Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
09.21 02:09
random.exe
09.21 02:09
sdhsfd.exe
09.21 02:09
66edb89bc4073_crypted....
09.21 02:09
66ed33772bbe7_vdfhsjf1...
09.21 02:09
game.exe
09.21 02:09
66ebb3bf78bd6_Send.exe...
09.21 02:09
66ed33717e4c1_vfdshfda...
09.21 02:09
random.exe
09.21 02:09
66ed336eac985_vdfhssfd...
09.21 02:09
66ed7ef071886_crypted....

Latest News
09.22 02:09
Jumperless Breadboard ...
09.22 02:09
Hacker behind Snowflak...
09.22 01:09
03 - Identifying Signs...
09.22 01:09
Hacktivist Group Twelv...
09.22 01:09
Join us at Microsoft I...
09.22 01:09
How comprehensive secu...
09.21 11:09
LinkedIn Halts AI Data...
09.21 11:09
Ukraine Bans Telegram ...
09.21 11:09
Against Elitism
09.21 11:09
5 Best Practices For E...

Dropped Files | ZeroBOX

Name	e3b0c44298fc1c14_cer1EDD.tmp Empty file or file not found
Filepath	C:\Windows\cer1EDD.tmp
Size	0.0B
Type	empty
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
CRC32	`00000000`
ssdeep	`3::`
Yara	None matched
VirusTotal	Search for analysis

Name	8ac261fcde4eee79_weba.html Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\weba.html
Size	313.7KB
Processes	2840 (powershell.exe) 2624 (cmd.exe)
Type	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
MD5	`172d44db15c878606222b1c48b54e150`
SHA1	`3f0374e5217f9921a59c7b3e2a701553b51043cc`
SHA256	`8ac261fcde4eee7984b97d92e55e7617d95d4d26e034fe3555e72870a49404e7`
CRC32	`671DE1B1`
ssdeep	`3072:aiCgAkHnjPIQ6KSEX/WHmPaW+LN7DxRLlzglK2VoSk:4gAkHnjPIQBSE+GPCN7jB2VoSk`
Yara	ftp_command - ftp command
VirusTotal	Search for analysis

Name	2bdfe5747772bdca_🌍impactfulbrands.co.uk__________________________________________.html.bat Submit file
Size	4.8KB
Type	ASCII text, with very long lines, with CRLF line terminators
MD5	`eb39f61659de025b97dc88f3c6eea279`
SHA1	`88f51a1bdc18e97ad6b9dc230c6e2e176879e692`
SHA256	`2bdfe5747772bdca05a10ed8f91b93b955b814c016bb1b002e4af5cf4b063d73`
CRC32	`8DE6820E`
ssdeep	`96:Q1GQ9DwW5z5Q9DwW5PRD9DwW5/Rz9DwW5C79hX6IJADeHTKPfOY5Pk5:KF9M0za9M0ZD9M0pz9M04v6IJADeHmPM`
Yara	None matched
VirusTotal	Search for analysis

Name	3e31d066fe3ce06d_webb.html Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\webb.html
Size	313.8KB
Processes	2940 (powershell.exe) 2624 (cmd.exe)
Type	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
MD5	`460e2952581f7ff00c210675a90d82c3`
SHA1	`784d3fdf49536db8191bc68fd07610371a4d732c`
SHA256	`3e31d066fe3ce06d4d22d48a6f90d0b6ca5a141ce923bbf4284671235ea25667`
CRC32	`C0E9A919`
ssdeep	`3072:BiKgAkHnjPIQ6KSEX/jHwPaW+LN7DxRLlzglKoVA4k:dgAkHnjPIQBSE7QPCN7jBoVA4k`
Yara	ftp_command - ftp command
VirusTotal	Search for analysis

Name	b7c225ef3cc3e875_d93f411851d7c929.customDestinations-ms~RF1817bc6.TMP Submit file
Filepath	C:\Users\test22\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d93f411851d7c929.customDestinations-ms~RF1817bc6.TMP
Size	7.8KB
Processes	2712 (powershell.exe) 2840 (powershell.exe)
Type	data
MD5	`81ca4510272caf505e8091e9a28cb716`
SHA1	`71414aeec9f1e4a6f5a461b01700cc9cc992cd9e`
SHA256	`b7c225ef3cc3e87506150eb140e7b9cc127a3469c50a808854acac71a53d98bf`
CRC32	`FC31E90F`
ssdeep	`96:EtuCcBGCPDXBqvsqvJCwoRtuCcBGCPDXBqvsEHyqvJCwor/47HwxGlUVul:EtCgXoRtCgbHnorLxY`
Yara	Antivirus - Contains references to security software Generic_Malware_Zero - Generic Malware
VirusTotal	Search for analysis