Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
01.18 04:01
svc.exe
01.18 04:01
RemittanceForms.exe
01.18 04:01
Aristois-Free.jar
01.18 10:01
setup641.msi
01.18 10:01
Needle_Setup.exe
01.18 10:01
8734_5737.exe
01.18 10:01
CondoGenerator.exe
01.18 10:01
QGFQTHIU.exe
01.18 10:01
4909_7122.exe
01.18 10:01
Updater.exe

Latest News
01.19 03:01
Putting Cheap Motorcyc...
01.19 03:01
Trump Will ‘Most Likel...
01.19 01:01
DOJ confirms arrested ...
01.19 12:01
Sicher und günstig: Sc...
01.19 12:01
Learn New Tools, or Ho...
01.18 10:01
Deutschland auf Platz ...
01.18 10:01
Suchmaschine: Google-S...
01.18 10:01
24H2: Microsoft drängt...
01.18 09:01
FBI Warned Agents It B...
01.18 09:01
JTAG & SWD Debuggi...

Dropped Files | ZeroBOX

Name	467c52a90f7d13e1_audiodg.exe Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\audiodg.exe
Size	663.5KB
Type	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5	`85c27234aa291cde56c1a78603d71081`
SHA1	`2ff954f2f223fe6e9fe2e78ace13427f07a5e69c`
SHA256	`467c52a90f7d13e15318cd8c68ccd3483f7de5c728d1137916b1f440aa1e10c9`
CRC32	`7358535E`
ssdeep	`12288:uXiSAx5PWPQKpES7mmrcBzA5DpdwzV1PLR35XkYfdxTMcTIuIdY1Be:uX7Ax5uPdBcKpdwh1t3K+TT7IQe`
Yara	PE_Header_Zero - PE File Signature IsPE32 - (no description) Is_DotNET_EXE - (no description) Win32_Trojan_PWS_Net_1_Zero - Win32 Trojan PWS .NET Azorult
VirusTotal	Search for analysis

Name	8cde0275d60da0d1_sqlite3.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\sqlite3.dll
Size	950.0KB
Processes	2400 (wscript.exe)
Type	PE32 executable (DLL) (console) Intel 80386, for MS Windows
MD5	`38a3e021eb32c9976adaf0b3372080fc`
SHA1	`68e02803c646be21007d90bec841c176b82211fd`
SHA256	`8cde0275d60da0d11954f73c7c8862cfc4b306f61bb8b1ce14abe4a193af2652`
CRC32	`A2175E57`
ssdeep	`12288:XDEAIY5U9dDfmrw3xnhMRCFxJLjt0+J9G6p1pKfd+8EkzpGtE3RcAx:z9hu9FfmkBnh0CFj2+Jn1pKf3720cAx`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE32 - (no description)
VirusTotal	Search for analysis

Name	536ad85a299f5f7a_qpttar.zip Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\qpttar.zip
Size	498.3KB
Processes	2400 (wscript.exe)
Type	Zip archive data, at least v2.0 to extract
MD5	`8517bf92c0fd6228875ba74b2526b3b4`
SHA1	`7aa157feed160f7e207ce961aaee21e3075b3ab9`
SHA256	`536ad85a299f5f7afc36f5944ea55d9f32495491265bf1305a41b3667176998d`
CRC32	`75422402`
ssdeep	`12288:YADSfMz+n/gRtFbWn6qnnTJT/+3eBmvFmJpBEGp:YARkGtEn64N/UeQduBBp`
Yara	zip_file_format - ZIP file format
VirusTotal	Search for analysis

Name	5fb6e73dec105a4d_tmp9219.tmp Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\tmp9219.tmp
Size	1.5KB
Processes	2584 (audiodg.exe)
Type	XML 1.0 document, ASCII text
MD5	`a0cfeb0546191eb96a279034162d881c`
SHA1	`44658bf37cbf751560c75551ef374dd059a527c4`
SHA256	`5fb6e73dec105a4d3557d7667c4d3d87647728a3d1e866085630ce6cdfac8c00`
CRC32	`2B4006CA`
ssdeep	`24:2di4+S2qhH/1ny1mEUnrKMhEMOFGpwOzNgU3ODOiIQRvh7hwrgXuNtWixvn:cgefAYrFdOFzOzN33ODOiDdKrsuTWmv`
Yara	None matched
VirusTotal	Search for analysis

Name	512e4e95427a8c66_9EFIZ57KM2 Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\9EFIZ57KM2
Size	36.0KB
Type	SQLite 3.x database, last written using SQLite version 3021000
MD5	`f4c540f52d5c08d24a79805eda1d7abf`
SHA1	`22be46826df7693f58736adb232ab2da790f2571`
SHA256	`512e4e95427a8c66b2993b27bb23d99cdab2ebd6e9e8937c7f6a39ed8c6a5b94`
CRC32	`95C9FB3A`
ssdeep	`24:TLmg/5UcJOyTGVZTPaFpEvg3obNmCFk6Uwcc85fB34444z:T5/ecVTgPOpEveoJZFrU1cQB34444z`
Yara	None matched
VirusTotal	Search for analysis

Name	b7c225ef3cc3e875_d93f411851d7c929.customdestinations-ms Submit file
Filepath	c:\users\test22\appdata\roaming\microsoft\windows\recent\customdestinations\d93f411851d7c929.customdestinations-ms
Size	7.8KB
Processes	2944 (powershell.exe)
Type	data
MD5	`81ca4510272caf505e8091e9a28cb716`
SHA1	`71414aeec9f1e4a6f5a461b01700cc9cc992cd9e`
SHA256	`b7c225ef3cc3e87506150eb140e7b9cc127a3469c50a808854acac71a53d98bf`
CRC32	`FC31E90F`
ssdeep	`96:EtuCcBGCPDXBqvsqvJCwoRtuCcBGCPDXBqvsEHyqvJCwor/47HwxGlUVul:EtCgXoRtCgbHnorLxY`
Yara	Antivirus - Contains references to security software Generic_Malware_Zero - Generic Malware
VirusTotal	Search for analysis

Name	bbc59eb43822e646_9EFIZ57KM2 Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\9EFIZ57KM2
Size	18.0KB
Type	SQLite 3.x database, last written using SQLite version 3021000
MD5	`53ea322f91d6f0de8448b68583284d22`
SHA1	`b6c835867fbf7e432b834f7366eb0407f3eebbfa`
SHA256	`bbc59eb43822e64660cc4ccbca37d6dc016eaa9b85b2c6f5b40826bb03188b34`
CRC32	`CA013001`
ssdeep	`24:LLY10KL7G0TMJHUyyJtmCm0XKY6lOKQAE9V8MffD4fOzeCmly6Uwc6ocW:4z+JH3yJUheCVE9V8MX0PFlNU12W`
Yara	None matched
VirusTotal	Search for analysis

Name	2ca96e058f5f06ed_sqlite3.def Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\sqlite3.def
Size	5.7KB
Processes	2400 (wscript.exe)
Type	ASCII text
MD5	`9c6e5d67d33790cb6967bfb3ba641a0f`
SHA1	`b2cdc4f1a60abe206ee8f336aa0fbf85b5319e9b`
SHA256	`2ca96e058f5f06ed9c587315e1bbafd70928f9503bebe952d874c157428c6f93`
CRC32	`CD585095`
ssdeep	`96:GcuN/gR+7Ggb9XdMcAM3KOGOF++hwIOVtvaENw+Y0aR:E/Q+7Ggb9bKOBF++ebvaENw+cR`
Yara	None matched
VirusTotal	Search for analysis