Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
11.20 09:11
mainbas.bat
11.20 09:11
dll007.dll
11.20 09:11
exe004.exe
11.20 09:11
exe010.exe
11.20 09:11
blecher.exe
11.20 09:11
GetAdapterInfo.exe
11.20 09:11
dll004.dll
11.20 09:11
dll008.dll
11.20 09:11
bestthingsalwaysgetbes...
11.20 09:11
DKM-9067291.pdf.lnk

Latest News
11.20 09:11
Malicious QR codes
11.20 09:11
Vista Said to Near Log...
11.20 09:11
Microsoft Launches Win...
11.20 09:11
Enhancing Cyber Resili...
11.20 09:11
VCs Look to Secondary ...
11.20 09:11
An Animated Walkthroug...
11.20 08:11
Apple, Oracle, and Apa...
11.20 08:11
NHIs Are the Future of...
11.20 08:11
Hasbro’s Gamer CEO Ref...
11.20 08:11
Threat Assessment: Ign...

Dropped Files | ZeroBOX

Name	4826c0d860af884d_~wrs{cfdf0929-8a37-4ff3-824f-27e5b783f355}.tmp Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{CFDF0929-8A37-4FF3-824F-27E5B783F355}.tmp
Size	1.0KB
Processes	800 (WINWORD.EXE)
Type	data
MD5	`5d4d94ee7e06bbb0af9584119797b23a`
SHA1	`dbb111419c704f116efa8e72471dd83e86e49677`
SHA256	`4826c0d860af884d3343ca6460b0006a7a2ce7dbccc4d743208585d997cc5fd1`
CRC32	`23C03491`
ssdeep	`3:ol3lYdn:4Wn`
Yara	None matched
VirusTotal	Search for analysis

Name	40acf81568f6ffb8_~wrs{06419f29-4f15-4cba-84b2-39bba6364de8}.tmp Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{06419F29-4F15-4CBA-84B2-39BBA6364DE8}.tmp
Size	341.5KB
Processes	800 (WINWORD.EXE)
Type	data
MD5	`6c40723fc1e94256bd2ef79c944f0ff3`
SHA1	`bcac7c2ce236e7c7d89c11a049d47a48c26859d5`
SHA256	`40acf81568f6ffb87a7bc0c27af8e8dc18b97115d1ebf0b87dd18b5821ca18b0`
CRC32	`8062274A`
ssdeep	`6144:SyemryemryemryemryemryemryemryemryemryemryemryemryemryemryemryeF:t`
Yara	None matched
VirusTotal	Search for analysis

Name	bf25a4e88ee1a599_~$torious.doc Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\~$torious.doc
Size	162.0B
Processes	800 (WINWORD.EXE)
Type	data
MD5	`653322e56dfb34fb9350a7a19b507e32`
SHA1	`c91a407d2cd76b50c73b4ebcda151aa83a535aea`
SHA256	`bf25a4e88ee1a5992acbc552920bbc6cdb4459ee50e1aa4e2262615ade36d857`
CRC32	`9D4E1214`
ssdeep	`3:yW2lWRdXWoW6L7IdK7Y6/iItaDKa+lt:y1lWTWoWmQK7Y6/BaDKBX`
Yara	None matched
VirusTotal	Search for analysis

Name	799ab6778c31b844_~wrs{ff68435a-77db-4912-83b1-a5f55c3dcd98}.tmp Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{FF68435A-77DB-4912-83B1-A5F55C3DCD98}.tmp
Size	1.5KB
Processes	800 (WINWORD.EXE)
Type	data
MD5	`1422e711b200c9856c3dcc16858fefb9`
SHA1	`50573d1cffe163a56c7223101ca7209d8bcac9d7`
SHA256	`799ab6778c31b844812b5e8febf537f5c2d6cb8936e7124619f22fe50e9e46da`
CRC32	`30CD70BB`
ssdeep	`6:IiiiiiiiiiI4/9+Qc8++lPkalT4Mu8lPloBl/6xJ/:W49+QG+3/rxJ/`
Yara	None matched
VirusTotal	Search for analysis

Name	a8bfa624ad8fe105_~$normal.dotm Submit file
Filepath	C:\Users\test22\AppData\Roaming\Microsoft\Templates\~$Normal.dotm
Size	162.0B
Processes	800 (WINWORD.EXE)
Type	data
MD5	`e651226824e3f483afdde579fbf21d5c`
SHA1	`9571750daf350bfcbff175283ca3ef9faab2e03a`
SHA256	`a8bfa624ad8fe105853169ec416f94effeccc536303898fc293a4e7dc4ed9e7c`
CRC32	`F115BC33`
ssdeep	`3:yW2lWRdXWoW6L7IdK7Y6/iItaDKaRttln:y1lWTWoWmQK7Y6/BaDKoXn`
Yara	None matched
VirusTotal	Search for analysis