popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 5aff724df395a46e_~$버안전참고자료.doc
Submit file
Size 162.0B
Type data
MD5 628520ae903e4df2729f9372edf04827
SHA1 1759b2194ffd39d48489a5ac9f17d885509b595b
SHA256 5aff724df395a46e27fe1f98eb6028dd4911cf89615c42c5e5a409b45dd33349
CRC32 B959C4D3
ssdeep 3:yW2lWRdvL7YMlbK7g7lxIt50iSjlVt6Xl4Xhn:y1lWnlxK7ghqqF614xn
Yara None matched
VirusTotal Search for analysis
Name 4826c0d860af884d_~wrs{9230e99a-a02d-460a-a850-49e991225865}.tmp
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{9230E99A-A02D-460A-A850-49E991225865}.tmp
Size 1.0KB
Processes 2992 (WINWORD.EXE)
Type data
MD5 5d4d94ee7e06bbb0af9584119797b23a
SHA1 dbb111419c704f116efa8e72471dd83e86e49677
SHA256 4826c0d860af884d3343ca6460b0006a7a2ce7dbccc4d743208585d997cc5fd1
CRC32 23C03491
ssdeep 3:ol3lYdn:4Wn
Yara None matched
VirusTotal Search for analysis
Name d81efb3c7f62ac93_1589989024.xml.lnk
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Office\Recent\1589989024.xml.LNK
Size 1.2KB
Processes 2992 (WINWORD.EXE)
Type MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Sun Oct 29 23:48:37 2023, mtime=Sun Oct 29 23:48:37 2023, atime=Sun Oct 29 23:48:37 2023, length=213, window=hide
MD5 e04f1d7947fcd89056ea6612ab82f58d
SHA1 c4044c5b884f85e5495e7abfc8e327b4528d5c41
SHA256 d81efb3c7f62ac93c20c17c25ef5ca10c3257173a1b09c9c995d43d11339bb4e
CRC32 351DE025
ssdeep 24:8mjvykJvqVRd5kwDRhckzQQzNYuTcCLPyd:8Qvykh+n7VpYuThyd
Yara
  • lnk_file_format - Microsoft Windows Shortcut File Format
  • Lnk_Format_Zero - LNK Format
VirusTotal Search for analysis
Name 51fcdf3a76b6692e_~wrs{610c92fc-bb74-4035-88bf-9de08950cee1}.tmp
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{610C92FC-BB74-4035-88BF-9DE08950CEE1}.tmp
Size 1.5KB
Processes 2992 (WINWORD.EXE)
Type data
MD5 fb055c389208800f928b3502a6615abe
SHA1 14564d6e0e4ec0f9717c16471b75e44b5868290a
SHA256 51fcdf3a76b6692eaa84d280b39bdc081cf6e4808171e0ec0484229648400ae9
CRC32 640E2478
ssdeep 6:IiiiiiiiiiE/bYflo30XOnySySkssqA1+tKfn:S/XkeySpk1j1+tKfn
Yara None matched
VirusTotal Search for analysis
Name 3f14fa5b6ff90a58_index.dat
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Office\Recent\index.dat
Size 79.0B
Processes 2992 (WINWORD.EXE)
Type ASCII text, with CRLF line terminators
MD5 62cfece9bc44b2323678b48084b6c2ae
SHA1 074b52d6303efb915a3d3d4dc4bcf7c03c1956ac
SHA256 3f14fa5b6ff90a58a2ae8d0feb5bb49b6005d9444880eff6dbe3714ac4786dc9
CRC32 FAF1E7CA
ssdeep 3:bDuMJl7EVqUlmcvUQe9VqUlv:bCoE7UQe9P
Yara None matched
VirusTotal Search for analysis
Name d516a371b6fc0a52_~$normal.dotm
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Templates\~$Normal.dotm
Size 162.0B
Processes 2992 (WINWORD.EXE)
Type data
MD5 56a4532b2fc2cf6fd4ec62a29758d231
SHA1 60f68bd8ac5b3f7290daa236bebd5f9c0f1510fd
SHA256 d516a371b6fc0a5270a1323f271bc2a36bc34f9cf06c783a642020c0da8948c3
CRC32 E93E4529
ssdeep 3:yW2lWRdvL7YMlbK7g7lxIt50iSjlVtNmk/tyXhn:y1lWnlxK7ghqqFNT/tyxn
Yara None matched
VirusTotal Search for analysis
Name cb8832e50c16f010_templates.lnk
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Office\Recent\Templates.LNK
Size 1.1KB
Processes 2992 (WINWORD.EXE)
Type MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Directory, ctime=Wed Jan 31 21:28:02 2018, mtime=Sun Oct 29 23:48:37 2023, atime=Sun Oct 29 23:48:37 2023, length=4096, window=hide
MD5 f9626d41e6bb6a80e898a711bf7fedb6
SHA1 ada192b960c35f0a75e376df643c495fd3683f3b
SHA256 cb8832e50c16f0108011e25cd0f77e209d6f35c9e3130842e5e8190caeb39847
CRC32 6A53307A
ssdeep 24:84vykJvqVRd5kwDRhckVzNYuTTCLPy0VfVI:84vykh+ndpYuT0yAdI
Yara
  • lnk_file_format - Microsoft Windows Shortcut File Format
  • Lnk_Format_Zero - LNK Format
VirusTotal Search for analysis