popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 9ad643ed6ce085c3_qcrtuser.dic
Submit file
Filepath C:\Users\test22\AppData\Roaming\HNC\User\Shared80\Dics\QCRTUSER.DIC
Size 151.4KB
Processes 496 (Hwp.exe)
Type data
MD5 cb1b438dc7a86eba15d37a9fff0243ff
SHA1 df7b6631409b7fcf1ebd7ff74d9cada858349df6
SHA256 9ad643ed6ce085c3eb5075ba3fac9e35c2f96e0956d9c90fe6cc5614fb9b355c
CRC32 A0E86182
ssdeep 3072:p6XVX4IL2AFp0OcGat3QxRn6At3H6dK5yU3TjNKG+TnUQrScr2sGVR87lkkXFiU5:pOpmiYqJhm0zzOp
Yara None matched
VirusTotal Search for analysis
Name 76296ca80ceb9d2d_sharefont.ini
Submit file
Filepath C:\Users\test22\AppData\Roaming\HNC\User\Common\80\Fonts\ShareFont.ini
Size 183.0B
Processes 496 (Hwp.exe)
Type ASCII text, with CRLF line terminators
MD5 34766d17d04c24aaa62124eae6b5bac4
SHA1 984e092e32fe8f7bd340a7799541c2600d96a4fb
SHA256 76296ca80ceb9d2db0b4ed08ba1b060c92a75805d71978c30dd33b87bd698b6e
CRC32 E0E924A3
ssdeep 3:5xxovKdVo6LR5nE9Aj4I5tLGoW+QRX7AMWRUrNmWxpcL4EaKC5YoH1KLDTjEcKl0:5RVogR5nEk55GoW+QWMWRKNmQpcLJaZg
Yara None matched
VirusTotal Search for analysis
Name 0771b95c54006093_normal80.hwt
Submit file
Filepath C:\Users\test22\AppData\Roaming\HNC\User\Shared80\HwpTemplate\Doc\ENU\Normal80.hwt
Size 14.5KB
Processes 496 (Hwp.exe)
Type Hangul (Korean) Word Processor File 5.x
MD5 bfe569dbee47f5bb41f91e83de5b6c40
SHA1 299509b6c808074026d938884f5ff01914c28aa1
SHA256 0771b95c540060936dd22571145e86141021dfc869b78f1eeef86fde228463c9
CRC32 AD69E2DD
ssdeep 96:Hr6MSQ0gWep/GtbBKYDoylxrvKLNYSjKQMgWSpEtbBKYDoylxrj:Hr6MSdepgBomxUpjKlSpaBomx3
Yara
  • Microsoft_Office_File_Zero - Microsoft Office File
  • HWP_file_format - HWP Document File
VirusTotal Search for analysis
Name 87758d12c3c14abf_temp.folder.lnk
Submit file
Filepath C:\Users\test22\AppData\Roaming\HNC\Office\Recent\Temp.folder.lnk
Size 823.0B
Processes 496 (Hwp.exe)
Type MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Directory, ctime=Wed Jan 31 20:32:29 2018, mtime=Wed Jan 24 19:51:10 2024, atime=Wed Jan 24 19:51:10 2024, length=65536, window=hide
MD5 bcda1809033d10f2d4478278bbddebe0
SHA1 1d28f4e9c8abe1e3111bf10e87bffc24feae067b
SHA256 87758d12c3c14abfa9fc90b809ccef3087259c125030f7c62fbca0bf207a9752
CRC32 54951AF6
ssdeep 12:8p5beRvsh64cZCrR8EvSWxER+/cg8izCCOLMa1Swua4t2YLEPKzlX8yVwu:8pAysERddERczNRak6Pyxwu
Yara
  • lnk_file_format - Microsoft Windows Shortcut File Format
  • Lnk_Format_Zero - LNK Format
VirusTotal Search for analysis
Name 8cf8b0aff3a6355c_조선 시장 물가 분석(회령).hwp.lnk
Submit file
Size 1.1KB
Type MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Mon Sep 26 19:57:22 2022, mtime=Mon Sep 26 19:57:22 2022, atime=Mon Sep 26 19:57:22 2022, length=72704, window=hide
MD5 77b3f44ccd620125d2ab734f0c8a8bbb
SHA1 aee3f73cb459549ec2fad392762ec4e8df9dc145
SHA256 8cf8b0aff3a6355cbc2c3d4fc473e4f379f54d2261a82bfca084c43975d31cc9
CRC32 873C1419
ssdeep 12:8gdbC04cZCrR8EvSWxER+/cgLC1y6gCDdOuCOLM1cQ1Idb1IdVwua4t2YLEPKzlD:8gBysERddERMhCDdOxRnWdbWdV6PyR
Yara
  • lnk_file_format - Microsoft Windows Shortcut File Format
  • Lnk_Format_Zero - LNK Format
VirusTotal Search for analysis