Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
10.03 05:10
cliloc_fix.exe
10.02 02:10
66fbfccd837ac_vadggdsa...
10.02 02:10
66fc5c187ba75_lyla343.exe
10.02 02:10
66fbfcc301a31_swws.exe
10.02 02:10
66fbd9a4db4c9_Governme...
10.02 02:10
66fb2538369cb_EdgeUpda...
10.02 02:10
cc.js
10.02 02:10
kixx.js
10.02 02:10
66f55533ca7d6_RDPWInst...
10.02 02:10
SPOOF.exe

Latest News
10.03 11:10
LevelBlue: Driving Cyb...
10.03 11:10
Polaris Dawn, and the ...
10.03 11:10
Not Black Mirror: Meta...
10.03 11:10
Browser Guard now flag...
10.03 11:10
NYC Schools Reverse Co...
10.03 11:10
North Korean Hackers U...
10.03 11:10
Why Fuzzing Isn?t Enou...
10.03 10:10
Browser Guard now flag...
10.03 10:10
Zimbra SMTP vulnerabil...
10.03 10:10
Not Black Mirror: Meta...

Dropped Files | ZeroBOX

Name	d6431d5645fffd05_d93f411851d7c929.customdestinations-ms Submit file
Filepath	c:\users\test22\appdata\roaming\microsoft\windows\recent\customdestinations\d93f411851d7c929.customdestinations-ms
Size	7.8KB
Processes	2220 (powershell.exe)
Type	data
MD5	`260d23ce04a8f8555a73b7d2dc15e911`
SHA1	`ebad746fb7de847c50f7502a44f6e35534733efd`
SHA256	`d6431d5645fffd05a23166d630253bc7ce8c099cf6e9c956f8ae5e1249ee8588`
CRC32	`11D6B213`
ssdeep	`96:ctuCeGCPDXBqvsqvJCwo5tuCeGCPDXBqvsEHyqvJCworSP7Hwxf2lUVul:ctvXo5tvbHnorrxQ`
Yara	Antivirus - Contains references to security software Generic_Malware_Zero - Generic Malware
VirusTotal	Search for analysis

Name	4826c0d860af884d_~wrs{be4cdeb6-8279-41d0-b946-07cb50716005}.tmp Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{BE4CDEB6-8279-41D0-B946-07CB50716005}.tmp
Size	1.0KB
Processes	1704 (WINWORD.EXE)
Type	data
MD5	`5d4d94ee7e06bbb0af9584119797b23a`
SHA1	`dbb111419c704f116efa8e72471dd83e86e49677`
SHA256	`4826c0d860af884d3343ca6460b0006a7a2ce7dbccc4d743208585d997cc5fd1`
CRC32	`23C03491`
ssdeep	`3:ol3lYdn:4Wn`
Yara	None matched
VirusTotal	Search for analysis

Name	7012d057650bd0d6_~$normal.dotm Submit file
Filepath	C:\Users\test22\AppData\Roaming\Microsoft\Templates\~$Normal.dotm
Size	162.0B
Processes	1704 (WINWORD.EXE)
Type	data
MD5	`7e1466cd744e36956eefd105fa7e473f`
SHA1	`e4c6d77eb04efda7a3a2bc3479cbfd11f2fda9b8`
SHA256	`7012d057650bd0d6279596574056de3647b61688ef37fcb95c5df7ec4c01abdb`
CRC32	`47862303`
ssdeep	`3:yW2lWRdM4yW6L7NpTK7s32lFItPlfN/n:y1lWg4yWmpdK7s32lWPll/n`
Yara	None matched
VirusTotal	Search for analysis

Name	a9220271c0eb79e5_d93f411851d7c929.customDestinations-ms~RFa69524.TMP Submit file
Filepath	C:\Users\test22\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d93f411851d7c929.customDestinations-ms~RFa69524.TMP
Size	7.8KB
Type	data
MD5	`b0c9ff441742f3847ea27da9dee7f2cd`
SHA1	`c42a1eb32ba953a0ce5d8635caabf71b5b281495`
SHA256	`a9220271c0eb79e5750e0d0e62058ecac560e09cdf9e82ef61aeeabada5d48a4`
CRC32	`0BBCAB1A`
ssdeep	`96:RutuCOGCPDXBqvsqvJCwo+utuCOGCPDXBqvsEHyqvJCworSP7Hwxf2lUVul:UtvXoxtvbHnorrxQ`
Yara	Antivirus - Contains references to security software Generic_Malware_Zero - Generic Malware
VirusTotal	Search for analysis

Name	a5a5530ed523fe74_~$2934-0202334.doc Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\~$2934-0202334.doc
Size	162.0B
Processes	1704 (WINWORD.EXE)
Type	data
MD5	`829e287dd2b5290212ef18d0f8e3b3d0`
SHA1	`81e5d44d6d3862079295fdc7cc04e77105ddab6b`
SHA256	`a5a5530ed523fe746d0585b804e1779623258c93945ad8e66c70d17a4b0ea432`
CRC32	`57F2CB1C`
ssdeep	`3:yW2lWRdM4yW6L7NpTK7s32lFItPlfwfQ/:y1lWg4yWmpdK7s32lWPliQ/`
Yara	None matched
VirusTotal	Search for analysis