5b94
CRC32 95C9FB3A
ssdeep 24:TLmg/5UcJOyTGVZTPaFpEvg3obNmCFk6Uwcc85fB34444z:T5/ecVTgPOpEveoJZFrU1cQB34444z
Yara None matched
VirusTotal Search for analysis
Name 8c21274f72529902_redlineclipperstub.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\RedLineClipperStub.exe
Size 76.5KB
Processes 2892 (svchost.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 6741d00c206f685140fd9cd0957aaaa8
SHA1 8e2da1453a6001aef807661db6940b1703846890
SHA256 8c21274f725299022fbf415925210da65702198913c4713dfe5dda09ceb2d38a
CRC32 7C640706
ssdeep 768:fbkvUI1MpBwEO+xex+GkXBZJII++cAPsIo80dIKqCSqMj2qSERS1d8IabLLLL9:QvNyvNOaex+GI+IomlCQjMmIaJ
Yara
  • Malicious_Library_Zero - Malicious_Library
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • Is_DotNET_EXE - (no description)
VirusTotal Search for analysis
Name 7f3f6c57fd15b11e_svchost.exe
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\svchost.exe
Size 549.5KB
Processes 2552 (docyo20230926.exe)
Type PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5 af7ee9681029aa4407f0bb51016b55b5
SHA1 1b8fb95b2d9ef80c56dbeedd95b4034a4da54b29
SHA256 7f3f6c57fd15b11e542bce5acfe2207abb78b2bdc321c3aba79ebe38355540d0
CRC32 7DE44040
ssdeep 12288:xj1FdYof3S5tKH3TiKPvH5UI4KiEkBmB:NioqfKDnXHt4X
Yara
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • Is_DotNET_EXE - (no description)
VirusTotal Search for analysis