popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 0d1180ae2bb494f5_recoverystore.{89c521d9-77c9-11ee-ac50-94de278c3274}.dat
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{89C521D9-77C9-11EE-AC50-94DE278C3274}.dat
Size 4.5KB
Processes 3068 (iexplore.exe)
Type Composite Document File V2 Document, Cannot read section info
MD5 7200109d77fe704e30819941aa840776
SHA1 4b3bccffd4915282db022f05f7ddbbf42b5321c3
SHA256 0d1180ae2bb494f545f312bb94d528d49dba84ffc2cb2e678d75f7f40003e221
CRC32 1D4C3A51
ssdeep 12:rlfF25arEg5+IaCrI0F7+F2QUrEg5+IaCrI0F7ugQNlTqbaxHn1ddNlTqbaxHn1O:rq05/1QU5/3QNlWsbdNlWs74
Yara
  • Microsoft_Office_File_Zero - Microsoft Office File
VirusTotal Search for analysis
Name 0ed5b0823e71e0e3_590aee7bdd69b59b.customDestinations-ms~RF4b7d60.TMP
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-ms~RF4b7d60.TMP
Size 7.8KB
Processes 1720 (powershell.exe) 2964 (powershell.exe)
Type data
MD5 f4a8a3e56bca0190031a365f104571cf
SHA1 7a4eac7016b8feca961f757cfe05bfeb4b76c10f
SHA256 0ed5b0823e71e0e3262a8a73ff269499135b20c9c5aa71e34b57a9f43218ed41
CRC32 E95A2C69
ssdeep 96:QtuC6GCPDXBqvsqvJCwoFtuC6GCPDXBqvsEHyqvJCworQStDHXyWlUVul:QtbXoFtbbHnorFTyo
Yara
  • Antivirus - Contains references to security software
  • Generic_Malware_Zero - Generic Malware
VirusTotal Search for analysis
Name 7977bfb5927fefdd_{89c521da-77c9-11ee-ac50-94de278c3274}.dat
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{89C521DA-77C9-11EE-AC50-94DE278C3274}.dat
Size 3.5KB
Processes 3068 (iexplore.exe)
Type Composite Document File V2 Document, Cannot read section info
MD5 c7f76e113ae04923266234d51e5defc8
SHA1 0108833e432564f33e8f5850c08e32e257e3c846
SHA256 7977bfb5927fefddd5d5e0dbeff1092dadbdd0578ee3a48bbf51599f1eb5f32b
CRC32 E0316926
ssdeep 12:rl0oXGFFxrEgmfYB76FDUrEgmfox7qTNl39baxhzKtHaK+wJ0IGK4g:rAxG0GASNltZlh+C0Il
Yara
  • Microsoft_Office_File_Zero - Microsoft Office File
VirusTotal Search for analysis