Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
09.21 02:09
l6E.exe
09.20 01:09
setup.exe
09.20 11:09
3uTools.exe
09.20 11:09
66ecb4573225b_vsbhfdg1...
09.20 10:09
66ecb452ba19c_sfbdsgfd...
09.20 10:09
66ecb44c35444_vfdhsgdf...
09.20 10:09
66ec0e61998bf_setup30.exe
09.20 10:09
66ebf725efe38_lyla.exe
09.20 10:09
Desktop_Explorer.exe
09.20 10:09
66ec3528901bb_winupdat...

Latest News
09.21 05:09
Intel Gains on Report ...
09.21 05:09
ION Reprices Leveraged...
09.21 05:09
Microsoft bringt Windo...
09.21 05:09
Falsche Buchungen in M...
09.21 05:09
Auf diesem Twitter-Klo...
09.21 04:09
OIG audit calls for mo...
09.21 04:09
How Google Allegedly M...
09.21 04:09
Metasploit Weekly Wrap...
09.21 03:09
Fixing an Elgato HD60 ...
09.21 02:09
Google Faces EU Ultima...

Dropped Files | ZeroBOX

Name	52922ab69824570d_irimg2.jpg Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_ir_sf_temp_0\IRIMG2.JPG
Size	20.9KB
Processes	2144 (irsetup.exe)
Type	JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 166x312, frames 3
MD5	`8da00a281dd2d7b7861e785eb5f6086e`
SHA1	`326145a4c6ecf80fdc3b95ff70cf5772820461a5`
SHA256	`52922ab69824570d12d004eb9281cf926f4d30dca53ae05aac52611f36db12a2`
CRC32	`84D09543`
ssdeep	`384:DpGDrTEpUh8kRQe+p4xvFQEYQK0deicbJ01dq/qEhgTGVhYxh1ViphzB5Bfr:IfdQ/4xdiSbcbJPqyXGh1eV5h`
Yara	JPEG_Format_Zero - JPEG Format
VirusTotal	Search for analysis

Name	eca7064b09fa0b62_irimg1.jpg Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_ir_sf_temp_0\IRIMG1.JPG
Size	5.5KB
Processes	2144 (irsetup.exe)
Type	JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 111x63, frames 3
MD5	`5dc2d6c2cdb0bd1447dc42810344fa1e`
SHA1	`72a320ba46fc5116cef786fb2cd03aea2e65e4f9`
SHA256	`eca7064b09fa0b62582a795965b3d980e299293a4d5052d7925b40002ea9000b`
CRC32	`39A008C2`
ssdeep	`96:gHlAdb18JRyNXM3pFVb/Tp2XIWxoCkS5mjdgnley/CF+Clr+4bbr0gDSBrk8:gHlYeJ2M3pPbynxfmRoekCFnjbws4rk8`
Yara	JPEG_Format_Zero - JPEG Format
VirusTotal	Search for analysis

Name	43d31e9d29656eed_irsetup.dat Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_ir_sf_temp_0\irsetup.dat
Size	113.9KB
Processes	2144 (irsetup.exe)
Type	data
MD5	`78b4a43d68898246ddbddc7d4e407d3b`
SHA1	`b12066f415232f40756cde40572738ca0b6a443c`
SHA256	`43d31e9d29656eed47d5e7f8ba8a5f6e876cf963b7143d0939926aa0bd63b93e`
CRC32	`EE8D0FC0`
ssdeep	`1536:7ZEK0mOeJKSkpAYD292UYSbHkUKwT62LSvqePlWBKKHQnDNW0HGl6b15G8eaiGG4:7uW0HGl6b15G8eaiGG+hV+SbgIxpziOt`
Yara	DllRegisterServer_Zero - execute regsvr32.exe
VirusTotal	Search for analysis

Name	1dee56b3376f69bf_lua5.1.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_ir_sf_temp_0\lua5.1.dll
Size	318.3KB
Processes	2056 (latest.exe)
Type	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5	`56e2cb184a24aedb473880462197cac4`
SHA1	`91aa64464fa96fb5de4c45718ecff507a3ab3fb3`
SHA256	`1dee56b3376f69bf440ab1ac363bdb5a1b7860620306b48a6632c2c3c9f59d59`
CRC32	`C7EF9045`
ssdeep	`6144:hkn2LG5bwf92+0HiDhAqUS0aMkvAvBtAOj+JzOghK:m2x2cdUhZuIBt8xc`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE32 - (no description) UPX_Zero - UPX packed file Generic_Malware_Zero - Generic Malware OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	0736577063175942_irsetup.exe Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe
Size	1.3MB
Processes	2056 (latest.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed
MD5	`53817a366d16165e18b0babc60239ff5`
SHA1	`05aec27173f52d698b91bce48a10c159e032f103`
SHA256	`07365770631759420e679342ea3cc3b720286b5bfb5289f54396b432eea40580`
CRC32	`B7DACCD5`
ssdeep	`24576:iXTrZCL0v157JHd6/JhBQQkg2MXjX6GwHeZLJRyOq+SbXqHMJRLUG:iDr93N+hB3kgJbwery0SbXqoRLU`
Yara	Network_Downloader - File Downloader PE_Header_Zero - PE File Signature IsPE32 - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis