Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
11.13 04:11
hello.exe
11.13 03:11
espsemhvcioff.exe
11.13 02:11
Geek_se.exe
11.13 02:11
cred64.dll
11.13 02:11
svhost.exe
11.13 02:11
nb.exe
11.13 02:11
svcyr.exe
11.13 02:11
Ghost_1.5.11.5.exe
11.13 02:11
PowderGpl.exe
11.13 02:11
goodlabel%E6%89%93%E5%...

Latest News
11.14 04:11
Drupal security adviso...
11.14 04:11
Blizzard Brings Back O...
11.14 04:11
GitLab security adviso...
11.14 03:11
Amazon Labor Ruling Ou...
11.14 03:11
PG&amp;E Project A...
11.14 03:11
China’s Trump Cards fo...
11.14 03:11
CVE-2024-43451: A New ...
11.14 03:11
Making Sense of Real-T...
11.14 03:11
Zero-day vulnerability...
11.14 03:11
US indicts alleged Sno...

Dropped Files | ZeroBOX

Name	81e22339fd52a4b2_senarius.txt Submit file
Filepath	C:\Users\test22\AppData\Roaming\frafrendes\stjmaaling\oundy\senarius.txt
Size	452.0B
Processes	3000 (RFQ7834599403 0037JH864_Rev001.com)
Type	ASCII text, with very long lines, with CRLF line terminators
MD5	`c1bed2ebf9d34168b27214ae9a374f51`
SHA1	`9faa22813d1cec2f7c8378637f101a2379c6c572`
SHA256	`81e22339fd52a4b22062a1bbcc8fb25bfd26945d95bff2dadf79689cc5257743`
CRC32	`FF74CE7C`
ssdeep	`12:ORMByoZ8jXzkXhCHxhyV6rxwKenMJUAZtMg:OWyoZ8KIyoWKenMJZHz`
Yara	None matched
VirusTotal	Search for analysis

Name	38d8db56d1e2a1ad_australorp.frm Submit file
Filepath	C:\Users\test22\AppData\Roaming\frafrendes\stjmaaling\Australorp.Frm
Size	303.8KB
Processes	3000 (RFQ7834599403 0037JH864_Rev001.com)
Type	data
MD5	`330795fc29daaadf94092f9d5706fdc5`
SHA1	`792b1c5a08eb324f021d11007bc1e33b0f129651`
SHA256	`38d8db56d1e2a1ad7a53bd56631f25f9aeb3845746b66a32a8a43c6bca3a195e`
CRC32	`EFE9F207`
ssdeep	`6144:AsuBVct0zV8eHg0DtnZdfXw5UfSoLtP5W1J3PrVNDPBlWyJFhvR:Z2VXHgOZd/gUJ5P5W1J3PrVNLBNnhvR`
Yara	None matched
VirusTotal	Search for analysis

Name	e3b0c44298fc1c14_nsd2797.tmp Empty file or file not found
Filepath	C:\Users\test22\AppData\Local\Temp\nsd2797.tmp
Size	0.0B
Type	empty
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
CRC32	`00000000`
ssdeep	`3::`
Yara	None matched
VirusTotal	Search for analysis

Name	90238aaed26f9ffb_potamogetonaceae.opl Submit file
Filepath	C:\Users\test22\AppData\Roaming\frafrendes\stjmaaling\oundy\potamogetonaceae.opl
Size	5.3KB
Processes	3000 (RFQ7834599403 0037JH864_Rev001.com)
Type	data
MD5	`983c5d5c983222485ce8b632ef38f24f`
SHA1	`49b520e5b1a231fa3b496cbf11dc6983accdf3ef`
SHA256	`90238aaed26f9ffb157d84842df779bb178395a6dcbaea5a0a7fc3bdfd2f5c8b`
CRC32	`6265B885`
ssdeep	`96:0bHqDUBfoPmovTbMGYugsY0evjAQ+3exi4yD0y4AEYMpdpgoLQIkwkCDe3fRSAuX:gtBQPNjgsYnMQYexNyDbt47kikCC3QrX`
Yara	None matched
VirusTotal	Search for analysis

Name	7b6c9910ef52c323_engraffing.sem Submit file
Filepath	C:\Users\test22\AppData\Roaming\frafrendes\stjmaaling\Engraffing.sem
Size	6.2KB
Processes	3000 (RFQ7834599403 0037JH864_Rev001.com)
Type	data
MD5	`d29384664c5e387ab69419b0c63459e4`
SHA1	`d2b4bee5e2e2f43160d8ebb043791839b3a00cff`
SHA256	`7b6c9910ef52c3230e849b5bc001466b2ac859d1a28fe721ca7fb13f4f1a333a`
CRC32	`CFF308C2`
ssdeep	`96:Rsc/EKcZ1kCbS5F0L9kk+ySSWmAEvWInNUJLG1w/PunwgFV2srSO:Rs6EZPSb0Ln+ySSW7KiSV2srh`
Yara	None matched
VirusTotal	Search for analysis

Name	b742777f2bcd8f4a_deadlocking.oug Submit file
Filepath	C:\Users\test22\AppData\Roaming\frafrendes\stjmaaling\Deadlocking.Oug
Size	76.1KB
Processes	3000 (RFQ7834599403 0037JH864_Rev001.com)
Type	ASCII text, with very long lines, with no line terminators
MD5	`21b2b40d7f08e2632ed393b9b1077968`
SHA1	`098ff7eb5c046bbe3a81c5d1afe682c05f6b47e1`
SHA256	`b742777f2bcd8f4ad10725f94449084fa97e175acc25d144ed06c7fa49f931bd`
CRC32	`80235436`
ssdeep	`1536:UZJ9CR+YL2sOZccYuSTY7GdmgXePznV7wCsgr/:Uz94+6eOs0Y7GdmgXZ7I`
Yara	None matched
VirusTotal	Search for analysis

Name	b54ddec0043e57c2_basiparachromatin.pol Submit file
Filepath	C:\Users\test22\AppData\Roaming\frafrendes\stjmaaling\basiparachromatin.pol
Size	1.2KB
Processes	3000 (RFQ7834599403 0037JH864_Rev001.com)
Type	data
MD5	`0bfc1ae85cced4c87360317d11f54d6d`
SHA1	`4c39d3522ae14acebb6f689799f59979bd595ab5`
SHA256	`b54ddec0043e57c2c6e3a099663df23496da4563ba8b8081c9a8ba9a862770f8`
CRC32	`9764DC86`
ssdeep	`24:2tj/OqKS3NmVtlU8Q50dSfL1UYKLT2igDeRu9uVmKPLIXLMxlD7faqu:2tiqKS3NuBdSfL1UYKLT7gD7uJyLWl/k`
Yara	None matched
VirusTotal	Search for analysis

Name	a9b1dc8eaa5fcd00_d93f411851d7c929.customdestinations-ms Submit file
Filepath	c:\users\test22\appdata\roaming\microsoft\windows\recent\customdestinations\d93f411851d7c929.customdestinations-ms
Size	7.8KB
Processes	904 (powershell.exe)
Type	data
MD5	`c1d8708bab1e838a2deda26d58bb8d42`
SHA1	`95d39e75a804752961c139bb6c0b67f84f685035`
SHA256	`a9b1dc8eaa5fcd0034694cf9742ae915a5932142a1477c3ab6fada45d98750b2`
CRC32	`E71AF2A2`
ssdeep	`96:QtuC6GCPDXBqvsqvJCwoFtuC6GCPDXBqvsEHyqvJCworFS7HwxWlUVul:QtbXoFtbbHnor/xo`
Yara	Antivirus - Contains references to security software Generic_Malware_Zero - Generic Malware
VirusTotal	Search for analysis