Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

Dropped Files | ZeroBOX

Name	ca7b6486544ba76e_CSC3358698594D4499EBE9E87D7E1AC1F6E.TMP Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\CSC3358698594D4499EBE9E87D7E1AC1F6E.TMP
Size	652.0B
Processes	2672 (csc.exe)
Type	MSVC .res
MD5	`82b516db613a08a3578a920777f73920`
SHA1	`89cfa6e3ae79f3fb2229842a97359e9c87176752`
SHA256	`ca7b6486544ba76efd128d23b72b1a21a0ba9f7098a3684da4f477b8aa117a4d`
CRC32	`DFF52701`
ssdeep	`12:DXt4Ii3ntuAHia5YA49aUGiqMZAiN5gryFnGak7YnqqunXPN5Dlq5J:+RI+ycuZhNvnGakSunXPNnqX`
Yara	None matched
VirusTotal	Search for analysis

Name	3d2e406503390586_nr2pbihw.out Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\nr2pbihw.out
Size	446.0B
Processes	2540 (Protect.exe)
Type	UTF-8 Unicode (with BOM) text, with CRLF, CR line terminators
MD5	`4a311ba57dca72da0d91a83492e35804`
SHA1	`b84c6795229eb15bb253d55552177df6e2099397`
SHA256	`3d2e4065033905867cea9e37bce78dfbee1926e53d6cb58867cf5866b2768b01`
CRC32	`95E20826`
ssdeep	`12:K4OLM9IR37L/6KQOLMWxXOLMW8uKa8GIKO5SBFN+y:K+9Idn6K24VuKa2KoSDQy`
Yara	None matched
VirusTotal	Search for analysis

Name	e3b0c44298fc1c14_nr2pbihw.tmp Empty file or file not found
Filepath	C:\Users\test22\AppData\Local\Temp\nr2pbihw.tmp
Size	0.0B
Type	empty
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
CRC32	`00000000`
ssdeep	`3::`
Yara	None matched
VirusTotal	Search for analysis

Name	b7105823c1721b1d_nr2pbihw.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\nr2pbihw.dll
Size	3.5KB
Processes	2672 (csc.exe) 2540 (Protect.exe)
Type	PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
MD5	`fdb1b32fd3ed39f061364ca3612b759f`
SHA1	`cf89a0f2850e136576b6f66bc023efa62fdb947b`
SHA256	`b7105823c1721b1dec7960bb3d28ded82d942ab98c74b2cf24f08769ec5e0290`
CRC32	`FE4E0C9E`
ssdeep	`24:etGSf8JmYi0damwUltstR7NTeTssGkPDYRGtkFr8K/4qMS1G6GYWI+ycuZhNvnGa:6qBta3Tkssr7YbFwrwj21ulua3Kq`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE32 - (no description) Is_DotNET_DLL - (no description)
VirusTotal	Search for analysis

Name	f8ca231277e9726c_nr2pbihw.cmdline Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\nr2pbihw.cmdline
Size	188.0B
Processes	2540 (Protect.exe)
Type	UTF-8 Unicode (with BOM) text, with no line terminators
MD5	`4acfd90924bda14e813ab6d35161e4db`
SHA1	`552cb417867dfd336e0251277f15373288b64b24`
SHA256	`f8ca231277e9726cecbd8d9262361b8f55759d700f120a2e899c27bdf222e1b3`
CRC32	`DFCC30AF`
ssdeep	`3:0HXEXA8F+H2R5BJiWR5mKWLRRmWxpcL4E2J5xAIVsOHUiQCIFRVRMxTPImWxpcLk:pAu+H2L/6K2mQpcLJ23f+xzxszImQpcw`
Yara	None matched
VirusTotal	Search for analysis

Name	5faa970025d8abf0_nr2pbihw.0.cs Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\nr2pbihw.0.cs
Size	662.0B
Processes	2540 (Protect.exe)
Type	UTF-8 Unicode (with BOM) text, with CRLF line terminators
MD5	`a19db16f7bcd4a514f51b3c6d1acca8f`
SHA1	`dea283c69db3c042b41a988af88ab9bfabd06907`
SHA256	`5faa970025d8abf01ba34d45c5a2bf3cbf6f6f99e2b215ad6fb5ce97bb752e9f`
CRC32	`1C2FEA80`
ssdeep	`12:t6GrFI9fNyDUpXcRYOPbWCqAlIUkdgVh1Crfb:0oFI99cRYOjWCdIUkeD1yD`
Yara	None matched
VirusTotal	Search for analysis

Name	752401387ace43de_RESC11.tmp Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\RESC11.tmp
Size	1.3KB
Processes	2768 (cvtres.exe) 2672 (csc.exe)
Type	Intel 80386 COFF object file, not stripped, 3 sections, symbol offset=0x492, 9 symbols
MD5	`331e637bb137280581a8c236cbcd6829`
SHA1	`cf18775f01c981d95124e8722af2c7cc5297b0e6`
SHA256	`752401387ace43de875353ed757cb5fef67cbe7425aab25717e8805d7ea1553a`
CRC32	`5C4964B3`
ssdeep	`24:HFm9x/te464HIwrUeK2uxNwI+ycuZhNvnGakSunXPNnqwSd:C/cuTfKBxm1ulua3KqwC`
Yara	None matched
VirusTotal	Search for analysis