Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
09.20 01:09
setup.exe
09.20 11:09
3uTools.exe
09.20 11:09
66ecb4573225b_vsbhfdg1...
09.20 10:09
66ecb452ba19c_sfbdsgfd...
09.20 10:09
66ecb44c35444_vfdhsgdf...
09.20 10:09
66ec0e61998bf_setup30.exe
09.20 10:09
66ebf725efe38_lyla.exe
09.20 10:09
Desktop_Explorer.exe
09.20 10:09
66ec3528901bb_winupdat...
09.20 10:09
Inquiry-Dubai.js

Latest News
09.21 12:09
Middle East backdoored...
09.21 12:09
Updated CISA exploited...
09.21 12:09
Several orgs purported...
09.21 12:09
New CISA guidance seek...
09.21 12:09
Lumma Stealer deployed...
09.21 12:09
InfoSec World Intervie...
09.21 12:09
InfoSec World CRTV Liv...
09.21 12:09
FTC: Mass surveillance...
09.21 12:09
Disney reportedly ditc...
09.21 12:09
Dell claimed to be bre...

Dropped Files | ZeroBOX

Name	8ad11ae4f8b13d22_donor Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Donor
Size	88.8KB
Processes	2544 (66b7a4a075311_AsianAsp.exe)
Type	data
MD5	`f185387d3235de15d1fd07b1283dd053`
SHA1	`d8f692c6c47e47f3c32712f7f11f0edc55dbcbbb`
SHA256	`8ad11ae4f8b13d22497ca6d8f1514d30602617e23aeaab5c95ce71f27e25c979`
CRC32	`8D823E63`
ssdeep	`1536:e8o9ROyLqB5MKHbCZMaQVKk8vErppNyMCkSw1nMvbKAwcbFVsQW5Eo1nxG:e8oDYGKwMUk8Sv5S2MvbKA/bjs7EqA`
Yara	None matched
VirusTotal	Search for analysis

Name	656dfc5e9c9cd369_referral Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Referral
Size	93.0KB
Processes	2544 (66b7a4a075311_AsianAsp.exe)
Type	data
MD5	`6cbdbdc81fb9a0af9e9a6728e5514015`
SHA1	`7658dd06c295812d97e0ad8e0f935c62328628bc`
SHA256	`656dfc5e9c9cd369b2605f2265231676884864a0a6d297abe04d2d3ce5dd4719`
CRC32	`13AF9412`
ssdeep	`1536:wbUp59t4Ie9Tudtjvtj/uPZyMRlXvLjEi0Vh4AlEeYRe+5n+aKIJ/BetYo/OnNtM:wQpmi9Vj/WZFzj0hbYRD+bIDz1NK`
Yara	None matched
VirusTotal	Search for analysis

Name	237d1bca6e056df5_executives.pif Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\693331\Executives.pif
Size	872.7KB
Processes	2660 (cmd.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`c56b5f0201a3b3de53e561fe76912bfd`
SHA1	`2a4062e10a5de813f5688221dbeb3f3ff33eb417`
SHA256	`237d1bca6e056df5bb16a1216a434634109478f882d3b1d58344c801d184f95d`
CRC32	`76090EE7`
ssdeep	`12288:6pVWeOV7GtINsegA/hMyyzlcqikvAfcN9b2MyZa31twoPTdFxgawV2M01:6T3E53Myyzl0hMf1tr7Caw8M01`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsPE32 - (no description) UPX_Zero - UPX packed file Generic_Malware_Zero - Generic Malware OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	ea8d9a7f6d1dd5fb_everybody.cmd Submit file
Filepath	c:\users\test22\appdata\local\temp\everybody.cmd
Size	12.9KB
Processes	2544 (66b7a4a075311_AsianAsp.exe) 2660 (cmd.exe)
Type	ASCII text, with very long lines, with CRLF line terminators
MD5	`7ef4328176a5a16f9b26fc041119bb6e`
SHA1	`066642b9f540223dfb717e8eaba0abe8d5c66d03`
SHA256	`ea8d9a7f6d1dd5fb5bdac784675efed4f9933f878f7c93bbb38094b5deda7113`
CRC32	`2CB0FD8D`
ssdeep	`384:jm3ZA2Fz+FsZuf75BzwZe0xtAouWhAQhScIZppY08Z:jGAaiCu9BGPzhAj5Z/YvZ`
Yara	ftp_command - ftp command
VirusTotal	Search for analysis

Name	e3b0c44298fc1c14_nspF107.tmp Empty file or file not found
Filepath	C:\Users\test22\AppData\Local\Temp\nspF107.tmp
Size	0.0B
Type	empty
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
CRC32	`00000000`
ssdeep	`3::`
Yara	None matched
VirusTotal	Search for analysis

Name	d724e71fab240829_lt Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Lt
Size	64.0KB
Processes	2544 (66b7a4a075311_AsianAsp.exe)
Type	data
MD5	`f9efc27cebab21a71d325b4d6d998b1d`
SHA1	`aabedb41ef3dc168d0d2d436ff643ee8be1dd98f`
SHA256	`d724e71fab2408293436f7d9ac2c8a1c5ba7d5cb73b4cea953079879bb9bd2cb`
CRC32	`68F2613C`
ssdeep	`1536:oiQT8Cu7R5hwxdlRs4Sdj6cFlryDhbZ+SMSO:oiV5KPl64SN6mSRMSO`
Yara	None matched
VirusTotal	Search for analysis

Name	d9c7c76fae96bd5b_n Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\693331\N
Size	310.8KB
Processes	1120 (cmd.exe)
Type	data
MD5	`c76bfa3c5e5748f384ca956538ad3169`
SHA1	`1654ee24cf17cc50207285adb56ddc8755614988`
SHA256	`d9c7c76fae96bd5b7354aff35947c557b119339a5cbf780c7a71e7d38e0c01f2`
CRC32	`CB825C75`
ssdeep	`6144:BmiVj/qb9JDzDM4S41roWgKteBSmRUl8+AwMRvUVlw7Ev:UiVj49JDzD8yroWgKtegTlXABR8ffv`
Yara	None matched
VirusTotal	Search for analysis

Name	f15a4b1c729a967b_credit Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Credit
Size	597.0B
Processes	2544 (66b7a4a075311_AsianAsp.exe)
Type	data
MD5	`bd658f8b5e0b54b0367d373df40ac34a`
SHA1	`0d293579003d40d92efd00163ba2700fd99afee8`
SHA256	`f15a4b1c729a967b1f59614a1398a5fccd24386549c3a49a45268b9b4cfb2aa9`
CRC32	`93CC2D29`
ssdeep	`12:TbyGSGCbTQxbs/0pQHPZdZELq6h1p5zGbWCBl9E:TbyGSnPQxqtP5ELqCB8WCBl9E`
Yara	None matched
VirusTotal	Search for analysis

Name	ee3658c0d6b35de8_expanded Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Expanded
Size	65.0KB
Processes	2544 (66b7a4a075311_AsianAsp.exe)
Type	data
MD5	`a118e9d70f693994951a5ad6f3abad45`
SHA1	`4dd75406c2cf05e24e870e35f76e5090e4bfdf1e`
SHA256	`ee3658c0d6b35de8acad11f411bbd6ebdc6641a5f3241a0d69c9150fc75ec8ad`
CRC32	`40D8C9B4`
ssdeep	`1536:FO4u/4vFQCiqWeBz2mZTvBWabIr2DkZVl3N2:FO/gKCkeBSmHfpoZf8`
Yara	None matched
VirusTotal	Search for analysis

Name	f5b8bc8ca343ea6a_permits Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Permits
Size	872.1KB
Processes	2544 (66b7a4a075311_AsianAsp.exe)
Type	data
MD5	`84a4810865f0021d58c2cd4df4140b11`
SHA1	`4d47dc3f329c4f4ef9ba1d40283808311a444b42`
SHA256	`f5b8bc8ca343ea6a75006ac199c229214450474cc04dfcf823c50955b9da8667`
CRC32	`F2DA21EC`
ssdeep	`12288:tpVWeOV7GtINsegA/hMyyzlcqikvAfcN9b2MyZa31twoPTdFxgawV2M01:tT3E53Myyzl0hMf1tr7Caw8M01`
Yara	Malicious_Library_Zero - Malicious_Library Generic_Malware_Zero - Generic Malware OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis