Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
05.02 09:05
main.exe
05.02 09:05
pkbc.exe
05.02 09:05
knfl.exe
05.02 09:05
test2.ps1
05.02 09:05
pupa.pdf.lnk
05.02 09:05
ssasr.dll
05.02 08:05
가상자산 관련 외부평가위원 위촉 안내.h...
05.02 06:05
anchor.html
05.02 06:05
anchor.html
05.02 04:05
Synaptics.exe

Latest News
05.02 09:05
Top NSC official wants...
05.02 09:05
OpenAI Can’t Fend Off ...
05.02 09:05
Update: xorsearch.py V...
05.02 09:05
Ukrainian extradited t...
05.02 09:05
행텐, ‘애프터러닝’ 캠페인 통해 러닝 ...
05.02 09:05
핏포유, '유기농 데일리 레몬수' 전국 ...
05.02 09:05
아톤, 어린이날 맞아 삼동보이스타운에 창...
05.02 09:05
State-sponsored ‘hackt...
05.02 09:05
RSAC 2025: Top 5 mobil...
05.02 09:05
An identity defenders’...

Dropped Files | ZeroBOX

Name	065d2b17ad499587_1.bat Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\RarSFX0\1.bat
Size	35.0B
Processes	516 (lrthijawd.exe)
Type	DOS batch file, ASCII text, with CRLF line terminators
MD5	`ff59d999beb970447667695ce3273f75`
SHA1	`316fa09f467ba90ac34a054daf2e92e6e2854ff8`
SHA256	`065d2b17ad499587dc9de7ee9ecda4938b45da1df388bc72e6627dff220f64d2`
CRC32	`4B410F4B`
ssdeep	`3:mKDDFRK58FoXMMH:h08Foc2`
Yara	None matched
VirusTotal	Search for analysis

Name	fd27eac40b0ee39d_svts.job Submit file
Filepath	C:\Windows\Tasks\svts.job
Size	228.0B
Processes	2420 (jergs.exe)
Type	VAX-order 68k Blit mpx/mux executable
MD5	`c8442c70b5dfd2a7bf1afce0add96f70`
SHA1	`635499b328cba6b14501f6b80db1d493eef00e39`
SHA256	`fd27eac40b0ee39d4c79999ce3176dd8a75b464caa715836512b00fb31b665c6`
CRC32	`9FC869FE`
ssdeep	`6:R9ih//My5l+lY4HbhEZUW6cdtiDieFl/P1:LipF+lY4Hb3+eFFt`
Yara	None matched
VirusTotal	Search for analysis

Name	cc5bb638cb34cbd3_jergs.exe Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\RarSFX1\jergs.exe
Size	16.0KB
Processes	2268 (work.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`c661a77c31f83c413a96b5537ad31989`
SHA1	`8a5a47e39a9efa9dc4de447d2ae4cd5e375e3557`
SHA256	`cc5bb638cb34cbd386a906b7708eb62e05e3fc991a20bd060e1d84f722d29ff1`
CRC32	`1AABEE92`
ssdeep	`384:rC+AHNZw/WnlrobdglGbLMoy+yG+yir1dV:r0gklrydgQP1yO67V`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature Malicious_Packer_Zero - Malicious Packer Antivirus - Contains references to security software IsPE32 - (no description) SystemBC_IN - SystemBC
VirusTotal	Search for analysis

Name	e3b0c44298fc1c14___tmp_rar_sfx_access_check_33716234 Empty file or file not found
Filepath	C:\Users\test22\AppData\Local\Temp\RarSFX0\__tmp_rar_sfx_access_check_33716234
Size	0.0B
Type	empty
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
CRC32	`00000000`
ssdeep	`3::`
Yara	None matched
VirusTotal	Search for analysis

Name	9dd8267e66dc584e_work.exe Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\RarSFX0\work.exe
Size	453.9KB
Processes	516 (lrthijawd.exe)
Type	PE32+ executable (GUI) x86-64, for MS Windows
MD5	`405b7fbe8c0ed98620064f0cd80f24c4`
SHA1	`bb9e45038e8a9f7b7cd0db62858ac65c74b74821`
SHA256	`9dd8267e66dc584eecb3bece47e826d3189e41077f4083acdfc9a4f623b9c187`
CRC32	`0011BA24`
ssdeep	`12288:yyveQB/fTHIGaPkKEYzURNAwbAgOT+t1nN:yuDXTIGaPhEYzUzA0bnN`
Yara	IsPE64 - (no description) Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature UPX_Zero - UPX packed file Generic_Malware_Zero - Generic Malware OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis