popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 76296ca80ceb9d2d_sharefont.ini
Submit file
Filepath C:\Users\test22\AppData\Roaming\HNC\User\Common\80\Fonts\ShareFont.ini
Size 183.0B
Processes 2556 (Hwp.exe)
Type ASCII text, with CRLF line terminators
MD5 34766d17d04c24aaa62124eae6b5bac4
SHA1 984e092e32fe8f7bd340a7799541c2600d96a4fb
SHA256 76296ca80ceb9d2db0b4ed08ba1b060c92a75805d71978c30dd33b87bd698b6e
CRC32 E0E924A3
ssdeep 3:5xxovKdVo6LR5nE9Aj4I5tLGoW+QRX7AMWRUrNmWxpcL4EaKC5YoH1KLDTjEcKl0:5RVogR5nEk55GoW+QWMWRKNmQpcLJaZg
Yara None matched
VirusTotal Search for analysis
Name ba0ef54bb7914a12_e9df1f28cfbc831b89a404816a0242ead5bb142c.hwp.lnk
Submit file
Filepath C:\Users\test22\AppData\Roaming\HNC\Office\Recent\E9DF1F28CFBC831B89A404816A0242EAD5BB142C.hwp.lnk
Size 1.1KB
Processes 2556 (Hwp.exe)
Type MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Mon Sep 26 19:48:00 2022, mtime=Mon Sep 26 19:48:00 2022, atime=Mon Sep 26 19:48:00 2022, length=76800, window=hide
MD5 6d1255a0b7734eb73bde482a98164393
SHA1 c3da0c6c535dc24d7eb0c6b0a442dfdbc6044071
SHA256 ba0ef54bb7914a1268ad7e7cf63d8aca0f0ef0aa60ec9c8db289b14571f231c6
CRC32 C2478B30
ssdeep 24:8KesERdglRfHQlIqctMhJzNRl4b/MqctM36PyoiliK:8psHlRfHypRebiyZ
Yara
  • lnk_file_format - Microsoft Windows Shortcut File Format
  • Lnk_Format_Zero - LNK Format
VirusTotal Search for analysis
Name 0771b95c54006093_normal80.hwt
Submit file
Filepath C:\Users\test22\AppData\Roaming\HNC\User\Shared80\HwpTemplate\Doc\ENU\Normal80.hwt
Size 14.5KB
Processes 2556 (Hwp.exe)
Type Hangul (Korean) Word Processor File 5.x
MD5 bfe569dbee47f5bb41f91e83de5b6c40
SHA1 299509b6c808074026d938884f5ff01914c28aa1
SHA256 0771b95c540060936dd22571145e86141021dfc869b78f1eeef86fde228463c9
CRC32 AD69E2DD
ssdeep 96:Hr6MSQ0gWep/GtbBKYDoylxrvKLNYSjKQMgWSpEtbBKYDoylxrj:Hr6MSdepgBomxUpjKlSpaBomx3
Yara
  • Microsoft_Office_File_Zero - Microsoft Office File
  • HWP_file_format - HWP Document File
VirusTotal Search for analysis
Name 9f484c55a095c612_temp.folder.lnk
Submit file
Filepath C:\Users\test22\AppData\Roaming\HNC\Office\Recent\Temp.folder.lnk
Size 823.0B
Processes 2556 (Hwp.exe)
Type MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Directory, ctime=Wed Jan 31 20:32:29 2018, mtime=Wed Jan 24 19:53:01 2024, atime=Wed Jan 24 19:53:01 2024, length=65536, window=hide
MD5 e7bc87ba3458357848cdd45775c8e5a4
SHA1 0c0aff57779dcebe4f723112c24c31a4eef40b92
SHA256 9f484c55a095c612cb73670d5b5123e8dcbca900472206d176f3c3314ffc484b
CRC32 99B7372F
ssdeep 12:8ppEnsh64cZCrR8EvSWMlR+/qe8izCCOLMa1Swua4t2YLEPKzlX8ydhN:8ppEgsERdglRf0zNRak6Pyx
Yara
  • lnk_file_format - Microsoft Windows Shortcut File Format
  • Lnk_Format_Zero - LNK Format
VirusTotal Search for analysis