Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
11.13 04:11
hello.exe
11.13 03:11
espsemhvcioff.exe
11.13 02:11
Geek_se.exe
11.13 02:11
cred64.dll
11.13 02:11
svhost.exe
11.13 02:11
nb.exe
11.13 02:11
svcyr.exe
11.13 02:11
Ghost_1.5.11.5.exe
11.13 02:11
PowderGpl.exe
11.13 02:11
goodlabel%E6%89%93%E5%...

Latest News
11.14 06:11
Сrimeware and financia...
11.14 06:11
Device Intelligence: A...
11.14 06:11
Building a Reproductio...
11.14 06:11
MultiChoice Chief Says...
11.14 06:11
Carlyle-Backed Apex Te...
11.14 05:11
이지서티 심기창 의장, 중소기업 기술·경...
11.14 05:11
POC2024, 전세계 350여 명 해킹...
11.14 05:11
킨텍스, 2024년 마지막 '맘앤베이비엑...
11.14 05:11
heise-Angebot: iX-Work...
11.14 05:11
Cyber-Bedrohungen: Wie...

Dropped Files | ZeroBOX

Name	db0b8be4e98758c6_zxwocp9e7mm[1].png Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\ZXwOcP9E7mM[1].png
Size	13.3KB
Processes	2700 (iexplore.exe)
Type	PNG image data, 301 x 1208, 8-bit colormap, non-interlaced
MD5	`7c62e63d62777b5e3538eb60d53228ac`
SHA1	`272cfde754d30564dfb5195964a05f724dfef761`
SHA256	`db0b8be4e98758c69a9623a8a5d13930c7edcb02c3bc07f3f58294b221f9e7f9`
CRC32	`CCEE42C9`
ssdeep	`192:Ll//bfHjtLCAq9qy3v3QAg46lc5uCS/x6iRI70Bz9pS2ZI0P3KTsv3bixzibl431:LhbfH8Tf/a+uJvRIANZIFTsvOuO`
Yara	PNG_Format_Zero - PNG Format
VirusTotal	Search for analysis

Name	86bf463055fa6555_{92dc2930-3dee-11ef-948e-94de278c3274}.dat Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{92DC2930-3DEE-11EF-948E-94DE278C3274}.dat
Size	7.5KB
Processes	2616 (iexplore.exe)
Type	Composite Document File V2 Document, Cannot read section info
MD5	`18416ce6c960b5540cd0e6a89e2c71d0`
SHA1	`759c0a3bdf33581c4407d980e16e8b2264e24477`
SHA256	`86bf463055fa65556fd7689b358d25bcd532d2c67f06d79f2f894037f0710248`
CRC32	`7FDFEEBA`
ssdeep	`96:kO4lRKqA+qO/RKqA+aO2wO2DOWvAzsU2eOWvAzsU2HTi:vfqA+qOQqA+aBwBDBvveBvve`
Yara	Microsoft_Office_File_Zero - Microsoft Office File
VirusTotal	Search for analysis

Name	373733f5d735b0ce_l7jfxmc3gvh[1].png Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BYECVYBT\l7jFXMc3gVH[1].png
Size	252.0B
Processes	2700 (iexplore.exe)
Type	PNG image data, 16 x 16, 8-bit colormap, non-interlaced
MD5	`dfda84bf34fe65acbb6fe810cad2b39f`
SHA1	`4e42b2e0174582d3531afa643cf3efb6ec33a44d`
SHA256	`373733f5d735b0ce2f849614ecd5c3c267457bdcd3a060fa2ca75ed1f3bcd9f8`
CRC32	`5EA4C9D6`
ssdeep	`3:yionv//thPl9vtt/4OLJS3rNMFflgZCyyhqPUVPKMeiKKXLR9IkOADfamLmkup:6v/lhPf4OLJCIswhuEPKVzsccCmLSp`
Yara	PNG_Format_Zero - PNG Format
VirusTotal	Search for analysis

Name	ae2df0ff65a5ad42_recoverystore.{92dc292f-3dee-11ef-948e-94de278c3274}.dat Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{92DC292F-3DEE-11EF-948E-94DE278C3274}.dat
Size	4.5KB
Processes	2616 (iexplore.exe)
Type	Composite Document File V2 Document, Cannot read section info
MD5	`a9f3e4cd740ebe78e1dfee92ad22e5dc`
SHA1	`b5ea41a6d74b1daaf2bc91b0c5781b89cee6111e`
SHA256	`ae2df0ff65a5ad42c91ed5fa35ad09daa39039f537358ffff55782cf76bed6b9`
CRC32	`16CB4855`
ssdeep	`12:rlfF2irEg5+IaCrI0F7+F2/OtOrEg5+IaCrI0F7ugQNlTqbaxJy7WNlTqbaxJyLk:rqi5/1/OtO5/3QNlWeHNlWe`
Yara	Microsoft_Office_File_Zero - Microsoft Office File
VirusTotal	Search for analysis

Name	d4ffef68138575cb_sku_kc8l2qu[1].png Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\Sku_Kc8l2qU[1].png
Size	446.0B
Processes	2700 (iexplore.exe)
Type	PNG image data, 16 x 16, 8-bit colormap, non-interlaced
MD5	`11760f61a88c253e599de0a23042aee2`
SHA1	`c09ac4766f9ca1f36094cd2043322d7deea5b8d0`
SHA256	`d4ffef68138575cb09bb38980f87cc2d412b7ee84362cb40ff04eb9cfc2af930`
CRC32	`CB34DBFD`
ssdeep	`6:6v/lhPfVLEPS854RXGL0H4TuDbWImqmc5zgbyOnLMannsp:6v/7FLEfUGLUhDhmqmCguOnhe`
Yara	PNG_Format_Zero - PNG Format
VirusTotal	Search for analysis

Name	4558d4c895dc10b1_warn[2].htm Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\warn[2].htm
Size	7.7KB
Processes	2700 (iexplore.exe)
Type	XML 1.0 document, UTF-8 Unicode text, with very long lines
MD5	`63da2e5ddbd6e21deff81a324877e34b`
SHA1	`3ec9ab9c93278aab173a95f6bde027773c94998d`
SHA256	`4558d4c895dc10b1af95d5de64066293e26bbc8fe368c2f43a91b1108e2000b0`
CRC32	`84D48D9E`
ssdeep	`192:7ANMLWqhffGIJGny8noIkUr7bNKAwbNToA:cGnGIJGhjPrnqoA`
Yara	None matched
VirusTotal	Search for analysis

Name	4b0e355e24486428_rg06g022.txt Submit file
Filepath	C:\Users\test22\AppData\Roaming\Microsoft\Windows\Cookies\RG06G022.txt
Size	91.0B
Processes	2700 (iexplore.exe)
Type	ASCII text
MD5	`68e6c2e994d464118c8253b176f67d46`
SHA1	`3f0b27f7b44368c72e04e9a9e1a0683a6e9ca003`
SHA256	`4b0e355e2448642877f90b11561d2fbf1f3d91af7ac1a084c01cfcd345b9efb8`
CRC32	`CCBDF0EE`
ssdeep	`3:wMcrXx9S5XwEDEXqhSXbXTSWUrURQRTQUOn:iXbWLYGSXbDR2RMUOn`
Yara	None matched
VirusTotal	Search for analysis

Name	88ae5454a7c32c63_favicon[4].png Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BYECVYBT\favicon[4].png
Size	5.3KB
Processes	2700 (iexplore.exe)
Type	MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
MD5	`3e764f0f737767b30a692fab1de3ce49`
SHA1	`58fa0755a8ee455819769ee0e77c23829bf488dd`
SHA256	`88ae5454a7c32c630703440849d35c58f570d8eecc23c071dbe68d63ce6a40d7`
CRC32	`CE6F0971`
ssdeep	`24:Es5ed8vZa+/kffJTyN5J5iXSvjDxatgFFjiZq1MJUikeVgl2fwFfBaTzh4mpCbak:2fq3OqXAzh4jaJV9HxG8Q`
Yara	icon_file_format - icon file format
VirusTotal	Search for analysis

Name	548f2d6f4d0d820c_hsts-pixel[1].gif Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTDTA402\hsts-pixel[1].gif
Size	43.0B
Processes	2700 (iexplore.exe)
Type	GIF image data, version 89a, 1 x 1
MD5	`df3e567d6f16d040326c7a0ea29a4f41`
SHA1	`ea7df583983133b62712b5e73bffbcd45cc53736`
SHA256	`548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87`
CRC32	`AB68BD76`
ssdeep	`3:CU9yltxlHh/:m/`
Yara	None matched
VirusTotal	Search for analysis

Name	e0ff2e0f45b6ac64_k97pj8-or6s[1].png Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\k97pj8-or6s[1].png
Size	809.0B
Processes	2700 (iexplore.exe)
Type	PNG image data, 77 x 16, 8-bit gray+alpha, non-interlaced
MD5	`65f2f1eb5798b53c504ed8de3d90c958`
SHA1	`2ee3007e36e6babdf0448cd51b6ac2f7aa31814c`
SHA256	`e0ff2e0f45b6ac64540fe750795196238188e4e3a5ae9138318dd555b23a2eae`
CRC32	`F5C28033`
ssdeep	`24:3gx5d5wCKQJ6voWa9nXL/Z03VwDd0Tmt2pGppfSaY3s:Qx5cfQB7RSlKt/76aY3s`
Yara	PNG_Format_Zero - PNG Format
VirusTotal	Search for analysis

Name	700a13546e6007d0_nus9rs26d1m[1].png Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\nUs9RS26D1m[1].png
Size	287.0B
Processes	2700 (iexplore.exe)
Type	PNG image data, 16 x 16, 8-bit colormap, non-interlaced
MD5	`bd1ab4838ee4907a28eae9aaea749dbb`
SHA1	`5a058779dc368f7c3220c1b6eec89c2585fa7ce9`
SHA256	`700a13546e6007d08ea6af23695671742d4ac3e618fc6dcdaf196a88bbabb246`
CRC32	`11746FD9`
ssdeep	`6:6v/lhPfanDC6Kk2s/2l6KHlBibG7AQk/rqnPOLloMDRFLqsDHyXjp:6v/7qC6al60P57srMPUTFLXDHSN`
Yara	PNG_Format_Zero - PNG Format
VirusTotal	Search for analysis