popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 8a55c5d46b06d932_OPptxvH3LxIRx2zpv9qua9n.zip
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\OPptxvH3LxIRx2zpv9qua9n.zip
Size 1.7KB
Processes 2564 (kano.exe)
Type Zip archive data, at least v2.0 to extract
MD5 3d578401f7382f86d70012923eb0ba04
SHA1 2cce8f77fb41cf656a977fc0aeac961de1def0ce
SHA256 8a55c5d46b06d932a205549d616296eab808c2ae14c76bba8c1c99f3e830c610
CRC32 74D98AB3
ssdeep 48:9Rb8Wy18mWnGFxZ9mkb+Jcwoen3KJ6X53w:3m18PGFxZkz3KJ6g
Yara
  • zip_file_format - ZIP file format
VirusTotal Search for analysis
Name 4993311fc913771a_passwords.txt
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\trixyxcstim1SavAD\passwords.txt
Size 4.8KB
Processes 2564 (kano.exe)
Type UTF-8 Unicode text, with CRLF, LF line terminators
MD5 b3e9d0e1b8207aa74cb8812baaf52eae
SHA1 a2dce0fb6b0bbc955a1e72ef3d87cadcc6e3cc6b
SHA256 4993311fc913771acb526bb5ef73682eda69cd31ac14d25502e7bda578ffa37c
CRC32 FDAE46B8
ssdeep 48:4MMMMMMMMMMdMMMM1MMMMMMMM1MMMMMMMM1MMMMMMMM1MMMMMMMMMMdMMMMMMMM3:q
Yara None matched
VirusTotal Search for analysis
Name 9a8ea0e2df7554c5_qyWdpaTa_n1tWeb Data
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\spanxcstim1SavAD\qyWdpaTa_n1tWeb Data
Size 72.0KB
Type SQLite 3.x database, last written using SQLite version 3021000
MD5 0539a773e44d21a84fd97fee0dffd4a3
SHA1 5904058c20aad54c552edc57826babd36ab61149
SHA256 9a8ea0e2df7554c57fb4ee6a8a12782f5a2474a3e4c23dc61e4768631dc4eb9f
CRC32 964BC0B2
ssdeep 96:P0CWo3dOOctAYyY9MsH738Hsa/NTIdE8uKIaPdUDFBlrrVY/qBOnx4yWTJereWbY:PXt769TYndTJMb3j0
Yara None matched
VirusTotal Search for analysis
Name 1f67cc5361fff9ed_information.txt
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\trixyxcstim1SavAD\information.txt
Size 2.9KB
Processes 2564 (kano.exe)
Type ASCII text, with CRLF, LF line terminators
MD5 9f496ac291e67ad7cafcd33a00530c63
SHA1 6b0f5c5a5d2bd7d488a96dc117cfdf89f6528381
SHA256 1f67cc5361fff9ed252b1ab0e565ace064985f0cec3a374bd33678bac9ec13f0
CRC32 7A0931CE
ssdeep 48:xAe7btaFcnqAmFdSO704cydMtffVPh3RxoGE+ruTBAT+iaGaHa/m0+WRhatp++C2:xAArKF91BmtfNP/EpTabIuatp+9Mdjwk
Yara None matched
VirusTotal Search for analysis
Name 16187ff9b5096b21_D87fZN3R3jFeplaces.sqlite
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\spanxcstim1SavAD\D87fZN3R3jFeplaces.sqlite
Size 5.0MB
Type SQLite 3.x database, user version 69, last written using SQLite version 3038003
MD5 837705c24eaa032145b6f82119af4eea
SHA1 7d38a13b37105ef0f6c24c585de581949616f32c
SHA256 16187ff9b5096b217d405d1492c115a096f8d63d72befbf5851e19b61581f857
CRC32 8BF87D31
ssdeep 192:StsqHQnwkYjcoBMc+uK6ik4QtjJz3ig48pp0:StsbwVTBMc+uK6ikPpJz3E8
Yara None matched
VirusTotal Search for analysis
Name 67b8c58fb7c07f1a_f59e91f8
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\F59E91F8
Size 14.0B
Processes 2564 (kano.exe)
Type data
MD5 e969ccf3651663e7f494683d7be5c024
SHA1 bb0e1ded92dd6eebe74cd39120735ec47b213f1a
SHA256 67b8c58fb7c07f1a4a38c3ecb31b3b16240ddb12baacc8e53ca1539cc7f93ad1
CRC32 56A73CAE
ssdeep 3:Xzqrjn:XzQjn
Yara None matched
VirusTotal Search for analysis
Name 512e4e95427a8c66_Y7dBSMp5iZ96Cookies
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\spanxcstim1SavAD\Y7dBSMp5iZ96Cookies
Size 36.0KB
Type SQLite 3.x database, last written using SQLite version 3021000
MD5 f4c540f52d5c08d24a79805eda1d7abf
SHA1 22be46826df7693f58736adb232ab2da790f2571
SHA256 512e4e95427a8c66b2993b27bb23d99cdab2ebd6e9e8937c7f6a39ed8c6a5b94
CRC32 95C9FB3A
ssdeep 24:TLmg/5UcJOyTGVZTPaFpEvg3obNmCFk6Uwcc85fB34444z:T5/ecVTgPOpEveoJZFrU1cQB34444z
Yara None matched
VirusTotal Search for analysis
Name 5ee454eb05fcbbc0_xGdLBm0d0m3THistory
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\spanxcstim1SavAD\xGdLBm0d0m3THistory
Size 120.0KB
Type SQLite 3.x database, last written using SQLite version 3021000
MD5 64202674f6acaafa94c3390b0cc720b9
SHA1 38c8537feccfaabb095805d290af69272aeb32f1
SHA256 5ee454eb05fcbbc0ac1ff5662ba2be1f22688ddb97d3cc357d4da5cff5b5e5e9
CRC32 3685166F
ssdeep 48:TGjDU66tTKfxNPp+suktLReRK+NaUvdWSZ00LTL0drQHHp7C5fVcS2+VANUXq6uG:BeJQpWSZ00LTL0QCbc0VANPjwQU+
Yara None matched
VirusTotal Search for analysis
Name 03c910440774c750_rage131mp.tmp
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\rage131MP.tmp
Size 13.0B
Processes 2564 (kano.exe)
Type ASCII text, with no line terminators
MD5 e7a0a5de32302f0f4317e60512865684
SHA1 a01611c663602776b43a0314e12a3aa147e8a526
SHA256 03c910440774c750743ad363580700796ac3293784392e1c17171a238332d624
CRC32 238A555A
ssdeep 3:LotVbn:cbn
Yara None matched
VirusTotal Search for analysis
Name 0b8607fdf72f3e65_02zdBXl47cvzcookies.sqlite
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\spanxcstim1SavAD\02zdBXl47cvzcookies.sqlite
Size 96.0KB
Type SQLite 3.x database, user version 12, last written using SQLite version 3038003
MD5 d367ddfda80fdcf578726bc3b0bc3e3c
SHA1 23fcd5e4e0e5e296bee7e5224a8404ecd92cf671
SHA256 0b8607fdf72f3e651a2a8b0ac7be171b4cb44909d76bb8d6c47393b8ea3d84a0
CRC32 842B3569
ssdeep 12:DQAwfWk73Fmdmc/OPVJXfPNn43etRRfYR5O8atLqxeYaNcDakMG/lO:DQAwff32mNVpP965Ra8KN0MG/lO
Yara None matched
VirusTotal Search for analysis
Name bbc59eb43822e646_yrIr2y6C9g8ALogin Data
Submit file
Filepath C:\Users\test22\AppData\Local\Temp\spanxcstim1SavAD\yrIr2y6C9g8ALogin Data
Size 18.0KB
Type SQLite 3.x database, last written using SQLite version 3021000
MD5 53ea322f91d6f0de8448b68583284d22
SHA1 b6c835867fbf7e432b834f7366eb0407f3eebbfa
SHA256 bbc59eb43822e64660cc4ccbca37d6dc016eaa9b85b2c6f5b40826bb03188b34
CRC32 CA013001
ssdeep 24:LLY10KL7G0TMJHUyyJtmCm0XKY6lOKQAE9V8MffD4fOzeCmly6Uwc6ocW:4z+JH3yJUheCVE9V8MX0PFlNU12W
Yara None matched
VirusTotal Search for analysis