Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
08.01 03:08
lasjdflakdsjf.pdf.exe
08.01 03:08
Microsoft_AntiSpam_Ext...
08.01 03:08
hacrvidth vibev.exe
08.01 02:08
vhcrvdh iobv.exe
08.01 02:08
faultrep2.dll
08.01 02:08
faultrep.dll
08.01 02:08
MichelinNight.lnk
08.01 02:08
【算法工程师】李子豪.lnk
08.01 11:08
random.exe
08.01 11:08
dz.js

Latest News
08.02 01:08
Company Paid Record-Br...
08.02 01:08
Meta's PromptGuard Mod...
08.02 01:08
8 Essential Considerat...
08.02 01:08
One Does Not Simply … ...
08.02 01:08
Cyber A.I. Group Annou...
08.02 01:08
Top 6 Cloud Computing ...
08.02 01:08
US Voters Reminded Tha...
08.02 01:08
Mozilla Follows Google...
08.02 01:08
Black Hat USA 2024, BS...
08.02 01:08
Qual a diferença entre...

Dropped Files | ZeroBOX

Name	7676e145db131128_12067421.od Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\12067421.od
Size	134.0B
Processes	2836 (EXCEL.EXE)
Type	ASCII text, with CRLF line terminators
MD5	`4bac14773d3d4b4db362e756ba9f4ad7`
SHA1	`4ebcf19cff33a180ba6c48404eccc1fd652689a2`
SHA256	`7676e145db13112898d78590c18301d74f67718bec54969b4a7dbe77ab082e22`
CRC32	`5FE87673`
ssdeep	`3:OFrpRCMKLovyafNREalYEC9WoIk5zAajEY5RcdBjjSUvv:OKMKcaaYal9oIkkY5KZSQv`
Yara	None matched
VirusTotal	Search for analysis

Name	e398e62b98856cea_roaming.lnk Submit file
Filepath	C:\Users\test22\AppData\Roaming\Microsoft\Office\Recent\Roaming.LNK
Size	543.0B
Processes	2836 (EXCEL.EXE)
Type	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Directory, ctime=Wed Jan 31 20:32:29 2018, mtime=Wed May 8 17:00:15 2024, atime=Wed May 8 17:00:15 2024, length=4096, window=hide
MD5	`61fd6de34734223db4d004bac79eab6e`
SHA1	`f9f4db3a0fdbcd33c7c281166fcdd2a7342e3414`
SHA256	`e398e62b98856ceaf09209b21e3868d4f6a36c3c984178d4cfde4654de36ae20`
CRC32	`15423F52`
ssdeep	`6:4xtQlnE2xh4cvYoHCcJ7QA88EvSPUEtl6kh2oAzet9DSPtJYlClsl6l/cRCdTQpM:8J6h4cZCrR8EvSEmnSLHizCCOLAOZ`
Yara	lnk_file_format - Microsoft Windows Shortcut File Format Lnk_Format_Zero - LNK Format
VirusTotal	Search for analysis

Name	7c797bc3c700354b_xd.bat Submit file
Filepath	C:\Users\test22\AppData\Roaming\xD.bat
Size	65.1KB
Processes	2668 (powershell.exe)
Type	DOS batch file, ASCII text, with very long lines, with CRLF line terminators
MD5	`2e34e0ab9244719305821c38fe213c37`
SHA1	`9cb80851613191b21ebc40ad985b47fa68d8774c`
SHA256	`7c797bc3c700354b531d7b0aa4fbcfe6f3221e580d398037cb4ac8f632a9743c`
CRC32	`69F92E33`
ssdeep	`1536:dJJD1eHAwt3VtHZh/YIkdmwahCqtPlnHROQbXC1B2qv:i3VtHZhgIWmwahCqVx0QbXk2qv`
Yara	None matched
VirusTotal	Search for analysis

Name	ca462279a1a8ca19_index.dat Submit file
Filepath	C:\Users\test22\AppData\Roaming\Microsoft\Office\Recent\index.dat
Size	67.0B
Processes	2836 (EXCEL.EXE)
Type	ASCII text, with CRLF line terminators
MD5	`d544cebc001acdfaac6b13c6394bdd66`
SHA1	`ff3af6492f99041dccc4c9b9e9313bf09bd83c37`
SHA256	`ca462279a1a8ca194cfa29b039387b3d8abec656cd18de4c52357a5d39c3a4cb`
CRC32	`31892D08`
ssdeep	`3:bDuMJlvfx2AlmxWbJAprXCv:bCkJ2AZWI`
Yara	None matched
VirusTotal	Search for analysis

Name	338c7d5017318e58_roaming.lnk Submit file
Filepath	C:\Users\test22\AppData\Roaming\Microsoft\Windows\Recent\Roaming.lnk
Size	583.0B
Processes	1452 (explorer.exe)
Type	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Directory, ctime=Wed Jan 31 20:32:29 2018, mtime=Wed May 8 17:00:15 2024, atime=Wed May 8 17:00:15 2024, length=4096, window=hide
MD5	`47cb7883a5ed497bfc7b483ba56a3ffb`
SHA1	`3a0133bc97f95b3efd917b23ee182bdb80b0507a`
SHA256	`338c7d5017318e587b71ba086e9193927bccb8e0cc176699c87389f4721c03e8`
CRC32	`0FDDB7B4`
ssdeep	`6:4xtQlo52xh4cvYoHCcJ7QA88EvSPUEtl6kh2oAzet9DSPtJYlClsl6l/cRCdTQpN:8p6h4cZCrR8EvSEmnSLHizCCOLAwgZ`
Yara	lnk_file_format - Microsoft Windows Shortcut File Format Lnk_Format_Zero - LNK Format
VirusTotal	Search for analysis

Name	b0bd8bd8e1fa4212_111.xlsx.lnk Submit file
Filepath	C:\Users\test22\AppData\Roaming\Microsoft\Office\Recent\111.xlsx.LNK
Size	656.0B
Processes	2836 (EXCEL.EXE)
Type	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Wed May 8 17:00:13 2024, mtime=Wed May 8 17:00:13 2024, atime=Wed May 8 17:00:13 2024, length=9893, window=hide
MD5	`fa3918b05c7e93ff22acbf3b0adf9c62`
SHA1	`74426b8e6e5947a719ce1c3a79560337b35916ea`
SHA256	`b0bd8bd8e1fa42126fe31dae21d447eaa6e83dac48662bd14ff1d68be60f52b3`
CRC32	`C23A8D13`
ssdeep	`12:8D0S40u4cZCrR8EvSEBT8SLaJ6mL4sEizCCOLAHszXGdhN:8D0SnsERdDRS6AzNCs`
Yara	lnk_file_format - Microsoft Windows Shortcut File Format Lnk_Format_Zero - LNK Format
VirusTotal	Search for analysis

Name	b7c225ef3cc3e875_d93f411851d7c929.customDestinations-ms~RFb83123.TMP Submit file
Filepath	C:\Users\test22\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d93f411851d7c929.customDestinations-ms~RFb83123.TMP
Size	7.8KB
Processes	2668 (powershell.exe) 2164 (powershell.exe)
Type	data
MD5	`81ca4510272caf505e8091e9a28cb716`
SHA1	`71414aeec9f1e4a6f5a461b01700cc9cc992cd9e`
SHA256	`b7c225ef3cc3e87506150eb140e7b9cc127a3469c50a808854acac71a53d98bf`
CRC32	`FC31E90F`
ssdeep	`96:EtuCcBGCPDXBqvsqvJCwoRtuCcBGCPDXBqvsEHyqvJCwor/47HwxGlUVul:EtCgXoRtCgbHnorLxY`
Yara	Antivirus - Contains references to security software Generic_Malware_Zero - Generic Malware
VirusTotal	Search for analysis

Name	747bf685899e0bbf_111.xlsx Submit file
Filepath	C:\Users\test22\AppData\Roaming\111.xlsx
Size	9.7KB
Processes	2668 (powershell.exe)
Type	Microsoft Excel 2007+
MD5	`2fcb44fec69b55b563a6775e80af236f`
SHA1	`0760e76af9cc235cae320fcf0f55f360566fcdf2`
SHA256	`747bf685899e0bbf7c07df71cb57c175ab93ab386f7b514e4e6b8f0cbbaff0d2`
CRC32	`6567ECD1`
ssdeep	`192:wc8mVDoK1rb3UHi+sfyp/2HbdF53S2UMuAtO6zhoFp+:wc3td3ai+b1IJ3dUst5zg8`
Yara	zip_file_format - ZIP file format
VirusTotal	Search for analysis