Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
09.21 02:09
l6E.exe
09.20 01:09
setup.exe
09.20 11:09
3uTools.exe
09.20 11:09
66ecb4573225b_vsbhfdg1...
09.20 10:09
66ecb452ba19c_sfbdsgfd...
09.20 10:09
66ecb44c35444_vfdhsgdf...
09.20 10:09
66ec0e61998bf_setup30.exe
09.20 10:09
66ebf725efe38_lyla.exe
09.20 10:09
Desktop_Explorer.exe
09.20 10:09
66ec3528901bb_winupdat...

Latest News
09.21 05:09
Raspberry Pi RP2350-E9...
09.21 05:09
Apple's iPhone Hits St...
09.21 05:09
Intel Gains on Report ...
09.21 05:09
ION Reprices Leveraged...
09.21 05:09
Microsoft bringt Windo...
09.21 05:09
Falsche Buchungen in M...
09.21 05:09
Auf diesem Twitter-Klo...
09.21 04:09
OIG audit calls for mo...
09.21 04:09
How Google Allegedly M...
09.21 04:09
Metasploit Weekly Wrap...

Dropped Files | ZeroBOX

Name	98327f66c10c09ce_bras Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Bras
Size	62.0KB
Processes	2640 (66b11f4cc8fbf_MarriageWriters.exe)
Type	data
MD5	`9c4f43801cd72208d5421f2a613edab6`
SHA1	`385b18c702514387962c78b20b39f53e4a037243`
SHA256	`98327f66c10c09ceb834cf8e83cf9b260e711392db808426afa62904c2bb0220`
CRC32	`F09DF51A`
ssdeep	`1536:ptFoMVSa4fgat8GJApHgcd747qK6joBnS+SiLKHD8hKOn:GTPfgatCpH57vKHSD08On`
Yara	None matched
VirusTotal	Search for analysis

Name	19a8584e0f1d5a0e_character Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Character
Size	64.0KB
Processes	2640 (66b11f4cc8fbf_MarriageWriters.exe)
Type	data
MD5	`f2b37af9a75262e1e08c4c7cc1af7af6`
SHA1	`078d8982ef0cc9745727961c010b46a75fcc5a02`
SHA256	`19a8584e0f1d5a0e04704ae931dcc054bac30d566322a665fdda39e78e0a77fa`
CRC32	`BDADAC6C`
ssdeep	`1536:wf8aDyw/W9feU4ZnBUAGSrdWUSKMDsNYEMux3GMctYUZ:wf8aDyY1UOSbKRNYEfx3Gfx`
Yara	None matched
VirusTotal	Search for analysis

Name	8487a3865cde5f27_o Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\717137\O
Size	290.4KB
Processes	2108 (cmd.exe)
Type	data
MD5	`40748f11976d501d1192eb7efb60c10c`
SHA1	`1d585665fd529f2c7558868e3700387a7fa4f59c`
SHA256	`8487a3865cde5f27ccc6b05412cb79989099d7e5d698b6bde1b91495f2cb8f41`
CRC32	`3BBFC27A`
ssdeep	`6144:Xb01bqdaOHeMfwY1U7KDYEJhc5WqO3CcxHBJISY6lvGwpLE7:Xb01+d5j/DYgu7ACcxnIaluwpLE7`
Yara	None matched
VirusTotal	Search for analysis

Name	fdbeeca20a30f6f4_mix Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Mix
Size	89.4KB
Processes	2640 (66b11f4cc8fbf_MarriageWriters.exe)
Type	data
MD5	`999b22fa0128fc8cec38e56dee842c4b`
SHA1	`44d186538dbb5533d681fd083030fb7d4d131643`
SHA256	`fdbeeca20a30f6f4c1c655a08e79825b6b78dbac246d8a9705a507fe910596f4`
CRC32	`2B205654`
ssdeep	`1536:EjmcEQYYMlQrg0jKHfTFfHpIpIY8Ks6Z8kIiK9tgM/mmDgBAnO0KxwfwmrZMI/7o:E2PlQcxHbtJIpIYbmRVBvGAOJMwmrH4r`
Yara	None matched
VirusTotal	Search for analysis

Name	c8b562cfa423e831_chancellor Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Chancellor
Size	551.0B
Processes	2640 (66b11f4cc8fbf_MarriageWriters.exe)
Type	data
MD5	`2b0f88c8108e8cf8d09d1ccfa97db324`
SHA1	`cd7a4f23bc1038af5a5e1a6407003f673dae7cf7`
SHA256	`c8b562cfa423e831710d32fc0daf32211f5c79fd8caa975915b7f1329e962bd4`
CRC32	`A779F153`
ssdeep	`12:lgJyGSGCbTQxbs/0pQHPZdZELq6h1p5zGbW:4yGSnPQxqtP5ELqCB8W`
Yara	None matched
VirusTotal	Search for analysis

Name	e15a204ea33ebd67_evolution Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Evolution
Size	75.0KB
Processes	2640 (66b11f4cc8fbf_MarriageWriters.exe)
Type	data
MD5	`91ac9227ba743f952806aee85fb86b19`
SHA1	`cd9b72dd79b489931f9930c7ee18b3ecc8f1ab2c`
SHA256	`e15a204ea33ebd673c29b1b4ea744669f0f159d2758c08aa5ac642614d97674d`
CRC32	`B87A56C7`
ssdeep	`1536:/4+egzOWM0sehp92n+aBddxiGtKYhHfZqf0eBbeFvGeueb:/4MSP4b2n1dxiGThqfzBavGHeb`
Yara	None matched
VirusTotal	Search for analysis

Name	3b89d1e52fcb7008_outstanding Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Outstanding
Size	872.2KB
Processes	2640 (66b11f4cc8fbf_MarriageWriters.exe)
Type	data
MD5	`448070a120bd50e7aa879ac644849fb4`
SHA1	`4df57461cf1bc263a3e87d20dcd751ed526d1c4f`
SHA256	`3b89d1e52fcb70088a72b4417afc88e59e9e7df4914d08bb7d27543212409c24`
CRC32	`675489E5`
ssdeep	`12288:bpVWeOV7GtINsegA/hMyyzlcqikvAfcN9b2MyZa31twoPTdFxgawV2M01:bT3E53Myyzl0hMf1tr7Caw8M01`
Yara	Malicious_Library_Zero - Malicious_Library Generic_Malware_Zero - Generic Malware OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	237d1bca6e056df5_cm.pif Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\717137\Cm.pif
Size	872.7KB
Processes	2752 (cmd.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`c56b5f0201a3b3de53e561fe76912bfd`
SHA1	`2a4062e10a5de813f5688221dbeb3f3ff33eb417`
SHA256	`237d1bca6e056df5bb16a1216a434634109478f882d3b1d58344c801d184f95d`
CRC32	`76090EE7`
ssdeep	`12288:6pVWeOV7GtINsegA/hMyyzlcqikvAfcN9b2MyZa31twoPTdFxgawV2M01:6T3E53Myyzl0hMf1tr7Caw8M01`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsPE32 - (no description) UPX_Zero - UPX packed file Generic_Malware_Zero - Generic Malware OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	3b817c5fb981c13b_albums.cmd Submit file
Filepath	c:\users\test22\appdata\local\temp\albums.cmd
Size	23.8KB
Processes	2640 (66b11f4cc8fbf_MarriageWriters.exe) 2752 (cmd.exe)
Type	ASCII text, with very long lines, with CRLF line terminators
MD5	`dc2c5ddc2de4b69a06d6adae0310058d`
SHA1	`11de97b253dec15d8c75d84456950447c07bbc7d`
SHA256	`3b817c5fb981c13b81f1f0ededd4279928de08b86142e2018848ea4d9e11e461`
CRC32	`C51D29D0`
ssdeep	`384:wsI7KxmuZ3H//YduxklB60I4k1Aqt2Pfu5+fmLdpaR8wkehIwMRkehI3Op/+Z:wspUu5/BklB6r4k1J8Pfu5+fmLnaewkS`
Yara	None matched
VirusTotal	Search for analysis

Name	e3b0c44298fc1c14_nslF627.tmp Empty file or file not found
Filepath	C:\Users\test22\AppData\Local\Temp\nslF627.tmp
Size	0.0B
Type	empty
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
CRC32	`00000000`
ssdeep	`3::`
Yara	None matched
VirusTotal	Search for analysis