popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 293c6e73f5c674e3_gydchkl3.txt
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Cookies\GYDCHKL3.txt
Size 129.0B
Processes 2168 (iexplore.exe)
Type ASCII text
MD5 15e20e31acc15b8a5cef87d9fc6b16e1
SHA1 ce732ec47897ee7b99abe160a8d6614db12aa3f0
SHA256 293c6e73f5c674e32c743c84c9642c6890f1cc2eedcf619a65843c9f743b6ad8
CRC32 6B8BA2CA
ssdeep 3:LDM8vUmlCLv5N4fG/SJpeWJ3uJcSMPRAADW/YTjUsPv:Lg+ZlEv//wb+SVPFKYv
Yara None matched
VirusTotal Search for analysis
Name 0b2b2d404cb30cef_{c2744778-1b56-11ef-91c7-080027c2f7b0}.dat
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{C2744778-1B56-11EF-91C7-080027C2F7B0}.dat
Size 9.5KB
Processes 2068 (iexplore.exe)
Type Composite Document File V2 Document, Cannot read section info
MD5 285bc09eef6afef3e80ad4b81792e729
SHA1 ee5817725334487f2485e29a1916967b671a8705
SHA256 0b2b2d404cb30cef1f4707d3593337714e2137cb58a6dc0f703457672cefa6f5
CRC32 1A4D091C
ssdeep 192:z3HwsFdFEd3YFdFuG3HywsFdFz3HwsFdFt3HwsFdF73HwsFdFulfs3HwsFdFn:UidFEIdFu0idFUidFWidFMidFSidF
Yara
  • Microsoft_Office_File_Zero - Microsoft Office File
VirusTotal Search for analysis
Name ef6d5447e277d8b6_accounts_google_com[1].htm
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\accounts_google_com[1].htm
Size 302.0B
Processes 2168 (iexplore.exe)
Type gzip compressed data
MD5 c208adf0e15bbfec15d082fb1ea5b051
SHA1 cd18acfd24077314c2c3b40416b30b7d9e440096
SHA256 ef6d5447e277d8b6a7bc662fb37af5c9f5e8e2da02200a0a91c6e1dbba7ce423
CRC32 62954D66
ssdeep 6:XtLpZF0oTUaApZF0oTUIBi8X4U4ZGQsPHmQjQi02tsibb8klBdCYQwEn:X1zF0OkzF0OHChZGHPGZX2tsibb1un
Yara None matched
VirusTotal Search for analysis
Name 6de598428c334097_IE9CompatViewList[1].xml
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BYECVYBT\IE9CompatViewList[1].xml
Size 141.7KB
Type XML 1.0 document, ASCII text, with CRLF line terminators
MD5 c236e316e1b9ac60ce15dac7bcb8b2de
SHA1 1e240ed5f7cbc3dc8cd2397c7151a0d7e5f173c2
SHA256 6de598428c334097a21eb2dd5963c190fc5f80a6289bce205ded0466393745a4
CRC32 8B345ADA
ssdeep 3072:toSMrEDL1FwhdFFaz6l8vHG+TbFPAzepobjyG7I1K1IB2+Tir8v1IG9aIedyPcFC:mSMrEDL1FwhdFFaz6l8vHG+TbFPAzepR
Yara None matched
VirusTotal Search for analysis
Name 079764fdae072b78_recoverystore.{c2744777-1b56-11ef-91c7-080027c2f7b0}.dat
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{C2744777-1B56-11EF-91C7-080027C2F7B0}.dat
Size 4.5KB
Processes 2068 (iexplore.exe)
Type Composite Document File V2 Document, Cannot read section info
MD5 174dba7f45df376f02f8a6062881c902
SHA1 661fd8ec32de038798e0821e1f27678b2a113999
SHA256 079764fdae072b783ef09c97e0ab465176b38e8de01ab0624d561d631177f865
CRC32 B24464E5
ssdeep 12:rlfF2ySorEg5+IaCrI0F7+F27rEg5+IaCrI0F7ugQNlTqbaxvJ8NyNlTqbaxvJMf:rqySo5/175/3QNlWeJ8NyNlWeJMNHN
Yara
  • Microsoft_Office_File_Zero - Microsoft Office File
VirusTotal Search for analysis