Dropped Files | ZeroBOX

Name	4826c0d860af884d_~wrs{220bab70-f7ce-43ca-bda2-8a8176425e99}.tmp Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{220BAB70-F7CE-43CA-BDA2-8A8176425E99}.tmp
Size	1.0KB
Processes	3056 (WINWORD.EXE)
Type	data
MD5	`5d4d94ee7e06bbb0af9584119797b23a`
SHA1	`dbb111419c704f116efa8e72471dd83e86e49677`
SHA256	`4826c0d860af884d3343ca6460b0006a7a2ce7dbccc4d743208585d997cc5fd1`
CRC32	`23C03491`
ssdeep	`3:ol3lYdn:4Wn`
Yara	None matched
VirusTotal	Search for analysis

Name	ad650836c496b0fe_~$ayload.docm Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\~$ayload.docm
Size	162.0B
Processes	3056 (WINWORD.EXE)
Type	data
MD5	`504fc406936619ff99513096972a1cca`
SHA1	`aa670a67e1d251af4a92cb9b6ff643c9bf9df07e`
SHA256	`ad650836c496b0feb689b44895fd152d23d1f3ac9731a133a84a2b08a38bea54`
CRC32	`4639526E`
ssdeep	`3:yW2lWRdvL7YMlbK7g7lxIt50iSjlVtUxyXhn:y1lWnlxK7ghqqF+yxn`
Yara	None matched
VirusTotal	Search for analysis

Name	d516a371b6fc0a52_~$normal.dotm Submit file
Filepath	C:\Users\test22\AppData\Roaming\Microsoft\Templates\~$Normal.dotm
Size	162.0B
Processes	3056 (WINWORD.EXE)
Type	data
MD5	`56a4532b2fc2cf6fd4ec62a29758d231`
SHA1	`60f68bd8ac5b3f7290daa236bebd5f9c0f1510fd`
SHA256	`d516a371b6fc0a5270a1323f271bc2a36bc34f9cf06c783a642020c0da8948c3`
CRC32	`E93E4529`
ssdeep	`3:yW2lWRdvL7YMlbK7g7lxIt50iSjlVtNmk/tyXhn:y1lWnlxK7ghqqFNT/tyxn`
Yara	None matched
VirusTotal	Search for analysis

Name	90a3ef2eda13c546_~wrs{c307f685-26aa-4d20-8ad9-e5aed9f52ff3}.tmp Submit file
Filepath	C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{C307F685-26AA-4D20-8AD9-E5AED9F52FF3}.tmp
Size	1.5KB
Processes	3056 (WINWORD.EXE)
Type	data
MD5	`ce027833e906c57c03b9dc95b5b7e6d9`
SHA1	`03615f29f8d2288c67d8cf37a5e7b038e3d49823`
SHA256	`90a3ef2eda13c5461656b7af01c4e49d0215756f34924a38f4913bf6774791bb`
CRC32	`094CBC66`
ssdeep	`6:YmWmG2GW2GJ8l2Y/yUyUyUykSSSn/fEhmFPNn:YXHH37yUyUyUylXD1`
Yara	None matched
VirusTotal	Search for analysis