Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
01.18 04:01
svc.exe
01.18 04:01
RemittanceForms.exe
01.18 04:01
Aristois-Free.jar
01.18 10:01
setup641.msi
01.18 10:01
Needle_Setup.exe
01.18 10:01
8734_5737.exe
01.18 10:01
CondoGenerator.exe
01.18 10:01
QGFQTHIU.exe
01.18 10:01
4909_7122.exe
01.18 10:01
Updater.exe

Latest News
01.19 05:01
Anzeige: Microsoft-365...
01.19 03:01
TikTok Goes Dark in th...
01.19 03:01
A Look Inside a Modern...
01.19 03:01
Apple, Google Remove T...
01.19 03:01
How to Get Around the ...
01.19 03:01
[사전규격공개] 2025 APCERT 국...
01.19 12:01
시몬스 침대, 카카오톡 선물하기 통해 설...
01.19 12:01
Zero Trust and Entra I...
01.19 12:01
Stealth AirTag Broadca...
01.19 12:01
US TikTok Users Get No...

Dropped Files | ZeroBOX

Name	5c4a0d4910987a38_libffi-8.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI25602\libffi-8.dll
Size	24.7KB
Processes	2560 (Magma_Menu.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`90a6b0264a81bb8436419517c9c232fa`
SHA1	`17b1047158287eb6471416c5df262b50d6fe1aed`
SHA256	`5c4a0d4910987a38a3cd31eae5f1c909029f7762d1a5faf4a2e2a7e9b1abab79`
CRC32	`C1C09489`
ssdeep	`384:uJvjb6KaBBu0wYkP2C0yZbMRpZa7gJXMrRCXPDG4y8c3UhH3:Wvj+3BcMp8KDG4yshH`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	a9b5f6c7a94fb6bf__ssl.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI25602\_ssl.pyd
Size	60.9KB
Processes	2560 (Magma_Menu.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`156b1fa2f11c73ed25f63ee20e6e4b26`
SHA1	`36189a5cde36d31664acbd530575a793fc311384`
SHA256	`a9b5f6c7a94fb6bfaf82024f906465ff39f9849e4a72a98a9b03fc07bf26da51`
CRC32	`C6055CE8`
ssdeep	`1536:U6ll/oOM5AGIyI1asq3YGDTgzOordBQkJIDt7o7/7Syi/Px:B/6AGLIcsq3YGn0ZQuIDt7ojEHx`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	df1e666b55aae6ed__bz2.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI25602\_bz2.pyd
Size	46.9KB
Processes	2560 (Magma_Menu.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`0c13627f114f346604b0e8cbc03baf29`
SHA1	`bf77611d924df2c80aabcc3f70520d78408587a2`
SHA256	`df1e666b55aae6ede59ef672d173bd0d64ef3e824a64918e081082b8626a5861`
CRC32	`EA86CC45`
ssdeep	`768:ZwAGUM8GBetg87It88blNUL6yfsFtHrrhhto+MQw5aZ/hLYpUHIDtVzR3YiSyvLk:OAG/k9MjCDErhhmQXfTHIDtVzV7SyD85`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	ddeade367bc15ea0_select.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI25602\select.pyd
Size	24.4KB
Processes	2560 (Magma_Menu.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`abf7864db4445bbbd491c8cff0410ae0`
SHA1	`4b0f3c5c7bf06c81a2c2c5693d37ef49f642a9b7`
SHA256	`ddeade367bc15ea09d42b2733d88f092da5e880362eabe98d574bc91e03de30e`
CRC32	`4A5A6282`
ssdeep	`384:5oJUAW1guHrhWgWLBNZa7gJXZjNID7Gu6OIYiSy1pCQlIJNPxh8E9VF0NyUT2:eJjW1J2pJjNID7GuIYiSyvCPxWEC`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	72c24e1db1ba4df7_python311.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI25602\python311.dll
Size	1.6MB
Processes	2560 (Magma_Menu.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`bb46b85029b543b70276ad8e4c238799`
SHA1	`123bdcd9eebcac1ec0fd2764a37e5e5476bb0c1c`
SHA256	`72c24e1db1ba4df791720a93ca9502d77c3738eebf8b9092a5d82aa8d80121d0`
CRC32	`AF29F905`
ssdeep	`49152:A0/71KAZkPw/a5lsjIa7hhXBOQSbMS5ffODwKh/Wc:vziPwCvZalhXOMIzQd`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	699c1f0f0387511e__queue.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI25602\_queue.pyd
Size	24.4KB
Processes	2560 (Magma_Menu.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`fbbbfbcdcf0a7c1611e27f4b3b71079e`
SHA1	`56888df9701f9faa86c03168adcd269192887b7b`
SHA256	`699c1f0f0387511ef543c0df7ef81a13a1cffde4ce4cd43a1baf47a893b99163`
CRC32	`F4241A0B`
ssdeep	`384:cZ0Psz9rLZgNhzHjlnwX1hZa7gJXjDID7UuNBIYiSy1pCQYIPxh8E9VF0Nyb9:cnihFn43pzDID7Uu4YiSyv7PxWER`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	a0fa25eef9182579__socket.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI25602\_socket.pyd
Size	41.9KB
Processes	2560 (Magma_Menu.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`4351d7086e5221398b5b78906f4e84ac`
SHA1	`ba515a14ec1b076a6a3eab900df57f4f37be104d`
SHA256	`a0fa25eef91825797f01754b7d7cf5106e355cf21322e926632f90af01280abe`
CRC32	`DF53FB6A`
ssdeep	`768:eQ8MABQICeXD2rh0LklHwh20hpJ72IDQwzFDYiSyvGPxWERfsxi:eTieXEhow072IDQwzFD7Sy+Px3sxi`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	0c7c15775b086ea3_blank.aes Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI25602\blank.aes
Size	120.3KB
Processes	2560 (Magma_Menu.exe)
Type	data
MD5	`fb73b1d2b5859c74d95664f3c2f7eeda`
SHA1	`effef100789f06d68f74a0e9f27a787a337ca82c`
SHA256	`0c7c15775b086ea3308db9acff3dc9b1886cfee07d3056b6c3145e6856b146d6`
CRC32	`4F638ACA`
ssdeep	`3072:8ihVlZ1W0bzVbLB3KkLU3TUP6qVGA+avB:8ifleobFLLo6B`
Yara	None matched
VirusTotal	Search for analysis

Name	58209c8ab4191e83_rarreg.key Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI25602\rarreg.key
Size	456.0B
Processes	2560 (Magma_Menu.exe)
Type	ASCII text
MD5	`4531984cad7dacf24c086830068c4abe`
SHA1	`fa7c8c46677af01a83cf652ef30ba39b2aae14c3`
SHA256	`58209c8ab4191e834ffe2ecd003fd7a830d3650f0fd1355a74eb8a47c61d4211`
CRC32	`B967B544`
ssdeep	`12:Bn9j9sxpCDPxfhKLiaE5cNH0u/OCIhjWO:B9jiWDpf025cNU7CIEO`
Yara	None matched
VirusTotal	Search for analysis

Name	54348cfbf95fd818__hashlib.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI25602\_hashlib.pyd
Size	33.9KB
Processes	2560 (Magma_Menu.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`596df8ada4b8bc4ae2c2e5bbb41a6c2e`
SHA1	`e814c2e2e874961a18d420c49d34b03c2b87d068`
SHA256	`54348cfbf95fd818d74014c16343d9134282d2cf238329eec2cda1e2591565ec`
CRC32	`D2743210`
ssdeep	`768:UA1cXZ83zNDKJ/KDQI5zbp61ypRcTID5IubYiSyvaPxWEw:UwnzKUQ+p6mcTID5Iub7SyiPx`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	d66c3b47091ceb3f_VCRUNTIME140.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI25602\VCRUNTIME140.dll
Size	96.4KB
Processes	2560 (Magma_Menu.exe)
Type	PE32+ executable (DLL) (console) x86-64, for MS Windows
MD5	`f12681a472b9dd04a812e16096514974`
SHA1	`6fd102eb3e0b0e6eef08118d71f28702d1a9067c`
SHA256	`d66c3b47091ceb3f8d3cc165a43d285ae919211a0c0fcb74491ee574d8d464f8`
CRC32	`2CEDC91E`
ssdeep	`1536:BxhUQePlHhR46rXHHGI+mAAD4AeDuXMycecb8i10DWZz:Bvk4wHH+mZD4ADAecb8G1`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) Win32_Trojan_Gen_1_0904B0_Zero - Win32 Trojan Emotet UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	60771fb23ee37b44_libssl-1_1.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI25602\libssl-1_1.dll
Size	203.3KB
Processes	2560 (Magma_Menu.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`eac369b3fde5c6e8955bd0b8e31d0830`
SHA1	`4bf77158c18fe3a290e44abd2ac1834675de66b4`
SHA256	`60771fb23ee37b4414d364e6477490324f142a907308a691f3dd88dc25e38d6c`
CRC32	`34119F48`
ssdeep	`3072:5SI3oPlWLlPVVc5MpJa1pOjJnnioIZW8/Qf6bRXGKrs8qJjueW1LR/oSB6hetz:EIek5VC0FiHof6Z1rgJ63R/oS3`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	f90efa10d90d940c__decimal.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI25602\_decimal.pyd
Size	104.9KB
Processes	2560 (Magma_Menu.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`7ba541defe3739a888be466c999c9787`
SHA1	`ad0a4df9523eeeafc1e67b0e4e3d7a6cf9c4dfac`
SHA256	`f90efa10d90d940cde48aafe02c13a0fc0a1f0be7f3714856b7a1435f5decf29`
CRC32	`B1C74CB7`
ssdeep	`3072:YzsRxWJXVyOgbHffu+MLtWH/WSWXb01KQiID5q1CAt6xN:PU/gbHfW6WSWLplCuG`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	90341ac8dcc9ec5f_rar.exe Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI25602\rar.exe
Size	616.0KB
Processes	2560 (Magma_Menu.exe)
Type	PE32+ executable (console) x86-64, for MS Windows
MD5	`9c223575ae5b9544bc3d69ac6364f75e`
SHA1	`8a1cb5ee02c742e937febc57609ac312247ba386`
SHA256	`90341ac8dcc9ec5f9efe89945a381eb701fe15c3196f594d9d9f0f67b4fc2213`
CRC32	`F9469D0F`
ssdeep	`12288:3lPCcFDlj+gV4zOifKlOWVNcjfQww0S5JPgdbBC9qxbYG9Y:3lPCcvj+YYrfSOWVNcj1JS5JPgdbBCZd`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsPE64 - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	1549fe64b7108189__lzma.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI25602\_lzma.pyd
Size	84.4KB
Processes	2560 (Magma_Menu.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`8d9e1bb65a192c8446155a723c23d4c5`
SHA1	`ea02b1bf175b7ef89ba092720b3daa0c11bef0f0`
SHA256	`1549fe64b710818950aa9bf45d43fe278ce59f3b87b3497d2106ff793efa6cf7`
CRC32	`D231C3C7`
ssdeep	`1536:nomFQO4KV4FqKFztYJgYFlXeppHFEtnp8bacIUmDIDe1Ye7SyOePx:IO4KV0qKTYhFlupdQ8WLvIDe1Yehx`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	a9dd0275131105df_sqlite3.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI25602\sqlite3.dll
Size	608.4KB
Processes	2560 (Magma_Menu.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`ddd0dd698865a11b0c5077f6dd44a9d7`
SHA1	`46cd75111d2654910f776052cc30b5e1fceb5aee`
SHA256	`a9dd0275131105df5611f31a9e6fbf27fd77d0a35d1a73a9f4941235fbc68bd7`
CRC32	`825009AB`
ssdeep	`12288:C7dpDQ1L3zfmrtWF/azVC9oAnShBJl4cZ1pzgULOX110jt3:0HSzzaQl8VSSh2cZXgULq11y`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	db389a9e14bfac6e_base_library.zip Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI25602\base_library.zip
Size	1.4MB
Processes	2560 (Magma_Menu.exe)
Type	Zip archive data, at least v2.0 to extract
MD5	`83d235e1f5b0ee5b0282b5ab7244f6c4`
SHA1	`629a1ce71314d7abbce96674a1ddf9f38c4a5e9c`
SHA256	`db389a9e14bfac6ee5cce17d41f9637d3ff8b702cc74102db8643e78659670a0`
CRC32	`3768691C`
ssdeep	`24576:6QRqL5TPAxNWlUKdcubgAnj90H0AWfh7dYMbP/Medfw:6QRqL2xNbeA`
Yara	zip_file_format - ZIP file format
VirusTotal	Search for analysis

Name	cd31af70cbcfe81b__ctypes.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI25602\_ctypes.pyd
Size	57.4KB
Processes	2560 (Magma_Menu.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`38fb83bd4febed211bd25e19e1cae555`
SHA1	`4541df6b69d0d52687edb12a878ae2cd44f82db6`
SHA256	`cd31af70cbcfe81b01a75ebeb2de86079f4cbe767b75c3b5799ef8b9f0392d65`
CRC32	`C8F03457`
ssdeep	`1536:kPWq49sE7fzlG5lNXdrYMP0MkeBvGhd0LYXIDQPTl7Syw0Pxv:kPWqKT1GLZdrDkHhOEXIDQPTl6Exv`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	5e2f1bbfe3743a81_unicodedata.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI25602\unicodedata.pyd
Size	293.9KB
Processes	2560 (Magma_Menu.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`bb3fca6f17c9510b6fb42101fe802e3c`
SHA1	`cb576f3dbb95dc5420d740fd6d7109ef2da8a99d`
SHA256	`5e2f1bbfe3743a81b00717011094798929a764f64037bedb7ea3d2ed6548eb87`
CRC32	`CECF91D2`
ssdeep	`6144:Z2Fuue6iwoBLhgXM5kayIQJCEUcHQdBAFEzz9DxsXcY:Z2/e6inLOoyVJ/LHQdgipxsMY`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	4dab915333d42f07_libcrypto-1_1.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI25602\libcrypto-1_1.dll
Size	1.1MB
Processes	2560 (Magma_Menu.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`daa2eed9dceafaef826557ff8a754204`
SHA1	`27d668af7015843104aa5c20ec6bbd30f673e901`
SHA256	`4dab915333d42f071fe466df5578fd98f38f9e0efa6d9355e9b4445ffa1ca914`
CRC32	`D0B092C9`
ssdeep	`24576:jffQrZJIe6/4gho5HE1F03fkOyUU/BtSIgA0ft+rBFOWRIQ6sCY51CPwDv3uFfJv:Tf8JWwgho5HL3fknPSIKorCU1CPwDv3a`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	d6960f4426c09a12__sqlite3.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_MEI25602\_sqlite3.pyd
Size	54.9KB
Processes	2560 (Magma_Menu.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`d678600c8af1eeeaa5d8c1d668190608`
SHA1	`080404040afc8b6e5206729dd2b9ee7cf2cb70bc`
SHA256	`d6960f4426c09a12488eb457e62506c49a58d62a1cb16fbc3ae66b260453c2ed`
CRC32	`4B5AC819`
ssdeep	`1536:2fDL703/MAe3F53jYTG3vy+1MNLjZVID5QjI7SyBPx:wD03/MHbH6+eL/ID5QjIXx`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE64 - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis