Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
11.13 04:11
hello.exe
11.13 03:11
espsemhvcioff.exe
11.13 02:11
Geek_se.exe
11.13 02:11
cred64.dll
11.13 02:11
svhost.exe
11.13 02:11
nb.exe
11.13 02:11
svcyr.exe
11.13 02:11
Ghost_1.5.11.5.exe
11.13 02:11
PowderGpl.exe
11.13 02:11
goodlabel%E6%89%93%E5%...

Latest News
11.14 02:11
보안기업 S2W 등 국내외 주요 IT기업...
11.14 02:11
한국치유농업협회, ‘2024 경기 반려식...
11.14 02:11
모니터랩, 제 12회 통합 애플리케이션 ...
11.14 02:11
2024년 전자문서산업 실태조사 공표예정...
11.14 02:11
펜타시큐리티, 두바이에서 중동 사이버보안...
11.14 02:11
금융보안원, 금융권 SW공급망 보안 자율...
11.14 02:11
IBM, 양자 컴퓨팅 성능 혁신…새로운 ...
11.14 02:11
“2025년, 사이버 공격과 보안 부문에...
11.14 02:11
Singapore Tech Firm Ci...
11.14 01:11
루미온트러스트, 넥스트에라 에너지와 친환...

Dropped Files | ZeroBOX

Name	372fab9c99ed0ae9_unverified-microdesc-consensus Submit file
Filepath	C:\Users\test22\AppData\Roaming\tor\unverified-microdesc-consensus
Size	2.6MB
Processes	2712 (bsso_tor.exe)
Type	ASCII text, with very long lines
MD5	`fddeba3a207482728b0ed7d9a918f517`
SHA1	`f11dd724509aeb1f5e687f66f0a8a1de0b82bd02`
SHA256	`372fab9c99ed0ae928502150ec6151eaa71ebf47a9b0095862e54a6ac6925c58`
CRC32	`62ADD880`
ssdeep	`12288:NYc/sslNJV/EMdcGeOpx+3Za4mEp/OEvgh7nsHzOZNgAeArq6htM8xjY+:NxV/EMXeRbmhTeOZQArPXB3`
Yara	ftp_command - ftp command
VirusTotal	Search for analysis

Name	66fd723d0dd21980_bsso_tor.exe Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\bsso_tor.exe
Size	8.6MB
Processes	2544 (bsso_launcher_v1.exe)
Type	PE32+ executable (console) x86-64, for MS Windows
MD5	`a46913ab31875cf8152c96bd25027b4d`
SHA1	`99e9c857a9bcca65e727773b40595478c38e7a75`
SHA256	`66fd723d0dd219807c6d7dcc331e25c8d05adccf4a66312928fbe1d0e45670ed`
CRC32	`83776D40`
ssdeep	`98304:xYcX2PvalI7xrCjSD+l+t2xBc1gthqwJalXr/JCZv:pGPiu8io21gt4/M`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsPE64 - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	c06b74e4dd1e6655_cached-certs Submit file
Filepath	c:\users\test22\appdata\roaming\tor\cached-certs
Size	20.4KB
Processes	2712 (bsso_tor.exe)
Type	ASCII text, with CRLF line terminators
MD5	`96a0946c3e697404b92e8bbfd387b702`
SHA1	`9030bd8273ebc7346800b96848229779c3fef276`
SHA256	`c06b74e4dd1e665518b5924c57e0c2abb0828e52748aedb4633850652bc7522e`
CRC32	`E0D2A970`
ssdeep	`384:jd24VdzVH591hFsNluM4VVW8o11h2+XN1thO4nVNy1h8Lf/40VVq1h8PXt2h4YVY:R26ZJQlLY88KK+XHjOmTyuHJiO96xyhv`
Yara	None matched
VirusTotal	Search for analysis

Name	47555923ee416e95_state Submit file
Filepath	c:\users\test22\appdata\roaming\tor\state
Size	3.4KB
Processes	2712 (bsso_tor.exe)
Type	ASCII text, with CRLF line terminators
MD5	`119eca9b97160bc17764fa84e67b417e`
SHA1	`498063b6a232de01d56ab6cdaf854037d29a6dc3`
SHA256	`47555923ee416e954c3baede4b1836db22e9618d25c3acb992f04cdda8980a5d`
CRC32	`1670E011`
ssdeep	`48:c4KNMh6Yey597v+8mGIpchQAW69tdk+10TRskdiezI:vKNE6qbm8mVpKQGteISLdie0`
Yara	None matched
VirusTotal	Search for analysis

Name	4f00589f97ac4738_state Submit file
Filepath	C:\Users\test22\AppData\Roaming\tor\state
Size	3.4KB
Processes	2712 (bsso_tor.exe)
Type	ASCII text, with CRLF line terminators
MD5	`1a2ade143db75f42d83247df5226a578`
SHA1	`93fccb7d384cf5edcd3f18038c7c6e47f6054eda`
SHA256	`4f00589f97ac473826917752204b75c2122cfb5d99fc6dcb0519ceccbe0f56f9`
CRC32	`2419C7F7`
ssdeep	`48:cJsNMh6Yey597v+8mGIpchQAW69tdk+10TRskdiaI:+sNE6qbm8mVpKQGteISLdil`
Yara	None matched
VirusTotal	Search for analysis

Name	b857700598e41e8a_state Submit file
Filepath	C:\Users\test22\AppData\Roaming\tor\state
Size	233.0B
Processes	2712 (bsso_tor.exe)
Type	ASCII text, with CRLF line terminators
MD5	`99603c532e123e42d902039fbca48b26`
SHA1	`a4a81f01b92e547f3625cdab9328632ad647695d`
SHA256	`b857700598e41e8af89e686e58ccb03b09b0cfe86b389a89ba08f2d69a33e1aa`
CRC32	`4B3F0DD3`
ssdeep	`6:SbdWwxXXjznXr87+QVe2vwR/Ep5fM8guQkIn:bwxXXjzXr87HVBvwNCSnkI`
Yara	None matched
VirusTotal	Search for analysis

Name	2c8a83d69132e04f_cached-microdescs.new Submit file
Filepath	C:\Users\test22\AppData\Roaming\tor\cached-microdescs.new
Size	1014.1KB
Processes	2712 (bsso_tor.exe)
Type	ASCII text, with very long lines
MD5	`fa2797d853db01835739e6ef61dfd890`
SHA1	`fdb7f90b91bf062c4f55ffb1c83fc02eee0598df`
SHA256	`2c8a83d69132e04f77eefefe9904c12aebbeaa160d03f21d2377279b92d7e95a`
CRC32	`3AC94AF0`
ssdeep	`12288:TRLhpUnXcxoOKs+au0jhnQc9Xf7b6JzwgYutIi87iP:TRP2aiFc9AsjiKiP`
Yara	None matched
VirusTotal	Search for analysis

Name	2495eaeef00ba858_cached-certs Submit file
Filepath	C:\Users\test22\AppData\Roaming\tor\cached-certs
Size	18.1KB
Processes	2712 (bsso_tor.exe)
Type	ASCII text, with CRLF line terminators
MD5	`7462916775049d2f18dd7959c9cdbf94`
SHA1	`abb2c610afb28c05ab1cf076d47c26ba016b7500`
SHA256	`2495eaeef00ba858faeb01f1c332acf0d26f9d277a5cc1c2afcdae57d095aa10`
CRC32	`D5B73F23`
ssdeep	`384:jd24VdzVH591hFsNluM4VVW8o11h2+XN1thO4nVNy1h8Lf/40VVq1h8PXt2h4YVO:R26ZJQlLY88KK+XHjOmTyuHJiO96xyhN`
Yara	None matched
VirusTotal	Search for analysis