Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
07.06 06:07
build.exe
07.06 06:07
CoronaVirus.exe
07.06 06:07
RedLineStealer.exe
07.06 06:07
stealc_zov.exe
07.06 06:07
newbuild.exe
07.06 06:07
setup.exe
07.06 06:07
leva.exe
07.06 06:07
CryptoWall.exe
07.06 06:07
univ.exe
07.06 06:07
inte.exe

Latest News
07.06 10:07
Researchers Discover C...
07.06 10:07
New Mallox Ransomware ...
07.06 09:07
[한 주를 관통하는 보안 소식] 2024...
07.06 09:07
[퀴즈 이·보·소] 최근 벌어진 국내외 ...
07.06 08:07
김포시, 70만 김포시대 대비해 최첨단 ...
07.06 08:07
식약처, ‘체외진단의료기기 품질관리 및 ...
07.06 08:07
코레일, 정보보호의 날 맞아 ‘사이버 안...
07.06 08:07
소프트웨어 가치 보장, 발주자가 앞장선다
07.06 08:07
‘AI 과학기술 강군 육성’을 위한 발돋...
07.06 06:07
The Problem With Bug B...

Dropped Files | ZeroBOX

Name	992b0b0ecf12fe1c_qwrnexiw.out Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\qwrnexiw.out
Size	607.0B
Processes	1300 (powershell.exe)
Type	UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators
MD5	`f2bb10d1c2611ea9b45af9d19aba0846`
SHA1	`c1c8a939abf3485da75273128a6aa7609048ed4e`
SHA256	`992b0b0ecf12fe1cec4c277d6ef422f6852cc5f77bc8c8e77491e0733b7e7e3c`
CRC32	`E682D83E`
ssdeep	`12:K4OLM9nzR37LvXOLMoLmnPAE2xOLMoLbuKai31bIKIMBj6I5BFR5y:K+9nzd3BWmnIE2nWbuKai31bIKIMl6IU`
Yara	None matched
VirusTotal	Search for analysis

Name	ee3f9fc00216cf26_sbjraxxu.out Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\sbjraxxu.out
Size	607.0B
Processes	1300 (powershell.exe)
Type	UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators
MD5	`217668aa12d277427d714c159f2625d2`
SHA1	`3da49cd815cc3838375c8d4e9851a6fc882773a4`
SHA256	`ee3f9fc00216cf269fe8de18ef492be96af8ed29b0a521e0482acb695edcdca8`
CRC32	`324AA120`
ssdeep	`12:K4OLM9nzR37LvXOLM5nPAE2xOLMeuKai31bIKIMBj6I5BFR5y:K+9nzd3B5nIE2n/Kai31bIKIMl6I5Dvy`
Yara	None matched
VirusTotal	Search for analysis

Name	e3b0c44298fc1c14_xj4njtpx.err Empty file or file not found
Filepath	C:\Users\test22\AppData\Local\Temp\xj4njtpx.err
Size	0.0B
Type	empty
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
CRC32	`00000000`
ssdeep	`3::`
Yara	None matched
VirusTotal	Search for analysis

Name	e5231270257f1727_qwrnexiw.0.cs Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\qwrnexiw.0.cs
Size	259.0B
Processes	1300 (powershell.exe)
Type	UTF-8 Unicode (with BOM) text
MD5	`560e1b883a997afcfa3b73d8a5cddbc1`
SHA1	`2905f3f296ac3c7d6a020fb61f0819dbea2f1569`
SHA256	`e5231270257f1727ca127b669a7c21d46ced81cd5b46e89c48dd8304c1185bea`
CRC32	`7A3E756E`
ssdeep	`6:V/DsYLDS81zuBph+HjLmatlJOmMG4SRNLGeUy:V/DTLDfuBphILmIFGeUy`
Yara	None matched
VirusTotal	Search for analysis

Name	b513a8a4bb6cee71_xj4njtpx.out Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\xj4njtpx.out
Size	607.0B
Processes	1300 (powershell.exe)
Type	UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators
MD5	`15ae1c52f312d34d043aa75c9e4bb3d6`
SHA1	`c07705a41a0d595cfe6d9c9981d836032d45914d`
SHA256	`b513a8a4bb6cee71b67a6f52e41ecec5429c20b5d792d9830e364e2ce87b4177`
CRC32	`46F970A7`
ssdeep	`12:K4OLM9nzR37LvXOLMngnPAE2xOLMnW1Kai31bIKIMBj6I5BFR5y:K+9nzd3BngnIE2nnEKai31bIKIMl6I5G`
Yara	None matched
VirusTotal	Search for analysis

Name	6f704c705e3009e0_CSC6452.tmp Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\CSC6452.tmp
Size	652.0B
Processes	2172 (csc.exe)
Type	MSVC .res
MD5	`cacf244e665ecc9a85e80764982f6137`
SHA1	`f979ca50b4516cb6b6bf49d85866b1cde53d85a9`
SHA256	`6f704c705e3009e0167c774a69115e4dd8a52622edbc61ef98f96de1d9699909`
CRC32	`C842C9F7`
ssdeep	`12:DXt4Ii3ntuAHia5YA49aUGiqMZAiN5grytnfak7Ynqq0nYPN5Dlq5J:+RI+ycuZhNPfakS0YPNnqX`
Yara	None matched
VirusTotal	Search for analysis

Name	32ca56ccc2b8556a_qwrnexiw.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\qwrnexiw.dll
Size	3.5KB
Processes	2524 (csc.exe) 1300 (powershell.exe)
Type	PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
MD5	`08f13201b3cb0f04715634968852359e`
SHA1	`f6d57718bcaa79aab387b019e5cf38a762267103`
SHA256	`32ca56ccc2b8556ad41f598562b815c47da3d7868664ab22330af36b6caf199d`
CRC32	`8A4A0085`
ssdeep	`24:etGS1NiGTnylqsanvqh9pCjALmzCrbdPtkZfLuzFWqmI+ycuZhNObnGakS5bnXPE:6KdqnSpCjAwKuJL4WZ1ulObGa35bFq`
Yara	Is_DotNET_DLL - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE32 - (no description)
VirusTotal	Search for analysis

Name	556f44552f10fdcb_qwrnexiw.pdb Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\qwrnexiw.pdb
Size	7.5KB
Processes	2524 (csc.exe) 1300 (powershell.exe)
Type	MSVC program database ver 7.00, 512*15 bytes
MD5	`e1438678f5db2a9fd95989374565b8e3`
SHA1	`be08997c1ee6d1caab19f1e99c3f11c581a122da`
SHA256	`556f44552f10fdcb962d412463237da15481de4359ded9ce1b36c4b65894dd52`
CRC32	`71D0A680`
ssdeep	`6:zz/BamfXllNS/bew/P1mllxrS/77715KZYXxGQu+e0KpYXmeidoGggksl/cEDf:zz/H1W/beASXS/pw2qreYRD`
Yara	None matched
VirusTotal	Search for analysis

Name	08c5f22e79db0257_qceyv3jp.pdb Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\qceyv3jp.pdb
Size	7.5KB
Processes	1884 (csc.exe) 1300 (powershell.exe)
Type	MSVC program database ver 7.00, 512*15 bytes
MD5	`47bc34108d9428cdd36c079e64c0ae4a`
SHA1	`abd90baebb8b933b69284c24f5039bb3d6fb5ea0`
SHA256	`08c5f22e79db0257127a21041c013bcd0b2dadce484bb7fa0461818402a05204`
CRC32	`4EA6D18B`
ssdeep	`6:zz/BamfXllNS/eKP1mllxrS/77715KZYXxGQu+e0KpYXXyoGggksl/cEDf:zz/H1W/eKtSXS/pw2quyRD`
Yara	None matched
VirusTotal	Search for analysis

Name	f57751beb0c5bc42_sbjraxxu.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\sbjraxxu.dll
Size	3.5KB
Processes	2172 (csc.exe) 1300 (powershell.exe)
Type	PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
MD5	`000f8e364509d671e161aa266124eddb`
SHA1	`53e6c814b8c17929ba6d8f9bcf90138565af431a`
SHA256	`f57751beb0c5bc4267841da4d16c4abf17ad218ffa01edb64e4078fa17ac94b8`
CRC32	`AD0296E9`
ssdeep	`24:etGSlt6hmSlTA0VIluJ9/eaALmpbdPtkZfBwf3xbgzmI+ycuZhNPfakS0YPNnq:6GH5HJHAsuJBL61ulPfa30gq`
Yara	Is_DotNET_DLL - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE32 - (no description)
VirusTotal	Search for analysis

Name	729faf7388908dc1_주요도시 시장가격 조사2023.lnk Submit file
Size	50.6MB
Type	MS Windows shortcut, Has Description string, Has command line arguments, Icon number=1, ctime=Sun Dec 31 15:32:08 1600, mtime=Sun Dec 31 15:32:08 1600, atime=Sun Dec 31 15:32:08 1600, length=0, window=hidenormalshowminimized
MD5	`d1dc2db2956803de7eef7a76a6ac5cb2`
SHA1	`9f20e01568673dbfd5b2c67f6df24164da1da226`
SHA256	`729faf7388908dc19ca5a0c163da1a7089ca4848a1160cf84aac6585383da849`
CRC32	`C3783ACF`
ssdeep	`768:R5NQbGLEAE34m0WqKEBU837vnh8GpZocPOmRIsL6gvQQ9CH:R99E34KcU83758Gpm5mGd49M`
Yara	lnk_file_format - Microsoft Windows Shortcut File Format Antivirus - Contains references to security software Lnk_Format_Zero - LNK Format Generic_Malware_Zero - Generic Malware
VirusTotal	Search for analysis

Name	b7fe3cd6392b51f3_qceyv3jp.cmdline Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\qceyv3jp.cmdline
Size	311.0B
Processes	1300 (powershell.exe)
Type	UTF-8 Unicode (with BOM) text, with very long lines, with no line terminators
MD5	`89106bbe494e802299844d80bdda27bc`
SHA1	`a0202c09d1ccfafd63b68e751c273147f1dca113`
SHA256	`b7fe3cd6392b51f349d078664e17aedb68548cd23a6ff79c5f186fac07bd4181`
CRC32	`2DCC2F37`
ssdeep	`6:pAu+H2LvFJDdq++bDdqBnmQpcLJ23frAvqmGsSAE2NmQpcLJ23frAvPn:p37LvXOLMOqnPAE2xOLMOP`
Yara	None matched
VirusTotal	Search for analysis

Name	83d1ad13c915e33a_RES6638.tmp Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\RES6638.tmp
Size	1.2KB
Processes	2428 (cvtres.exe) 1884 (csc.exe)
Type	Intel 80386 COFF object file, not stripped, 3 sections, symbol offset=0x406, 9 symbols
MD5	`0b1d37c9049e3c0badf016951a7629ab`
SHA1	`afc03c1e238ae9fc0f21f1224cd7f719b4ae10fa`
SHA256	`83d1ad13c915e33abcdeee7ab753c82a3046e87b20a14b3ddcd86e25ddf3425c`
CRC32	`2E492815`
ssdeep	`24:HOMJ9Yern4FXmHJwUnhKLI+ycuZhN8wakSn1PNnqjtd:u9ernMmJnhKL1ulja3vqjH`
Yara	None matched
VirusTotal	Search for analysis

Name	2d1eb92d91dece58_sbjraxxu.cmdline Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\sbjraxxu.cmdline
Size	311.0B
Processes	1300 (powershell.exe)
Type	UTF-8 Unicode (with BOM) text, with very long lines, with no line terminators
MD5	`e0b15693a1c85dfcd4d0ee2572fbd2d3`
SHA1	`cfe21f75df9a34f82bd257f9f8119be9c25e2a21`
SHA256	`2d1eb92d91dece582857fa9a853a1de871aea16227d530a0834208af439d3c22`
CRC32	`53E6B9B4`
ssdeep	`6:pAu+H2LvFJDdq++bDdqBnmQpcLJ23fxmGsSAE2NmQpcLJ23fWn:p37LvXOLM5nPAE2xOLMen`
Yara	None matched
VirusTotal	Search for analysis

Name	7fc6989984498313_xj4njtpx.pdb Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\xj4njtpx.pdb
Size	7.5KB
Processes	3040 (csc.exe) 1300 (powershell.exe)
Type	MSVC program database ver 7.00, 512*15 bytes
MD5	`725ec68921fa008e2bb217ecdacf4cf6`
SHA1	`1a1d4a9d08e50eaa73d6f98cc035007071a6ab46`
SHA256	`7fc698998449831312f4be08dc84c8855c66f5d537b93f350ad3fb43723c78af`
CRC32	`3B4D8F9B`
ssdeep	`6:zz/BamfXllNS/ScPw4m/31mllxrS/77715KZYXxGQu+e0KpYXtcPw40doGggkslT:zz/H1W/ScPpWlSXS/pw2qCcPp+RD`
Yara	None matched
VirusTotal	Search for analysis

Name	0a913fd594ad2da3_xj4njtpx.0.cs Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\xj4njtpx.0.cs
Size	249.0B
Processes	1300 (powershell.exe)
Type	UTF-8 Unicode (with BOM) text
MD5	`69ecfeb3e9a8fb7890d114ec056ffd6d`
SHA1	`cba5334d2ffe24c60ef793a3f6a7f08067a913db`
SHA256	`0a913fd594ad2da3159400fc3d7d2cc50b34f8f31675ec5ac5a41d7e79e9fd58`
CRC32	`C84571C8`
ssdeep	`6:V/DsYLDS81zuBph+HjLmatloFMG4SRT1JAnR1jvy:V/DTLDfuBphILmL5TDUR1zy`
Yara	None matched
VirusTotal	Search for analysis

Name	856bded4416dd159_qceyv3jp.0.cs Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\qceyv3jp.0.cs
Size	286.0B
Processes	1300 (powershell.exe)
Type	UTF-8 Unicode (with BOM) text
MD5	`b23df8158ffd79f95b9bddd18738270b`
SHA1	`79e81bb74bc53671aeabecae224f0f9fe0e3ed7f`
SHA256	`856bded4416dd1595613354334ad1d3e5c4922a86102786429bcdb0e7f798882`
CRC32	`0B290FEB`
ssdeep	`6:V/DsYLDS81zuBph+HjLmatln9MG4SRBHALRZNu8K0wHQy:V/DTLDfuBphILmyxtcZNuwy`
Yara	None matched
VirusTotal	Search for analysis

Name	0af21aac7cf1b4e1_qceyv3jp.out Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\qceyv3jp.out
Size	607.0B
Processes	1300 (powershell.exe)
Type	UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators
MD5	`79648b971a5812cbbf3bcf9baa34eb27`
SHA1	`f8b199b89bec555bbda5c46c6ad0ab0f5cb69a18`
SHA256	`0af21aac7cf1b4e1e3d79dfb33b3ed31e9b89411a8c4b828ee2ff6224cc3da82`
CRC32	`DA530963`
ssdeep	`12:K4OLM9nzR37LvXOLMOqnPAE2xOLMO2Kai31bIKIMBj6I5BFR5y:K+9nzd3BOqnIE2nO2Kai31bIKIMl6I5G`
Yara	None matched
VirusTotal	Search for analysis

Name	fbdccc48fd6b08ca_RES629E.tmp Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\RES629E.tmp
Size	1.2KB
Processes	2772 (cvtres.exe) 3040 (csc.exe)
Type	Intel 80386 COFF object file, not stripped, 3 sections, symbol offset=0x406, 9 symbols
MD5	`925ce389b6a8085590e73de47734d09f`
SHA1	`aea1ee25531b982f43844a4ab5e2a04c0e4e63d1`
SHA256	`fbdccc48fd6b08ca4bf157f957f72e3b8dc83dd141f22bff748b1c5932003e0d`
CRC32	`6F1BD6EB`
ssdeep	`24:HHcJ9YernJBmHVUnhKLI+ycuZhNKakSiPNnqjtd:ternHmSnhKL1ulKa3uqjH`
Yara	None matched
VirusTotal	Search for analysis

Name	f5c9874fecf8980d_xj4njtpx.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\xj4njtpx.dll
Size	3.5KB
Processes	3040 (csc.exe) 1300 (powershell.exe)
Type	PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
MD5	`02df1bedfb0c90ac923f172733345189`
SHA1	`1e114470e10b2f7728d3b6e65cdaed70d95d1619`
SHA256	`f5c9874fecf8980de58a64a6a77ed05c7dbd4e27fec91a59426f70431dc2e366`
CRC32	`5F47E155`
ssdeep	`24:etGS9AN6G7nLsKpHq7sEz4jALmpbdPtkZfkzsT72nImI+ycuZhNKakSiPNnq:6liHq7sDAuuJkiSz1ulKa3uq`
Yara	Is_DotNET_DLL - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE32 - (no description)
VirusTotal	Search for analysis

Name	0d9549eda4d741aa_msforms.exd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Excel8.0\MSForms.exd
Size	220.6KB
Processes	1624 (EXCEL.EXE)
Type	data
MD5	`a84d1d556fb4f2d60bfea63eb2cc1143`
SHA1	`fada5c49f0c445e0bd9f77faaf3a7ff86436b0f5`
SHA256	`0d9549eda4d741aaca7be250908bd0f9d4d2837fce5cce6da2078f4b14281454`
CRC32	`7C430E7C`
ssdeep	`1536:c2yLgQNSk8SCtKBX0Gpb2vxQHnVMOkOX0mRO/NIAIQK7viKAJYsA0ppDCLTfMRsi:cbBNSk8DtKBrpb2vx1Opprf/ng`
Yara	None matched
VirusTotal	Search for analysis

Name	e26545a63c209e46_qceyv3jp.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\qceyv3jp.dll
Size	3.5KB
Processes	1884 (csc.exe) 1300 (powershell.exe)
Type	PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
MD5	`a7e1b8a6f80c22dd1aec9271c2b9718f`
SHA1	`ead809db15ec7e31989287d234305f7a34043ab4`
SHA256	`e26545a63c209e46da37f3c1723b0759a24ab672a2f7db559ad8ad90203d1205`
CRC32	`F7B74D88`
ssdeep	`24:etGSltunmaOnfgh/hLhXOedTblqw84ZALmn7bdPtkZfV700pfZO6mI+ycuZhN8wP:6OjpL/xBjZAyuJV7DZOJ1ulja3vq`
Yara	Is_DotNET_DLL - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE32 - (no description)
VirusTotal	Search for analysis

Name	8782bc27d4477ac7_RES680C.tmp Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\RES680C.tmp
Size	1.2KB
Processes	2440 (cvtres.exe) 2524 (csc.exe)
Type	Intel 80386 COFF object file, not stripped, 3 sections, symbol offset=0x406, 9 symbols
MD5	`06773aecfcd00a58fc96d12bb017fd6e`
SHA1	`46b57572d0045932d0a7624f15c085129573eeb8`
SHA256	`8782bc27d4477ac760584a48fd82240ef3b9fc09c49e11f71b1dbc2a2dc4fdf6`
CRC32	`3AADBC41`
ssdeep	`24:HPJ9YernFDDEmHGUnhKLI+ycuZhNObnGakS5bnXPNnqjtd:IernREmxnhKL1ulObGa35bFqjH`
Yara	None matched
VirusTotal	Search for analysis

Name	425af12ad6faa178_CSC628D.tmp Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\CSC628D.tmp
Size	652.0B
Processes	3040 (csc.exe)
Type	MSVC .res
MD5	`2bed360edcb4ee079e23fd8888a5bdab`
SHA1	`c3396fb923410995a4ea658bd299fc9749958de0`
SHA256	`425af12ad6faa178d14859ceafc3692f5677648b1f2910200ab850ce9555d0f8`
CRC32	`2F3EFCD8`
ssdeep	`12:DXt4Ii3ntuAHia5YA49aUGiqMZAiN5gry8ak7YnqqiPN5Dlq5J:+RI+ycuZhNKakSiPNnqX`
Yara	None matched
VirusTotal	Search for analysis

Name	a8d5fe1bbe47ed3f_RES6463.tmp Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\RES6463.tmp
Size	1.2KB
Processes	2348 (cvtres.exe) 2172 (csc.exe)
Type	Intel 80386 COFF object file, not stripped, 3 sections, symbol offset=0x406, 9 symbols
MD5	`8e9b832e837999e6651135cfc4829014`
SHA1	`2ee13f603fdb0a2608beaba19a789ad278ab6f30`
SHA256	`a8d5fe1bbe47ed3fc46cae5327760e214bdb9661177daf9f43a971159902647f`
CRC32	`5BC4D7EB`
ssdeep	`24:HOMJ9YernG/mHRyUnhKLI+ycuZhNPfakS0YPNnqjtd:u9ernsmbnhKL1ulPfa30gqjH`
Yara	None matched
VirusTotal	Search for analysis

Name	a9b1dc8eaa5fcd00_d93f411851d7c929.customDestinations-ms~RF1cb1d82.TMP Submit file
Filepath	C:\Users\test22\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d93f411851d7c929.customDestinations-ms~RF1cb1d82.TMP
Size	7.8KB
Processes	2408 (powershell.exe) 1300 (powershell.exe)
Type	data
MD5	`c1d8708bab1e838a2deda26d58bb8d42`
SHA1	`95d39e75a804752961c139bb6c0b67f84f685035`
SHA256	`a9b1dc8eaa5fcd0034694cf9742ae915a5932142a1477c3ab6fada45d98750b2`
CRC32	`E71AF2A2`
ssdeep	`96:QtuC6GCPDXBqvsqvJCwoFtuC6GCPDXBqvsEHyqvJCworFS7HwxWlUVul:QtbXoFtbbHnor/xo`
Yara	Antivirus - Contains references to security software Generic_Malware_Zero - Generic Malware
VirusTotal	Search for analysis

Name	53d5aecb149a00bc_sbjraxxu.0.cs Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\sbjraxxu.0.cs
Size	272.0B
Processes	1300 (powershell.exe)
Type	UTF-8 Unicode (with BOM) text
MD5	`4de985ae7f625fc7a2ff3ace5a46e3c6`
SHA1	`935986466ba0b620860f36bf08f08721827771cb`
SHA256	`53d5aecb149a00bc9c4fac5feb8e5feddf5c83986c12d5fef1c3ddd104b09004`
CRC32	`6DDBA2C0`
ssdeep	`6:V/DsYLDS81zuBph+HjLmatlfMG4SRcBeN1jVQO1OaFFQy:V/DTLDfuBphILm4cBeN1fOaIy`
Yara	None matched
VirusTotal	Search for analysis

Name	844c2f84fcf109c4_index.dat Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012021102520211026\index.dat
Size	32.0KB
Type	Internet Explorer cache file version Ver 5.2
MD5	`a0703701b47161a7f51e07b24e71a2e5`
SHA1	`4dda8aa56c07fe107d4180f6838fb2b8ee52506b`
SHA256	`844c2f84fcf109c4f7c691777b0da0126552114365e089ce48359c4531a75abb`
CRC32	`60583F7E`
ssdeep	`12:qj/XrW3riVW1hUa41dT3riVFhUv2fF3MtkBbWUa4u3g20TG5Q7UaBgSR:qj/bwiEwaWiGv2ikpam20TgQQae`
Yara	None matched
VirusTotal	Search for analysis

Name	f7bc01cf3fee523f_CSC6627.tmp Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\CSC6627.tmp
Size	652.0B
Processes	1884 (csc.exe)
Type	MSVC .res
MD5	`fe8265717296be5bdc330b5beef46d91`
SHA1	`a69b6434c716e88f232202e67866a4689a63f9bd`
SHA256	`f7bc01cf3fee523f06fb3ffc9c86bae64a8e1f5250ddeb8b6c815e8a5ca63e22`
CRC32	`64C29E51`
ssdeep	`12:DXt4Ii3ntuAHia5YA49aUGiqMZAiN5gryqwak7Ynqqn1PN5Dlq5J:+RI+ycuZhN8wakSn1PNnqX`
Yara	None matched
VirusTotal	Search for analysis

Name	6658672ad7f5ec1f_sbjraxxu.pdb Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\sbjraxxu.pdb
Size	7.5KB
Processes	2172 (csc.exe) 1300 (powershell.exe)
Type	MSVC program database ver 7.00, 512*15 bytes
MD5	`8d7c217d690c71e06b71b392e72e944d`
SHA1	`556a166e663a3918848f699fd8d3294a7b39af03`
SHA256	`6658672ad7f5ec1f2305cb6f1b3027fdd801e15256da3a1ec0dc12a2d051ba22`
CRC32	`2F13763E`
ssdeep	`6:zz/BamfXllNS/eB1mllxrS/77715KZYXxGQu+e0KpYXXhyMoGggksl/cEDf:zz/H1W/eDSXS/pw2quhRD`
Yara	None matched
VirusTotal	Search for analysis

Name	75f02a18f819a4fd_xj4njtpx.cmdline Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\xj4njtpx.cmdline
Size	311.0B
Processes	1300 (powershell.exe)
Type	UTF-8 Unicode (with BOM) text, with very long lines, with no line terminators
MD5	`0f9d74efdb026fe6cea8b29cbe90320f`
SHA1	`7e9d1f21ce2431ef83b996d9fabd4523c98d19d7`
SHA256	`75f02a18f819a4fdfafc34552884f1ba3c433102c0453bc3857e6d2148a63b1e`
CRC32	`88B75944`
ssdeep	`6:pAu+H2LvFJDdq++bDdqBnmQpcLJ23f/gmGsSAE2NmQpcLJ23f/WA:p37LvXOLMngnPAE2xOLMnWA`
Yara	None matched
VirusTotal	Search for analysis

Name	ce25bd7cd212bb46_qwrnexiw.cmdline Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\qwrnexiw.cmdline
Size	311.0B
Processes	1300 (powershell.exe)
Type	UTF-8 Unicode (with BOM) text, with very long lines, with no line terminators
MD5	`65730b155f1bde6e418f534a7ff883e1`
SHA1	`2ec77751b868a0193db010cce9e32627a5498046`
SHA256	`ce25bd7cd212bb46246c95e5ebb01066f46abc0834f6e2401e7054d66cc9f202`
CRC32	`6EFEBC28`
ssdeep	`6:pAu+H2LvFJDdq++bDdqBnmQpcLJ23f/bkL/emGsSAE2NmQpcLJ23f/bkLbn:p37LvXOLMoLmnPAE2xOLMoLbn`
Yara	None matched
VirusTotal	Search for analysis

Name	44365e0bcd77f172_주요도시 시장가격 조사2023.xlsx Submit file
Size	35.4KB
Type	Zip archive data, at least v2.0 to extract
MD5	`28d25a4021536394fd890c4b6d9b5551`
SHA1	`39c97ca820f31e7903ccb190fee02035ffdb37b9`
SHA256	`44365e0bcd77f1721d061dc03dd3c1728ad36671ad294ec7b2cf088b1bbefd23`
CRC32	`8A12FC26`
ssdeep	`768:0NQbGLEAE34m0WqKEBU837vnh8GpZocPOmRIsL6gvQl:49E34KcU83758Gpm5mGdt`
Yara	zip_file_format - ZIP file format
VirusTotal	Search for analysis

Name	286fecc08bb0c9c0_CSC67FC.tmp Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\CSC67FC.tmp
Size	652.0B
Processes	2524 (csc.exe)
Type	MSVC .res
MD5	`c6e5dc58840bbb84f974829eac7e10ef`
SHA1	`8c7c5460187628e0a200658df5474c10341f804f`
SHA256	`286fecc08bb0c9c0d8fade8809ebc15c9629a48c1ed545db9b1906d400532630`
CRC32	`A3008864`
ssdeep	`12:DXt4Ii3ntuAHia5YA49aUGiqMZAiN5gryAbnGak7Ynqq5bnXPN5Dlq5J:+RI+ycuZhNObnGakS5bnXPNnqX`
Yara	None matched
VirusTotal	Search for analysis

Name	c5b6cfb15085a404_281023.bat Submit file
Filepath	C:\Users\Public\281023.bat
Size	3.3KB
Processes	2408 (powershell.exe)
Type	ASCII text, with very long lines, with no line terminators
MD5	`0986c95db15838e17fc33f0455037f31`
SHA1	`188360b51c35ce2eae732fba18db40826588517a`
SHA256	`c5b6cfb15085a40428859eba777d2f42ed46dbecbc27a4a130586d1cbde3b057`
CRC32	`EC7C2F65`
ssdeep	`48:t8zNgvaKdUn1hBQFNiaEyNW8EyWB4OTP9ujc8aTWgBRTWgBuTWEXtQDWUcaTCo9Y:mUa0WqEIpCH8aygBRygBuymQiUXp9ztu`
Yara	Antivirus - Contains references to security software
VirusTotal	Search for analysis