Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
09.21 02:09
random.exe
09.21 02:09
sdhsfd.exe
09.21 02:09
66edb89bc4073_crypted....
09.21 02:09
66ed33772bbe7_vdfhsjf1...
09.21 02:09
game.exe
09.21 02:09
66ebb3bf78bd6_Send.exe...
09.21 02:09
66ed33717e4c1_vfdshfda...
09.21 02:09
random.exe
09.21 02:09
66ed336eac985_vdfhssfd...
09.21 02:09
66ed7ef071886_crypted....

Latest News
09.22 01:09
03 - Identifying Signs...
09.22 01:09
Hacktivist Group Twelv...
09.22 01:09
Join us at Microsoft I...
09.22 01:09
How comprehensive secu...
09.21 11:09
LinkedIn Halts AI Data...
09.21 11:09
Ukraine Bans Telegram ...
09.21 11:09
Against Elitism
09.21 11:09
5 Best Practices For E...
09.21 10:09
Fälschung enttarnt: De...
09.21 10:09
ChatGPT o1: Revolution...

Dropped Files | ZeroBOX

Name	d9e15bb8027ff52d_gesgh76cxrkcsgl1famauihj.exe Submit file
Filepath	C:\Users\test22\Pictures\geSGH76CxrkCsGl1faMAUiHj.exe
Size	7.3KB
Processes	2748 (CasPol.exe)
Type	HTML document, UTF-8 Unicode text, with very long lines
MD5	`77f762f953163d7639dff697104e1470`
SHA1	`ade9fff9ffc2d587d50c636c28e4cd8dd99548d3`
SHA256	`d9e15bb8027ff52d6d8d4e294c0d690f4bbf9ef3abc6001f69dcf08896fbd4ea`
CRC32	`B0DC8C43`
ssdeep	`192:5LP+u+v13xV1cSHYu+zogDLIIUObDz5p7KoxSR1yz:5D+hv13T1FH0fHIIPD9xKu`
Yara	None matched
VirusTotal	Search for analysis

Name	029bebd75dd2ff3c_qsplwjbwxpr6uk2qagxnjuxw.exe Submit file
Filepath	C:\Users\test22\AppData\Local\qSPlWjbWxPr6Uk2qaGXnjUxw.exe
Size	152.0KB
Processes	2748 (CasPol.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`76f3c293c8c0a77432df06cede12c5da`
SHA1	`b8bd381005341593a466341b73d8050112dd399f`
SHA256	`029bebd75dd2ff3cfc54b34c27098b209b17f500a8e8ca4348a1ae25735ba008`
CRC32	`E0912307`
ssdeep	`3072:QPfLv9EPibZ0AXdNhNj1GAn9nx5rA+SM9Wj:KLv9EPVAXdNL2io`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsPE32 - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	44e8aa0601fffe82_590aee7bdd69b59b.customdestinations-ms Submit file
Filepath	c:\users\test22\appdata\roaming\microsoft\windows\recent\customdestinations\590aee7bdd69b59b.customdestinations-ms
Size	7.8KB
Processes	2652 (powershell.exe)
Type	data
MD5	`ee6cfd78f72f03663db2a7df0c696dd7`
SHA1	`56126e81a5f6577f8e24a890185d0c9eb600fa02`
SHA256	`44e8aa0601fffe82c494bbc7d7280aa3bc5e90effe2aee2d716d5716e1d6b568`
CRC32	`F27137C4`
ssdeep	`96:EtuCcBGCPDXBqvsqvJCwoRtuCcBGCPDXBqvsEHyqvJCworu4tDHXyGlUVul:EtCgXoRtCgbHnorBTyY`
Yara	Antivirus - Contains references to security software Generic_Malware_Zero - Generic Malware
VirusTotal	Search for analysis

Name	0dcf94affc495edd_qkprurxzl45nf4z70sqv9rem.bat Submit file
Filepath	C:\Users\test22\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\QkPrurxZL45nF4Z70Sqv9rEM.bat
Size	70.0B
Processes	2748 (CasPol.exe)
Type	ASCII text, with no line terminators
MD5	`c7a9396e99492b59fb585f58ff064c77`
SHA1	`a7428b63c424c4f9399ed5bbfdec9992137e518c`
SHA256	`0dcf94affc495edd5c3438880997a7c409d3c7e7927ab8ad940d717515b604f1`
CRC32	`A189CEA8`
ssdeep	`3:Ljn9m1mWxpcL4E2J5U2DV8OWIKl:fE1mQpcLJ23U2DsZl`
Yara	None matched
VirusTotal	Search for analysis

Name	1951bb273265a5c0_qktr7ohadfynihscpvoqu59s.bat Submit file
Filepath	C:\Users\test22\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\qkTr7ohAdFYNIhscpvOQU59s.bat
Size	70.0B
Processes	2748 (CasPol.exe)
Type	ASCII text, with no line terminators
MD5	`bf0d5e80bb6dfc3e432f2153f25d7165`
SHA1	`56d4470a6298e81644434c4e353eab4bbf21016f`
SHA256	`1951bb273265a5c02a9ee40a6673287e60a873e3997943b0b522af7dee7d3455`
CRC32	`EFD82459`
ssdeep	`3:Ljn9m1mWxpcL4E2J5U00LUL0yJF:fE1mQpcLJ23UKY+`
Yara	None matched
VirusTotal	Search for analysis