Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
09.22 04:09
2.exe
09.21 02:09
random.exe
09.21 02:09
sdhsfd.exe
09.21 02:09
66edb89bc4073_crypted....
09.21 02:09
66ed33772bbe7_vdfhsjf1...
09.21 02:09
game.exe
09.21 02:09
66ebb3bf78bd6_Send.exe...
09.21 02:09
66ed33717e4c1_vfdshfda...
09.21 02:09
random.exe
09.21 02:09
66ed336eac985_vdfhssfd...

Latest News
09.22 05:09
Linux, Now In Real Time
09.22 04:09
Was können Roboter wir...
09.22 04:09
Schluss mit Basis-Auth...
09.22 04:09
Deutsches Jugendherber...
09.22 02:09
Learn How to Dissect B...
09.22 02:09
Jumperless Breadboard ...
09.22 02:09
Hacker behind Snowflak...
09.22 01:09
03 - Identifying Signs...
09.22 01:09
Hacktivist Group Twelv...
09.22 01:09
Join us at Microsoft I...

Dropped Files | ZeroBOX

Name	b50f9e5dee2929ea_590aee7bdd69b59b.customdestinations-ms Submit file
Filepath	c:\users\test22\appdata\roaming\microsoft\windows\recent\customdestinations\590aee7bdd69b59b.customdestinations-ms
Size	7.8KB
Processes	2900 (powershell.exe)
Type	data
MD5	`79554726609ee4ad83247006f91548b1`
SHA1	`b72cedf1f11cc1c2eed89ce81814b12616ec3e35`
SHA256	`b50f9e5dee2929eac08ed158d2221c938c925967324a3ab8f910cd27fdac17ac`
CRC32	`19DF44F7`
ssdeep	`96:EtuCcBGCPDXBqvsqvJCwoRtuCcBGCPDXBqvsEHyqvJCworM/X4tDHXyA/PlUVul:EtCgXoRtCgbHnor6cTy2t`
Yara	Antivirus - Contains references to security software Generic_Malware_Zero - Generic Malware
VirusTotal	Search for analysis

Name	5d92d1af82521971_fakecmd.bat Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\fakecmd.bat
Size	60.0B
Processes	2552 (winmod.exe)
Type	DOS batch file, ASCII text, with CRLF line terminators
MD5	`f96d7ee1c050f915b080bd319564c817`
SHA1	`6f095907e07e178f9063a01020caf2921d982c7a`
SHA256	`5d92d1af825219719e4009d70a50a63a8ed5e51e2faf79e2e83bc212e55cad21`
CRC32	`C602405A`
ssdeep	`3:mKDDPp7PJyWNAJJovovVKzGSJJn:hNB3smvdz9J`
Yara	None matched
VirusTotal	Search for analysis

Name	c769721071f2e65e_tmp4551.tmp.bat Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\tmp4551.tmp.bat
Size	160.0B
Processes	2552 (winmod.exe) 2984 (cmd.exe)
Type	DOS batch file, ASCII text, with CRLF line terminators
MD5	`50384de0eb1286eb8845b3314a55fb07`
SHA1	`3a152fc3e108685822ea74eec4833302c5461262`
SHA256	`c769721071f2e65ebe45cba4a2681fdedb34c592a9e9d3d317055df3a9c66e8a`
CRC32	`C987C7EF`
ssdeep	`3:mKDDCMNqTtv3DmWxpcL4E2J5xAIJSM8gQDwU1hGDmWxpcL4E2J5xAInTRI7FSGZ6:hWKqTtLmQpcLJ23fJSM0DNemQpcLJ23P`
Yara	None matched
VirusTotal	Search for analysis

Name	1ef86b1cfa7e45f6_winmod.exe Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\winmod.exe
Size	61.5KB
Type	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5	`e2e17ea8d5d471e58cbef7258dfec0e3`
SHA1	`3cb8ddc90819a8d9b5d971a484b91c6593fb3df0`
SHA256	`1ef86b1cfa7e45f6602e24a18e76d5e556f781abb0acf18f92eaca95bb53e25d`
CRC32	`236DEC3F`
ssdeep	`768:2l/9Ypu3qBk1q2quJAEtHgRc0LMT1iPcY9nLsmgmuYotCtGB2:29YA3OuJAEH30wTk/9nLsBjyGB2`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature Is_DotNET_EXE - (no description) IsPE32 - (no description)
VirusTotal	Search for analysis

Name	103cb14f2460de6e_windowshealthchecker.exe Submit file
Filepath	C:\Windows\WindowsHealthChecker.exe
Size	31.5KB
Processes	2748 (WindowsModificator.exe)
Type	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
MD5	`b075f9e4015e2f43154b9903d9ec5fb5`
SHA1	`0717b04115360a6d1d4451c90d0f6b0f781d249f`
SHA256	`103cb14f2460de6ef7c780becc87bac0599bdd0527e176c0ec87aad2397b57e6`
CRC32	`4FD8E7CC`
ssdeep	`768:CmDVuVP514zxjCzXjX/v/DJvikQmIDUu0ti+irj:ze6SvBjQVkdoj`
Yara	PE_Header_Zero - PE File Signature Is_DotNET_EXE - (no description) IsPE32 - (no description) Win_Backdoor_njRAT_Zero - Win Backdoor njRAT
VirusTotal	Search for analysis