Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
11.20 09:11
mainbas.bat
11.20 09:11
dll007.dll
11.20 09:11
exe004.exe
11.20 09:11
exe010.exe
11.20 09:11
blecher.exe
11.20 09:11
GetAdapterInfo.exe
11.20 09:11
dll004.dll
11.20 09:11
dll008.dll
11.20 09:11
bestthingsalwaysgetbes...
11.20 09:11
DKM-9067291.pdf.lnk

Latest News
11.20 10:11
Strengthening Supply C...
11.20 10:11
Strengthening Supply C...
11.20 10:11
AI Boom Turns Power Fi...
11.20 10:11
Lazard to Advise GoCar...
11.20 09:11
Malicious QR codes
11.20 09:11
Vista Said to Near Log...
11.20 09:11
Microsoft Launches Win...
11.20 09:11
Enhancing Cyber Resili...
11.20 09:11
VCs Look to Secondary ...
11.20 09:11
An Animated Walkthroug...

Dropped Files | ZeroBOX

Name	55b240f624726b7c_tmp7058.tmp.bat Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\tmp7058.tmp.bat
Size	158.0B
Processes	2684 (Task.exe) 1484 (cmd.exe)
Type	DOS batch file, ASCII text, with CRLF line terminators
MD5	`f46f21f519a1445d3bca4d2715822b21`
SHA1	`63ef1f6b15e0388f4dc34d0306d8df0368f45408`
SHA256	`55b240f624726b7ccf9a8e6368ee37242dd7177b25c2d53d08a8c40ab6b101cf`
CRC32	`4CEF9991`
ssdeep	`3:mKDDCMNuwGv3DmWxpcL4E2J5xAIJxEWJrDwU1hGDmWxpcL4E2J5xAInTRI4VjZPy:hWKuZLmQpcLJ23fJvDNemQpcLJ23fTZK`
Yara	None matched
VirusTotal	Search for analysis

Name	8a9832bcf7f9865c_task service manager.exe Submit file
Filepath	C:\ProgramData\Task Service Manager\Task Service Manager.exe
Size	128.0MB
Processes	2684 (Task.exe)
Type	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5	`561cb31bd28b01c86582977f347e7b41`
SHA1	`3bade018d149900f5b8e3d3d169f35b27ee3c936`
SHA256	`47627fd0877f072b3f206aa9da01de43ece02f6335a983cac1bb90c9fbda8f1d`
CRC32	`415DB60C`
ssdeep	`3145728:NWIit5N7Hx0hAyqiftT38SRXW4xOeMcPSVzpNY2+i/7UN:NsNmht/ftT38N4cR8Se2+5N`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature Is_DotNET_EXE - (no description) IsPE32 - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	9e6e4772050998a5_readme.txt Submit file
Filepath	C:\Users\test22\Desktop\readme.txt
Size	10.0B
Processes	2088 (Task Service Manager.exe)
Type	ASCII text, with no line terminators
MD5	`eb6b6c90251ab33cee784713c451e6d8`
SHA1	`451685e9efac4a6dc1fee73ec53ffb6b2c4c38b5`
SHA256	`9e6e4772050998a5c0dc3c61acf3dab0a7e594566171fa5746d6b62f9598efb6`
CRC32	`22598B08`
ssdeep	`3:IS:7`
Yara	None matched
VirusTotal	Search for analysis

Name	b7c225ef3cc3e875_d93f411851d7c929.customdestinations-ms Submit file
Filepath	c:\users\test22\appdata\roaming\microsoft\windows\recent\customdestinations\d93f411851d7c929.customdestinations-ms
Size	7.8KB
Processes	2628 (powershell.exe)
Type	data
MD5	`81ca4510272caf505e8091e9a28cb716`
SHA1	`71414aeec9f1e4a6f5a461b01700cc9cc992cd9e`
SHA256	`b7c225ef3cc3e87506150eb140e7b9cc127a3469c50a808854acac71a53d98bf`
CRC32	`FC31E90F`
ssdeep	`96:EtuCcBGCPDXBqvsqvJCwoRtuCcBGCPDXBqvsEHyqvJCwor/47HwxGlUVul:EtCgXoRtCgbHnorLxY`
Yara	Antivirus - Contains references to security software Generic_Malware_Zero - Generic Malware
VirusTotal	Search for analysis

Name	c3807b7b8e0e9860_Task.exe Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Task.exe
Size	789.0KB
Processes	2560 (SetupTools.exe) 1484 (cmd.exe)
Type	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5	`2f71ba0e92946f2842ae290bce86bd4a`
SHA1	`5d24a6509786e988afa812535e7f15f348c39835`
SHA256	`c3807b7b8e0e986067a05bef5805d1602481f30bc71efb54d0cbf1df1c421f6c`
CRC32	`97437C51`
ssdeep	`12288:m2QRXDD1yed0fsU4GSWgOvPESGj4s32xEdRCShkplGIgjJKxd+cYoPSAqF9Bx:m2Q9NXw2/wPOjdGxYRrN9B`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature Is_DotNET_EXE - (no description) IsPE32 - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis