Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
11.13 04:11
hello.exe
11.13 03:11
espsemhvcioff.exe
11.13 02:11
Geek_se.exe
11.13 02:11
cred64.dll
11.13 02:11
svhost.exe
11.13 02:11
nb.exe
11.13 02:11
svcyr.exe
11.13 02:11
Ghost_1.5.11.5.exe
11.13 02:11
PowderGpl.exe
11.13 02:11
goodlabel%E6%89%93%E5%...

Latest News
11.14 06:11
Сrimeware and financia...
11.14 06:11
Device Intelligence: A...
11.14 06:11
Building a Reproductio...
11.14 06:11
MultiChoice Chief Says...
11.14 06:11
Carlyle-Backed Apex Te...
11.14 05:11
이지서티 심기창 의장, 중소기업 기술·경...
11.14 05:11
POC2024, 전세계 350여 명 해킹...
11.14 05:11
킨텍스, 2024년 마지막 '맘앤베이비엑...
11.14 05:11
heise-Angebot: iX-Work...
11.14 05:11
Cyber-Bedrohungen: Wie...

Dropped Files | ZeroBOX

Name	db0b8be4e98758c6_zxwocp9e7mm[1].png Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BYECVYBT\ZXwOcP9E7mM[1].png
Size	13.3KB
Processes	2264 (iexplore.exe)
Type	PNG image data, 301 x 1208, 8-bit colormap, non-interlaced
MD5	`7c62e63d62777b5e3538eb60d53228ac`
SHA1	`272cfde754d30564dfb5195964a05f724dfef761`
SHA256	`db0b8be4e98758c69a9623a8a5d13930c7edcb02c3bc07f3f58294b221f9e7f9`
CRC32	`CCEE42C9`
ssdeep	`192:Ll//bfHjtLCAq9qy3v3QAg46lc5uCS/x6iRI70Bz9pS2ZI0P3KTsv3bixzibl431:LhbfH8Tf/a+uJvRIANZIFTsvOuO`
Yara	PNG_Format_Zero - PNG Format
VirusTotal	Search for analysis

Name	373733f5d735b0ce_l7jfxmc3gvh[1].png Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BYECVYBT\l7jFXMc3gVH[1].png
Size	252.0B
Processes	2264 (iexplore.exe)
Type	PNG image data, 16 x 16, 8-bit colormap, non-interlaced
MD5	`dfda84bf34fe65acbb6fe810cad2b39f`
SHA1	`4e42b2e0174582d3531afa643cf3efb6ec33a44d`
SHA256	`373733f5d735b0ce2f849614ecd5c3c267457bdcd3a060fa2ca75ed1f3bcd9f8`
CRC32	`5EA4C9D6`
ssdeep	`3:yionv//thPl9vtt/4OLJS3rNMFflgZCyyhqPUVPKMeiKKXLR9IkOADfamLmkup:6v/lhPf4OLJCIswhuEPKVzsccCmLSp`
Yara	PNG_Format_Zero - PNG Format
VirusTotal	Search for analysis

Name	656ddee31c02f661_warn[2].htm Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\warn[2].htm
Size	6.5KB
Processes	2264 (iexplore.exe)
Type	XML 1.0 document, UTF-8 Unicode text, with very long lines
MD5	`90bf8f15f97086ff8adf113a90f8fdb9`
SHA1	`119734d524a741788232f72882453530cd35df9a`
SHA256	`656ddee31c02f6615a8ce8a08ecc469e32abb9ace09e9a2b9a4dc3e6dd2ae660`
CRC32	`987DA4EC`
ssdeep	`96:d5YNWSI5NCMLWNMkszFFxBP21G7S/g6G7S/eQ5ymTBnoIJ6JArUHYBYAybmkK4jF:7SNMLWqhffGIJGny8noIk+rYAFA`
Yara	None matched
VirusTotal	Search for analysis

Name	0c443a7cf0d0b0a8_recoverystore.{62f6cad9-3def-11ef-ac50-94de278c3274}.dat Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{62F6CAD9-3DEF-11EF-AC50-94DE278C3274}.dat
Size	4.5KB
Processes	2204 (iexplore.exe)
Type	Composite Document File V2 Document, Cannot read section info
MD5	`0dc794b2fc6a2dcc5a32a1a987d1f9dd`
SHA1	`207569d7cff08460caadc8ac6ada61c1f99e4949`
SHA256	`0c443a7cf0d0b0a84a0b9f7526533b765b9316cf5ad0419351e2cda23dbc05b4`
CRC32	`FE489AE4`
ssdeep	`12:rlfF2PrrEg5+IaCrI0F7+F2OOrEg5+IaCrI0F7ugQNlTqbaxhRNlTqbaxq+Q:rqPr5/1OO5/3QNlWWNlW5`
Yara	Microsoft_Office_File_Zero - Microsoft Office File
VirusTotal	Search for analysis

Name	d4ffef68138575cb_sku_kc8l2qu[1].png Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTDTA402\Sku_Kc8l2qU[1].png
Size	446.0B
Processes	2264 (iexplore.exe)
Type	PNG image data, 16 x 16, 8-bit colormap, non-interlaced
MD5	`11760f61a88c253e599de0a23042aee2`
SHA1	`c09ac4766f9ca1f36094cd2043322d7deea5b8d0`
SHA256	`d4ffef68138575cb09bb38980f87cc2d412b7ee84362cb40ff04eb9cfc2af930`
CRC32	`CB34DBFD`
ssdeep	`6:6v/lhPfVLEPS854RXGL0H4TuDbWImqmc5zgbyOnLMannsp:6v/7FLEfUGLUhDhmqmCguOnhe`
Yara	PNG_Format_Zero - PNG Format
VirusTotal	Search for analysis

Name	88ae5454a7c32c63_favicon[4].png Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\favicon[4].png
Size	5.3KB
Processes	2264 (iexplore.exe)
Type	MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
MD5	`3e764f0f737767b30a692fab1de3ce49`
SHA1	`58fa0755a8ee455819769ee0e77c23829bf488dd`
SHA256	`88ae5454a7c32c630703440849d35c58f570d8eecc23c071dbe68d63ce6a40d7`
CRC32	`CE6F0971`
ssdeep	`24:Es5ed8vZa+/kffJTyN5J5iXSvjDxatgFFjiZq1MJUikeVgl2fwFfBaTzh4mpCbak:2fq3OqXAzh4jaJV9HxG8Q`
Yara	icon_file_format - icon file format
VirusTotal	Search for analysis

Name	20d884ba14dcf92f_814w1pqw.txt Submit file
Filepath	C:\Users\test22\AppData\Roaming\Microsoft\Windows\Cookies\814W1PQW.txt
Size	90.0B
Processes	2264 (iexplore.exe)
Type	ASCII text
MD5	`eded9a4df4e6852dfd8cda33f0fdb0f5`
SHA1	`3388baab38b316a40b0b4f93558c9ceb5c3516ba`
SHA256	`20d884ba14dcf92f819da0b16e14c682eb162516e472aa6ad363c769ced3f995`
CRC32	`7B17E698`
ssdeep	`3:EmFMuoE3xGAqhSXbUjdSoUZ+v:NM1El2SXbUjdcZ+v`
Yara	None matched
VirusTotal	Search for analysis

Name	548f2d6f4d0d820c_hsts-pixel[1].gif Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTDTA402\hsts-pixel[1].gif
Size	43.0B
Processes	2264 (iexplore.exe)
Type	GIF image data, version 89a, 1 x 1
MD5	`df3e567d6f16d040326c7a0ea29a4f41`
SHA1	`ea7df583983133b62712b5e73bffbcd45cc53736`
SHA256	`548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87`
CRC32	`AB68BD76`
ssdeep	`3:CU9yltxlHh/:m/`
Yara	None matched
VirusTotal	Search for analysis

Name	e0ff2e0f45b6ac64_k97pj8-or6s[1].png Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\k97pj8-or6s[1].png
Size	809.0B
Processes	2264 (iexplore.exe)
Type	PNG image data, 77 x 16, 8-bit gray+alpha, non-interlaced
MD5	`65f2f1eb5798b53c504ed8de3d90c958`
SHA1	`2ee3007e36e6babdf0448cd51b6ac2f7aa31814c`
SHA256	`e0ff2e0f45b6ac64540fe750795196238188e4e3a5ae9138318dd555b23a2eae`
CRC32	`F5C28033`
ssdeep	`24:3gx5d5wCKQJ6voWa9nXL/Z03VwDd0Tmt2pGppfSaY3s:Qx5cfQB7RSlKt/76aY3s`
Yara	PNG_Format_Zero - PNG Format
VirusTotal	Search for analysis

Name	b5f94d10d5a05eb6_{62f6cada-3def-11ef-ac50-94de278c3274}.dat Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{62F6CADA-3DEF-11EF-AC50-94DE278C3274}.dat
Size	7.0KB
Processes	2204 (iexplore.exe) 2264 (iexplore.exe)
Type	Composite Document File V2 Document, Cannot read section info
MD5	`cb5963fbe232de64bc16c0ace39d0ce8`
SHA1	`b51ca84abe2a095ab7d871e0ebbedecd86e8a132`
SHA256	`b5f94d10d5a05eb67c1cbecdb72a9317afc7f6d0682cbd5b5b185ae91b4dd477`
CRC32	`1BE391AB`
ssdeep	`96:t7k2RKBweY2KF3vrWvgzsUx+EQRyOCiABlkeglRKIgweY2KFvX:twFCeYF3qv4cjABumIeYFvX`
Yara	Microsoft_Office_File_Zero - Microsoft Office File
VirusTotal	Search for analysis

Name	700a13546e6007d0_nus9rs26d1m[1].png Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\nUs9RS26D1m[1].png
Size	287.0B
Processes	2264 (iexplore.exe)
Type	PNG image data, 16 x 16, 8-bit colormap, non-interlaced
MD5	`bd1ab4838ee4907a28eae9aaea749dbb`
SHA1	`5a058779dc368f7c3220c1b6eec89c2585fa7ce9`
SHA256	`700a13546e6007d08ea6af23695671742d4ac3e618fc6dcdaf196a88bbabb246`
CRC32	`11746FD9`
ssdeep	`6:6v/lhPfanDC6Kk2s/2l6KHlBibG7AQk/rqnPOLloMDRFLqsDHyXjp:6v/7qC6al60P57srMPUTFLXDHSN`
Yara	PNG_Format_Zero - PNG Format
VirusTotal	Search for analysis