popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 680d36613d8dfa43_ornithorhynchus.sen
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\bakkegaarden\vaginaerne\Unprimitively63\Yachtmen\Mailsack\ornithorhynchus.sen
Size 50.6KB
Processes 1508 (wlanext.exe)
Type COM executable for DOS
MD5 b594602fb689ed56603ec8c05ada892e
SHA1 c728b38c0fb999bf3eea67ccbf76dd648d628351
SHA256 680d36613d8dfa432c32eea93e02d6158388846d68c82ca81eba3dfbfc732af1
CRC32 038F8F59
ssdeep 1536:jEonk4SqR51KR/7l2JwMjBz2AhlJeYk2kG97Ko:jg5qZC/73KnnkXO
Yara None matched
VirusTotal Search for analysis
Name 1d9c744501ab692c_hofteholderens.kin195
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\bakkegaarden\vaginaerne\Unprimitively63\Hofteholderens.Kin195
Size 389.7KB
Processes 1508 (wlanext.exe)
Type data
MD5 e1d5a82ac25d6789c928ee772072310b
SHA1 27eb2c4b01f851a47928db165ee3aa991f3d916c
SHA256 1d9c744501ab692c1c6444219398601fc4272facb11f5885e3a7ecc182ec11c2
CRC32 889BD25C
ssdeep 12288:if5eugmfge+NS7atZnPt8VY2VH24PFbGiNM+:ifsuVge7KOVY2EQ3
Yara None matched
VirusTotal Search for analysis
Name e3b0c44298fc1c14_nsvC1B5.tmp
Empty file or file not found
Filepath C:\Users\test22\AppData\Local\Temp\nsvC1B5.tmp
Size 0.0B
Type empty
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
CRC32 00000000
ssdeep 3::
Yara None matched
VirusTotal Search for analysis
Name d6431d5645fffd05_d93f411851d7c929.customDestinations-ms~RF170032e.TMP
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d93f411851d7c929.customDestinations-ms~RF170032e.TMP
Size 7.8KB
Processes 2156 (powershell.exe) 2272 (powershell.exe)
Type data
MD5 260d23ce04a8f8555a73b7d2dc15e911
SHA1 ebad746fb7de847c50f7502a44f6e35534733efd
SHA256 d6431d5645fffd05a23166d630253bc7ce8c099cf6e9c956f8ae5e1249ee8588
CRC32 11D6B213
ssdeep 96:ctuCeGCPDXBqvsqvJCwo5tuCeGCPDXBqvsEHyqvJCworSP7Hwxf2lUVul:ctvXo5tvbHnorrxQ
Yara
  • Antivirus - Contains references to security software
  • Generic_Malware_Zero - Generic Malware
VirusTotal Search for analysis
Name 8b2b5fe55399572d_agnas.bol
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\bakkegaarden\vaginaerne\Unprimitively63\agnas.bol
Size 54.5KB
Processes 1508 (wlanext.exe)
Type data
MD5 8eea764335d8897f1a876b12c1332e73
SHA1 86d10ee7df1dcd4c71a0a5aeed2830986ad0f9c0
SHA256 8b2b5fe55399572df3e4f0bbe513f5fa745248ff7725d3398496a81cacf022de
CRC32 B91C3047
ssdeep 768:lXanH2StEnTpyT5mKcuX5n9KtBE8dgjcTQM1ZXraGMEZov9ROOvHIWaw3Tbfdtm9:MnBCnTkUYJ97MTBGGlZmzOpW5Dm9
Yara None matched
VirusTotal Search for analysis
Name 3be1211363180797_gravstik.pre
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\bakkegaarden\vaginaerne\Unprimitively63\uegentlige\Uncheating\Sciapods\gravstik.pre
Size 60.3KB
Processes 1508 (wlanext.exe)
Type data
MD5 1970b6a4eeb916ca009528f7d5a02886
SHA1 bb2ebcefe51984e08b3306832deab74817f07ba9
SHA256 3be12113631807979d3f289cd639cc9558c0a45ccdb0fdc6e4ed954faeb67403
CRC32 04AE2F52
ssdeep 1536:Dji02KU3RpHqtJPnxLD88ps6BQXQwndehrht:D+02KyCfnxH8gs6Bynu
Yara None matched
VirusTotal Search for analysis
Name 5332e7356f7c49a7_undiffidently.veh
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\bakkegaarden\vaginaerne\Unprimitively63\Undiffidently.veh
Size 55.6KB
Processes 1508 (wlanext.exe)
Type data
MD5 8b5eaca39fbe3f7c604291f770650754
SHA1 07e269bbb1c0b4f2d2662ab112467bb357a88ac8
SHA256 5332e7356f7c49a7d78a9eb91b96bbb88ccef267614efd5e3ab399de23982d1a
CRC32 DBE071D9
ssdeep 1536:Y/9Di5YWJMApGt/tvdn4d2u99gLIjHisg3Y0:Y/9DBc/Wt548uldg3L
Yara None matched
VirusTotal Search for analysis
Name 5bf8ee038f6f67c1_suprasensitive.oos
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\bakkegaarden\vaginaerne\Unprimitively63\Yachtmen\Mailsack\suprasensitive.oos
Size 33.2KB
Processes 1508 (wlanext.exe)
Type data
MD5 c5a20f3ecfcc99e9c329767f289a2c80
SHA1 60f7a5b206c6d4296dcf11ae143c3961a5ffc165
SHA256 5bf8ee038f6f67c109329c61c57088cb0b767e18ee661cda38a3509bd6045f82
CRC32 282D405E
ssdeep 768:WZxCsUs9Ah28chwp10O6eNjLpvwXxMNW4Ca0nuLwbrDDoaFeq2p5:qJyh2do10O60RQMNJB04wbrntFeqk
Yara None matched
VirusTotal Search for analysis
Name e1a3f55f2c61df71_kupeernes.bet
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\bakkegaarden\vaginaerne\Unprimitively63\uegentlige\Uncheating\Sciapods\kupeernes.bet
Size 58.3KB
Processes 1508 (wlanext.exe)
Type data
MD5 43d837c09a9cb65034b2a8333627387a
SHA1 29a7c4612b6067029d93d3e0f27e9b4d298692dc
SHA256 e1a3f55f2c61df7151801ee1716abf75eb5aeabad11abfd439be215561765b53
CRC32 C9507F32
ssdeep 1536:uz8b4xmjo1i6Y+kwJBNI3XqZ2b0HorOLnwsTDKkPsu:uz8b1joU6DkwJGXM2YHxw9kEu
Yara None matched
VirusTotal Search for analysis
Name 2b7a5dc99ddeae31_modtagerbanken.txt
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\bakkegaarden\vaginaerne\Unprimitively63\Yachtmen\Mailsack\modtagerbanken.txt
Size 467.0B
Processes 1508 (wlanext.exe)
Type ASCII text, with CRLF line terminators
MD5 d4385ecf6768734f341e61c76f3333c7
SHA1 facdd1fd4936d088f3643ac1a0ae89b6cb753412
SHA256 2b7a5dc99ddeae31c98fc9cc2068d98ab0de77ac5b8d5d9270e205d7fa428d45
CRC32 CA40C0FE
ssdeep 12:ps6oLACFKogzmGOchMAFgWl43AlAEhmY7oZcM+jP6:OT00Koga+jFTa3aP8ZOy
Yara None matched
VirusTotal Search for analysis
Name 7a6f9e6456c738f4_acrostichic.lnk
Submit file
Filepath C:\Program Files (x86)\acrostichic.lnk
Size 1.3KB
Processes 1508 (wlanext.exe)
Type MS Windows shortcut, Item id list present, Has Relative path, ctime=Sun Dec 31 15:32:08 1600, mtime=Sun Dec 31 15:32:08 1600, atime=Sun Dec 31 15:32:08 1600, length=0, window=hide
MD5 2e407e4594aa6ded36fc7299506b166e
SHA1 91ecab65ce9f48628892e226fa86cbe3e7245ac7
SHA256 7a6f9e6456c738f41cd5ab1eb8dc21f1163c4656f5321cd1a9fa5f5b4f3be072
CRC32 C8EC3563
ssdeep 12:8gl0XvY3HV7GyuRIXrOk3pQV+HsQtv+o/93SDYSjEv/Q1olfW+Dv+/D8xEK/omNU:8oZqR4OApQVAvz4YS9izDvEYoCHADPy
Yara
  • lnk_file_format - Microsoft Windows Shortcut File Format
  • Lnk_Format_Zero - LNK Format
VirusTotal Search for analysis
Name fc4a5f5a396694d9_heterophonic.for
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\bakkegaarden\vaginaerne\Unprimitively63\Heterophonic.for
Size 27.4KB
Processes 1508 (wlanext.exe)
Type data
MD5 aadf973a5a6565556272b2eb1cf0ac6c
SHA1 27247fa480eae68e2142aac9a4b88da954d261bd
SHA256 fc4a5f5a396694d97c994776884e3db4e46c52d07f37af69604767e28a2305af
CRC32 53E1231D
ssdeep 768:KVs9lNZtzGIzh4CFDiA+USCGhSvcZAioS:tdIkh4ClX+nCGhucOi1
Yara None matched
VirusTotal Search for analysis
Name a9220271c0eb79e5_d93f411851d7c929.customDestinations-ms~RF16ffc39.TMP
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d93f411851d7c929.customDestinations-ms~RF16ffc39.TMP
Size 7.8KB
Type data
MD5 b0c9ff441742f3847ea27da9dee7f2cd
SHA1 c42a1eb32ba953a0ce5d8635caabf71b5b281495
SHA256 a9220271c0eb79e5750e0d0e62058ecac560e09cdf9e82ef61aeeabada5d48a4
CRC32 0BBCAB1A
ssdeep 96:RutuCOGCPDXBqvsqvJCwo+utuCOGCPDXBqvsEHyqvJCworSP7Hwxf2lUVul:UtvXoxtvbHnorrxQ
Yara
  • Antivirus - Contains references to security software
  • Generic_Malware_Zero - Generic Malware
VirusTotal Search for analysis
Name 16ba63a25bd4c823_russia.tal
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\bakkegaarden\vaginaerne\Unprimitively63\Russia.Tal
Size 24.8KB
Processes 1508 (wlanext.exe)
Type ASCII text, with very long lines, with no line terminators
MD5 1861efdd2e1bc73ef087cf70267813a3
SHA1 1a56fc14a352943ebbf571bda85f5d62bd17952b
SHA256 16ba63a25bd4c823f32edf024c2a8f0b0e754b6966c49d5cbd6b405502e84dd0
CRC32 224158ED
ssdeep 768:IUQKzwLzvDqAP9Ysw65pQEXBvRzjSqtjg5oLen1:IULI+sw0p/RRz9jsoLc
Yara None matched
VirusTotal Search for analysis