Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
09.22 04:09
2.exe
09.21 02:09
random.exe
09.21 02:09
sdhsfd.exe
09.21 02:09
66edb89bc4073_crypted....
09.21 02:09
66ed33772bbe7_vdfhsjf1...
09.21 02:09
game.exe
09.21 02:09
66ebb3bf78bd6_Send.exe...
09.21 02:09
66ed33717e4c1_vfdshfda...
09.21 02:09
random.exe
09.21 02:09
66ed336eac985_vdfhssfd...

Latest News
09.22 08:09
Biden Administration t...
09.22 08:09
IT Sicherheitsnews tae...
09.22 07:09
September 22, 2024
09.22 06:09
Cards Against Humanity...
09.22 05:09
Linux, Now In Real Time
09.22 04:09
Was können Roboter wir...
09.22 04:09
Schluss mit Basis-Auth...
09.22 04:09
Deutsches Jugendherber...
09.22 02:09
Learn How to Dissect B...
09.22 02:09
Jumperless Breadboard ...

Dropped Files | ZeroBOX

Name	981c87b3d1918d14_~$bfba0b98c135481c14db1c2f2da484.docm Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\~$bfba0b98c135481c14db1c2f2da484.docm
Size	162.0B
Processes	1636 (WINWORD.EXE)
Type	data
MD5	`36d66388f25b75726bf89a19b8b73ad9`
SHA1	`936d8196ebbdfb0a4d21b295a58a67cf2addd4a1`
SHA256	`981c87b3d1918d14c555d9f651fe11421eb11580d418a1ade419c31020e8c258`
CRC32	`C1D57187`
ssdeep	`3:yW2lWRdvL7YMlbK7g7lxItOsl7XhllFrll:y1lWnlxK7ghqOsJxdj`
Yara	None matched
VirusTotal	Search for analysis

Name	69a6030a8d8f9584_~wrs{35af6d41-a5e3-46f2-a911-cdeabf4a3eb4}.tmp Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{35AF6D41-A5E3-46F2-A911-CDEABF4A3EB4}.tmp
Size	18.5KB
Processes	1636 (WINWORD.EXE)
Type	data
MD5	`ab205a682155d1b8b41d758182513bf1`
SHA1	`574e90479b825a987e06a448b87d2206e284df3b`
SHA256	`69a6030a8d8f9584ec2bdbb92f2f6ad03d455af0844130ab57813ebf8a1b90b7`
CRC32	`9821763F`
ssdeep	`192:v1d6oUqzkE4R6Hd+E4U3L8hvpgariVqW8m02OU5EReoae2:vxUqz1T3Lyv2uiim1OeRH`
Yara	None matched
VirusTotal	Search for analysis

Name	04a20e980b9c3229_index.dat Submit file
Filepath	C:\Users\test22\AppData\Roaming\Microsoft\Office\Recent\index.dat
Size	93.0B
Processes	1636 (WINWORD.EXE)
Type	ASCII text, with CRLF line terminators
MD5	`729fd222f8365910e78c7f021d076800`
SHA1	`263c8ba1722b935cbeee7158a2db489580202684`
SHA256	`04a20e980b9c322998e955afa4226b83ea7070471f46abbdbeb6581a60780ebc`
CRC32	`3563926F`
ssdeep	`3:bDuMJlLV3mxWIoB3v:bCAVzf`
Yara	None matched
VirusTotal	Search for analysis

Name	fc3a22553b0b9c52_~$normal.dotm Submit file
Filepath	C:\Users\test22\AppData\Roaming\Microsoft\Templates\~$Normal.dotm
Size	162.0B
Processes	1636 (WINWORD.EXE)
Type	data
MD5	`4a1f4ab6408b7fdf10667af524456e21`
SHA1	`d967089a53ebfd34144d41b4163c08adf2401df7`
SHA256	`fc3a22553b0b9c52f3c622d5934a5b1793b2be06c92aa7cbb1b6c988ab4739fb`
CRC32	`13DE48BD`
ssdeep	`3:yW2lWRdvL7YMlbK7g7lxIt7mk/tyXhllFrll:y1lWnlxK7ghq7T/tyxdj`
Yara	None matched
VirusTotal	Search for analysis

Name	0fc1c2656905af60_templates.lnk Submit file
Filepath	C:\Users\test22\AppData\Roaming\Microsoft\Office\Recent\Templates.LNK
Size	1.1KB
Processes	1636 (WINWORD.EXE)
Type	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Directory, ctime=Wed Jan 31 21:28:02 2018, mtime=Wed Jul 17 16:51:35 2024, atime=Wed Jul 17 16:51:35 2024, length=4096, window=hide
MD5	`cfd89b5221d9c2483b6da6f6095665f2`
SHA1	`8dfc20a62fc6b6a4e224924dc522ce2282bed690`
SHA256	`0fc1c2656905af605b8bbeff70f4f6f8ddbc330db7830eab07ff9dcedba32dd4`
CRC32	`29CA1376`
ssdeep	`24:84vykJvqVRd5kwDRhk4zNYuTTCLPy0VfVI:84vykh+ntpYuT0yAdI`
Yara	lnk_file_format - Microsoft Windows Shortcut File Format Lnk_Format_Zero - LNK Format
VirusTotal	Search for analysis

Name	4826c0d860af884d_~wrs{91e954c2-abae-411d-85f2-6f4e7d6b08da}.tmp Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{91E954C2-ABAE-411D-85F2-6F4E7D6B08DA}.tmp
Size	1.0KB
Processes	1636 (WINWORD.EXE)
Type	data
MD5	`5d4d94ee7e06bbb0af9584119797b23a`
SHA1	`dbb111419c704f116efa8e72471dd83e86e49677`
SHA256	`4826c0d860af884d3343ca6460b0006a7a2ce7dbccc4d743208585d997cc5fd1`
CRC32	`23C03491`
ssdeep	`3:ol3lYdn:4Wn`
Yara	None matched
VirusTotal	Search for analysis

Name	882711e8ddb24f9a_version.vbs.lnk Submit file
Filepath	C:\Users\test22\AppData\Roaming\Microsoft\Office\Recent\version.vbs.LNK
Size	1.2KB
Processes	1636 (WINWORD.EXE)
Type	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Wed Jul 17 16:51:35 2024, mtime=Wed Jul 17 16:51:35 2024, atime=Wed Jul 17 16:51:35 2024, length=188, window=hide
MD5	`56c334fbbf1b41275a68b5f2f6d1c73b`
SHA1	`97214475848847b84892a0c9f692878e19454711`
SHA256	`882711e8ddb24f9afa71a407a3dd46b4763a4e3f66dc5cfc6bb9be73b3494dfe`
CRC32	`D01539E4`
ssdeep	`24:8Oe/rvykJvqVRd5kwDRhkqvpLYizNYuTPzLNCLPyd:8O8vykh+nR1YipYuTPHqyd`
Yara	lnk_file_format - Microsoft Windows Shortcut File Format Lnk_Format_Zero - LNK Format
VirusTotal	Search for analysis