Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
04.20 07:04
.csrss.exe
04.20 07:04
.csrss.exe
04.20 06:04
cookies-alert-script.j...
04.20 06:04
mdb.min.css
04.20 06:04
font-awesome.min.css
04.20 06:04
bootstrap.min.css
04.20 06:04
style.css
04.20 06:04
popper.min.js.pobrane
04.20 06:04
jquery-3.2.1.min.js.po...
04.20 06:04
mdb.min.js.pobrane

Latest News
04.20 12:04
[K-CTI 2025] 케이토네트웍스 "...
04.20 12:04
[K-CTI 2025] 전덕조 씨큐비스타...
04.20 11:04
Frankenflair 58: Manua...
04.20 10:04
IT Sicherheitsnews tae...
04.20 08:04
China’s TMSR-LF1 Molte...
04.20 07:04
Tiktok testet Fußnoten...
04.20 07:04
KI-Bots im Undercover-...
04.20 07:04
Entkomme der Zahlenfal...
04.20 07:04
Bitte, Danke, Pleite? ...
04.20 05:04
They Hacked a Nuclear ...

Dropped Files | ZeroBOX

Name	f5bf6f9b6a166d3b_sqlite3.def Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\sqlite3.def
Size	4.8KB
Processes	2836 (ctfmon.exe)
Type	ASCII text
MD5	`bcaf2708719fc3d59cb1d3d2319d185d`
SHA1	`a9b5c2764fb6ffb46937288ace2aae536905eedc`
SHA256	`f5bf6f9b6a166d3bad9bb2b34bac5c4e9293978cd5631c059710483555a1910e`
CRC32	`7FE7AB89`
ssdeep	`96:GcuN4gR+7Oc6XRMcCM3KVGOF95BlitvrmNHY0ac:E4Q+7Oc6JKVBF95ivrmNHcc`
Yara	None matched
VirusTotal	Search for analysis

Name	413852f536628cfa_330j-55 Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\330j-55
Size	40.0KB
Type	SQLite 3.x database, last written using SQLite version 3033000
MD5	`91a39ee5267872c5a86c0b791bfd0fe0`
SHA1	`3ee10302a6d40c7aa02afe01d36498f1b27f7895`
SHA256	`413852f536628cfad0f6be985e814443f8a2bbdcfd55994aff9a561fbad68fe1`
CRC32	`B431A379`
ssdeep	`24:TL2C0RlPbXaFpEO5bNmISHdL6UwcOxvo5:TYLOpEO5J/KdGU1Eo5`
Yara	None matched
VirusTotal	Search for analysis

Name	824fae3331b95e2f_330j-55 Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\330j-55
Size	40.0KB
Type	SQLite 3.x database, last written using SQLite version 3033000
MD5	`41c19a9e8541fcb934c13c075bf47721`
SHA1	`648a7622d533d79b9a0bb31dc370134ec3a75ed7`
SHA256	`824fae3331b95e2f88ca60c87a6c9569086906ec76fc1db8d6dee9adddc4e80c`
CRC32	`560F7642`
ssdeep	`48:+35TqYzDGF/8LKBwUf9KfWfkMUEilGc7xBM6vu3f+fmyJqhU:Ulce7mlcwilGc7Ha3f+u`
Yara	None matched
VirusTotal	Search for analysis

Name	e3b0c44298fc1c14___tmp_rar_sfx_access_check_12115421 Empty file or file not found
Filepath	C:\Users\test22\AppData\Local\Temp\RarSFX0\__tmp_rar_sfx_access_check_12115421
Size	0.0B
Type	empty
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
CRC32	`00000000`
ssdeep	`3::`
Yara	None matched
VirusTotal	Search for analysis

Name	6deaec2f96c8a1c2_sqlite3.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\sqlite3.dll
Size	807.4KB
Processes	2836 (ctfmon.exe)
Type	PE32 executable (DLL) (console) Intel 80386, for MS Windows
MD5	`16a1612789dc9063ebea1cb55433b45b`
SHA1	`438fde2939bbb9b5b437f64f21c316c17ce4a7f6`
SHA256	`6deaec2f96c8a1c20698a93ddd468d5447b55ac426dc381eef5d91b19953bb7b`
CRC32	`D617D80F`
ssdeep	`24576:QJCoOO8Mh2X8Vy0JHfv3kDpigeLKh2R6fFQVp:QL8MFVym/kDpitLKZy`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE32 - (no description)
VirusTotal	Search for analysis

Name	0cb284abb63cf61b_setup.exe Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\RarSFX0\setup.exe
Size	2.4MB
Processes	1460 (file.exe) 2836 (ctfmon.exe)
Type	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5	`6adf971492254cf2a5f8894c8a0d637f`
SHA1	`009a265a5dc2c1fb960c4cffde17d95fc21fa16d`
SHA256	`0cb284abb63cf61b070bfa0a5250ff536f92907bbf5eec07070b9aeafa4ac2bd`
CRC32	`13DA6081`
ssdeep	`49152:9woLb4RIEWQqv1RUliCZz7BQlHySGp2pamWWO6PHDM6Pgq9OSQBGDi6QU:Co/ScIi83BQhvGp2g6vpPgZwDL`
Yara	PE_Header_Zero - PE File Signature Is_DotNET_EXE - (no description) IsPE32 - (no description)
VirusTotal	Search for analysis

Name	29cd1166bdab2568_run.vbs Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\RarSFX0\run.vbs
Size	260.0B
Processes	1460 (file.exe)
Type	ASCII text, with CRLF, LF line terminators
MD5	`841c24716c25d1d8c1f5eab82fc73be7`
SHA1	`a2cae95040bff067feaa70e45441f197d13a5f5d`
SHA256	`29cd1166bdab2568a4a4665c9c072ed0c21e9365be74e01c01d39ca927631b53`
CRC32	`C4D9666B`
ssdeep	`6:jRNqhDMN+7yIKMToM5QODIMyuWRLKMTPRQODRlauWRn:6hwAdKMTnQgg3RLKMTpQgRE3Rn`
Yara	None matched
VirusTotal	Search for analysis

Name	495c76a1f5b27c1d_update.exe Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\RarSFX0\update.exe
Size	2.2MB
Processes	1460 (file.exe)
Type	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5	`0919d76709704c22d602ca37aadab717`
SHA1	`dafdc1303d028b36a7fe9b71465f9144b1c83ba6`
SHA256	`495c76a1f5b27c1d1dd4c02a2d6b14c33f02f7fff1d4720e9f751055f9dd9a51`
CRC32	`5623D3B6`
ssdeep	`49152:tw+k3hTfvSe/m1e4pcmgFS9FwSdCAvOXuvcUSYvpW6QeMUQgw01Z:teFvheAQCSlvO+UUW6pMUQgwU`
Yara	PE_Header_Zero - PE File Signature Is_DotNET_EXE - (no description) IsPE32 - (no description)
VirusTotal	Search for analysis