Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
01.20 04:01
strings_output.txt
01.18 04:01
svc.exe
01.18 04:01
RemittanceForms.exe
01.18 04:01
Aristois-Free.jar
01.18 10:01
setup641.msi
01.18 10:01
Needle_Setup.exe
01.18 10:01
8734_5737.exe
01.18 10:01
CondoGenerator.exe
01.18 10:01
QGFQTHIU.exe
01.18 10:01
4909_7122.exe

Latest News
01.20 03:01
Bambu Connect’s Authen...
01.20 03:01
TikTok to Restore Serv...
01.20 01:01
KI statt Kanzler? Drei...
01.20 01:01
Donald Trump und die T...
01.20 12:01
An Instant Gratificati...
01.19 10:01
Apple Is Unlikely to B...
01.19 09:01
DIY Handheld is an Emu...
01.19 07:01
Behörde stärkt Sicherh...
01.19 07:01
Keine Bewegung, kein S...
01.19 07:01
Computing und KI: Die ...

Dropped Files | ZeroBOX

Name	e4e2e4a9a6dbfa7a_runinconsole.mfx Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\ebe3327c-6b10-48ad-a146-96b61492f2fb.FusionApp\RunInConsole.mfx
Size	113.5KB
Processes	1880 (fred.exe)
Type	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5	`e31137fadc4e75bacab2258a5d295a2d`
SHA1	`c9b75af685b6fd724b5059b9666888f0985d4d08`
SHA256	`e4e2e4a9a6dbfa7ac537ae39c8b43040b752d90d409bc1c1d09c03d8e195bcd0`
CRC32	`76C9EEA6`
ssdeep	`1536:ddcYmKxS+7QhmYWwcdj/ad2QlQUv3sXlkHBomwEjcdWEAr3lf/nodU752Jc5bSfo:PrmKhYWLdeF2cWLYEeoU752Jc5btp`
Yara	Malicious_Library_Zero - Malicious_Library IsPE32 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	92a5053cf5973a6a_waveflt.sft Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\ebe3327c-6b10-48ad-a146-96b61492f2fb.FusionApp\waveflt.sft
Size	8.0KB
Processes	1880 (fred.exe)
Type	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5	`57ea61dd14314ef155e80c6a0be8a664`
SHA1	`963b0ef2fe976ff77044a821fe1e29be4a8cf8a7`
SHA256	`92a5053cf5973a6aa228c738d55387f12f1dfa8a837d7b938c60f05b6b56b3ad`
CRC32	`5E93702B`
ssdeep	`96:vLor1Jnr+4O1tLj+Ct2KTOGTrgHchhAfETVdnPstJgxl8V6N/8cKH+ewp:v26Dj9t2ubTVdGJgOcGvw`
Yara	IsPE32 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	9e589f86317d840d_oggflt.sft Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\ebe3327c-6b10-48ad-a146-96b61492f2fb.FusionApp\oggflt.sft
Size	130.5KB
Processes	1880 (fred.exe)
Type	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5	`0c8c1ee3ba92189f4ce21d1b396a2765`
SHA1	`b7daa4a6e16416151dccbb0a89f304961b6cb627`
SHA256	`9e589f86317d840df9bb74f6ee20c24ca65afe58f4009740382f63a0f5531941`
CRC32	`CAC01866`
ssdeep	`1536:Ww+JHBmul5IMIPkmLnFfUs3OF+KQ51PGTUBHnEJj0AtDLPJwdMSIiRaEUsXxTTUI:CCul5jEkSbOF+31PGTUBwoA8uMR0IjD`
Yara	IsPE32 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	c83bcec56f1666d6_kclist.mfx Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\ebe3327c-6b10-48ad-a146-96b61492f2fb.FusionApp\kclist.mfx
Size	32.0KB
Processes	1880 (fred.exe)
Type	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5	`de7d289ea419cc82784cefc87e652c70`
SHA1	`9035cf539cd9d3c14fdda73eb2c23452750cfade`
SHA256	`c83bcec56f1666d6871e077cc54d0ee7f6462773c03afbb301b9180a4ad0a31a`
CRC32	`F424C5F3`
ssdeep	`192:lME7dUtmvkkZx+CjaAGnI2469E+750SXv+rKaw6OXOGS3xy8z5m9m:mE7dUTMeAuxWw5aYXOGShy8zs`
Yara	IsPE32 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description)
VirusTotal	Search for analysis

Name	a0ada42e3a476009_kcwctrl.mfx Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\ebe3327c-6b10-48ad-a146-96b61492f2fb.FusionApp\kcwctrl.mfx
Size	79.5KB
Processes	1880 (fred.exe)
Type	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5	`2c34e977f898ab60eddb72075c4be223`
SHA1	`adf883dd06e5ae340a03e6c22a56a4c0caf909ea`
SHA256	`a0ada42e3a4760097c1c2f98905f12b19de47159543aa21e1c604dbcac7337f2`
CRC32	`9573D55C`
ssdeep	`1536:cwk3FPBc4adaq8YUb9OB8CIE3sWoCcd0x47DGGGGfxKo:G1PB6daNFC8n70x47DGGGGfxKo`
Yara	Malicious_Library_Zero - Malicious_Library IsPE32 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	3cde7a9181ab63a4_mmf2d3d9.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\ebe3327c-6b10-48ad-a146-96b61492f2fb.FusionApp\mmf2d3d9.dll
Size	1.1MB
Processes	1880 (fred.exe)
Type	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5	`72bb9180f8905c0da95566b778cdac5e`
SHA1	`e96145e8120514092b35f67f1f120b958997f921`
SHA256	`3cde7a9181ab63a42cd3535d279d0ab1397b7b78fa3ddddef832757ab2024101`
CRC32	`6D84816D`
ssdeep	`24576:EE6cfv6jilsTCw8RCmttZtcJPFGySBDmXA4HwLSJcl:CyA8omXGSFmdkl`
Yara	Malicious_Library_Zero - Malicious_Library IsPE32 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	9cba4d670209c690_mmf2d3d8.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\ebe3327c-6b10-48ad-a146-96b61492f2fb.FusionApp\mmf2d3d8.dll
Size	447.0KB
Processes	1880 (fred.exe)
Type	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5	`59aeab50440b9f50389a997bc6c44866`
SHA1	`61e7a377a98df935bc4a0c94776cf8e4b49c4cb8`
SHA256	`9cba4d670209c69039d0d92598aab6d916d9fbd215b634012ff9cef55bfaf559`
CRC32	`3EF763A4`
ssdeep	`12288:FET+JrnmtBKpjh7RhObbSstL7pDt35JXF/GRK:FA+Jrakjh710HpDt3nVuRK`
Yara	Malicious_Library_Zero - Malicious_Library IsPE32 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	7948de373521b28b_pcshutdownoperations.mfx Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\ebe3327c-6b10-48ad-a146-96b61492f2fb.FusionApp\PCShutdownOperations.mfx
Size	114.0KB
Processes	1880 (fred.exe)
Type	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5	`426ac6ce433939fb99a06c4924f374c9`
SHA1	`d35fdd69d7788dc4e75e615d0ca9ac011bce14f5`
SHA256	`7948de373521b28b905b0f543d8851272fa6259594aab4379abd5e330f0360ce`
CRC32	`333D579F`
ssdeep	`1536:xCo4vP1+7E8EEWqVZdjMHtKIN30OHkzlkHkoewUjodWEAuBDj3nodh75fEyyjWtP:xCo4vtEWudC/icXzEEbMh75fEyuy`
Yara	Malicious_Library_Zero - Malicious_Library IsPE32 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	c75918d99dd8983f_archive.mfx Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\ebe3327c-6b10-48ad-a146-96b61492f2fb.FusionApp\Archive.mfx
Size	97.5KB
Processes	1880 (fred.exe)
Type	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5	`0d1416e079cc907971a7eebe49189eb1`
SHA1	`4e0ccfc37e738df826b526f3e7016b2c45e415cf`
SHA256	`c75918d99dd8983fff3dc51ea3f28ad7a9da8c84f273e5a20736f227626fb50b`
CRC32	`3141F652`
ssdeep	`3072:OpZ807jkNqfPD/bQTiZoPK1Nkcm3udzss6qnMny7vOyefz+:OppjkNq/e3ctf6qnMnyDOyeL+`
Yara	IsPE32 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	b743b916b20bee0b_web query object.mfx Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\ebe3327c-6b10-48ad-a146-96b61492f2fb.FusionApp\Web Query Object.mfx
Size	1004.0KB
Processes	1880 (fred.exe)
Type	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5	`7d739626a6fb3bc84e0999b19fa48745`
SHA1	`0b47c9665e85e4f624830786978a5c67410069f7`
SHA256	`b743b916b20bee0b1653ce696b3e07fc8e0ab2c64bf47eec8a979c77b5c8dbf2`
CRC32	`D92425E7`
ssdeep	`12288:UTHskAM2AnkGyuNSN9txg9BJyHIu7izJI5UiOCpopHM2zPRvFe6ulHfq87pzHW05:NkH25UiOCpops2Lcfnz2XdyNsNM`
Yara	Malicious_Library_Zero - Malicious_Library IsPE32 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	3a288448e88a296b_mmfs2.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\ebe3327c-6b10-48ad-a146-96b61492f2fb.FusionApp\mmfs2.dll
Size	509.4KB
Processes	1880 (fred.exe)
Type	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5	`98f647d1ed220e1d715aed9dcf69f387`
SHA1	`d1d9f5361672553a394bee9afe1d30814dd0ac53`
SHA256	`3a288448e88a296b2bceeaf093e76a22e3083e937a3c4efeb6a61565ca7e35df`
CRC32	`CC63F830`
ssdeep	`12288:Cl2w5SNFe2TMNMfeZJyxqNEQ8W7zf+IL2SUoOHxwVoipcVDNLTrgqiJsRr:PdNFe2TMNMG4qNEQ8W7zGWYd1DLTE9Ox`
Yara	Malicious_Library_Zero - Malicious_Library IsPE32 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	e8a1af555a3d39b1_wndtransp.mfx Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\ebe3327c-6b10-48ad-a146-96b61492f2fb.FusionApp\WndTransp.mfx
Size	65.5KB
Processes	1880 (fred.exe)
Type	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5	`6f93111ce72225daab2bcdceee48d204`
SHA1	`1a5156f6e00b47dd4197c933092578aef49a66de`
SHA256	`e8a1af555a3d39b1cb0c6bf6511158d4fd48a1e4e2dac60a6f54af4b486f60a1`
CRC32	`8EE1A45F`
ssdeep	`768:CQqAjo6u2vN/mxxB6uKRpc9Em+FtRuFWPhD2F7a3bgW25GmoZiV7dOa7r:CQqI3v9mxD+dts9F7e25GmoZiV7dOa`
Yara	Malicious_Library_Zero - Malicious_Library IsPE32 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description)
VirusTotal	Search for analysis

Name	7daa995fbf72b941_kcfile.mfx Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\ebe3327c-6b10-48ad-a146-96b61492f2fb.FusionApp\kcfile.mfx
Size	116.0KB
Processes	1880 (fred.exe)
Type	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5	`fe2b4c6a45ce244f1c40f730008465c9`
SHA1	`9dfd41a915c19a4520a3024e9133e9a24e61779f`
SHA256	`7daa995fbf72b941859177b08b2785dc107f1a3deb99f6ab4c675d2b0f03a06b`
CRC32	`86EE3B93`
ssdeep	`3072:yizFhi3x1WAs+AxlENojvbsdJ2hjxUZh3QH:e3jc+APxD4m`
Yara	Malicious_Library_Zero - Malicious_Library IsPE32 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	95374f7a8baf4aa4_mmf2d3d11.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\ebe3327c-6b10-48ad-a146-96b61492f2fb.FusionApp\mmf2d3d11.dll
Size	547.4KB
Processes	1880 (fred.exe)
Type	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5	`34f59e6e9dc838d4fb2e66572895b743`
SHA1	`1fc52b466a658e8be485e8db4bfa4616229089c3`
SHA256	`95374f7a8baf4aa4851a6cab31f04cb2450cec3837dacfdc9456e37b0b6c1496`
CRC32	`7CDA8099`
ssdeep	`12288:037fHyZr4SykN5fixzIx+5pzuLMH3nWDxx1j/Afk5Owi66b2kyvBv:0JSxNoxz8+5sLMXnWt/AOiJ2VJv`
Yara	Malicious_Library_Zero - Malicious_Library IsPE32 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	94cea0df9febe19f_kcbutton.mfx Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\ebe3327c-6b10-48ad-a146-96b61492f2fb.FusionApp\KcButton.mfx
Size	40.0KB
Processes	1880 (fred.exe)
Type	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5	`b848bbf535366b6053f7bc8ab87fc5e0`
SHA1	`19d8a51062201531ff58c898925e53490c22213e`
SHA256	`94cea0df9febe19fc2e1a905bd7df0bdab63797a42a7006f14bc8838003e5a45`
CRC32	`2BAFEB4A`
ssdeep	`384:3rIlaI9/J7NBiwulWwnTXnk2Fp1ARNq1O1wLPw3p8/F9U+SX8wVAvBjKA:3rIl3xNBST3xFTAAqwfaWvBjKA`
Yara	IsPE32 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description)
VirusTotal	Search for analysis

Name	0121679c56e4183d_fckernel.mfx Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\ebe3327c-6b10-48ad-a146-96b61492f2fb.FusionApp\fcKernel.mfx
Size	28.0KB
Processes	1880 (fred.exe)
Type	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5	`5bb15ebdb266b6c45cd2b410ad2f718d`
SHA1	`495299087d79291d96f2658a3e605fbf04649522`
SHA256	`0121679c56e4183d80dac5f79b4eadd4bb84aecad185ba99719fa268348eb161`
CRC32	`F7C225DF`
ssdeep	`384:/x7SCvhK1DTO4sqlWk5MDs5x2gS214dIZCKO5g:/x7SCvI1XO4siN5t5xN14dIZCKO5`
Yara	IsPE32 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description)
VirusTotal	Search for analysis