Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
09.20 01:09
setup.exe
09.20 11:09
3uTools.exe
09.20 11:09
66ecb4573225b_vsbhfdg1...
09.20 10:09
66ecb452ba19c_sfbdsgfd...
09.20 10:09
66ecb44c35444_vfdhsgdf...
09.20 10:09
66ec0e61998bf_setup30.exe
09.20 10:09
66ebf725efe38_lyla.exe
09.20 10:09
Desktop_Explorer.exe
09.20 10:09
66ec3528901bb_winupdat...
09.20 10:09
Inquiry-Dubai.js

Latest News
09.20 01:09
[PASCON 2024-영상] 카스퍼스키...
09.20 01:09
2024-09-19 UNC1860 Ira...
09.20 01:09
Nvidia Teams Up With A...
09.20 12:09
[PASCON 2024-영상] 펜타린크 ...
09.20 11:09
ISC Stormcast For Frid...
09.20 11:09
2024-09-18 SAMBASPY Ja...
09.20 11:09
구립신내노인종합복지관, 지역사회와 함께 ...
09.20 11:09
자동차 부품 제조업체 쉽딱, '트리플X2...
09.20 11:09
[PASCON 2024-영상] 라온시큐어...
09.20 11:09
2024 SAO Contest: The ...

Dropped Files | ZeroBOX

Name	2007c7fcc307b2d2_kfmeq7y2qnuxg7cjhoe0mf5q.bat Submit file
Filepath	C:\Users\test22\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\KFmeQ7Y2qNuXg7CJhoe0Mf5q.bat
Size	70.0B
Processes	1880 (file1.exe)
Type	ASCII text, with no line terminators
MD5	`c069589420f57d724205cd84f6ce3648`
SHA1	`bad60a99468d4f821c4d9552fc9b79ff92f20cfe`
SHA256	`2007c7fcc307b2d2f48e312344bff225071e3991895591ace0b1afc60e90fbe4`
CRC32	`2E68C363`
ssdeep	`3:Ljn9m1mWxpcL4E2J5TTyXtIC1WGVI4Aln:fE1mQpcLJ23fE6aWNl`
Yara	None matched
VirusTotal	Search for analysis

Name	d6431d5645fffd05_d93f411851d7c929.customdestinations-ms Submit file
Filepath	c:\users\test22\appdata\roaming\microsoft\windows\recent\customdestinations\d93f411851d7c929.customdestinations-ms
Size	7.8KB
Processes	1596 (powershell.exe)
Type	data
MD5	`260d23ce04a8f8555a73b7d2dc15e911`
SHA1	`ebad746fb7de847c50f7502a44f6e35534733efd`
SHA256	`d6431d5645fffd05a23166d630253bc7ce8c099cf6e9c956f8ae5e1249ee8588`
CRC32	`11D6B213`
ssdeep	`96:ctuCeGCPDXBqvsqvJCwo5tuCeGCPDXBqvsEHyqvJCworSP7Hwxf2lUVul:ctvXo5tvbHnorrxQ`
Yara	Antivirus - Contains references to security software Generic_Malware_Zero - Generic Malware
VirusTotal	Search for analysis

Name	8836e73612d80454_acfyonjqgqhfmgmkng1gznmy.exe Submit file
Filepath	C:\Users\test22\Pictures\acFYONjqGQhfMgmKNG1gZnmY.exe
Size	6.3MB
Processes	1880 (file1.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`955c1faa329961a1ead617b827b9384a`
SHA1	`937192618e5bbd7b744542a8294a5dbcbd862213`
SHA256	`8836e73612d8045462d1e1a92015253a0b7de5f9e72fb35dbd19a81bd8378ce5`
CRC32	`9C734C50`
ssdeep	`98304:kvb7c9S2UwHlpIQjSm2goWu8yIE/MOgSr0nH:I7c9S2zjSm2gdu8APnr0nH`
Yara	Admin_Tool_IN_Zero - Admin Tool Sysinternals PE_Header_Zero - PE File Signature IsPE32 - (no description) Generic_Malware_Zero - Generic Malware UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	fc1a2079bbd524ef_z7sqttpo7jhmcmdp0blbc6qe.exe Submit file
Filepath	C:\Users\test22\Pictures\z7sqTTpo7jhmcMDp0blbc6Qe.exe
Size	259.5KB
Processes	1880 (file1.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`18d60687a723c53a927f5120cbadc853`
SHA1	`37596c4951b5f5d6824c413d6ab9286693da63e7`
SHA256	`fc1a2079bbd524ef9dd9a1fbb7b2e6a4eac6fcae45642fc434edbd52e7ff5d22`
CRC32	`E3302785`
ssdeep	`3072:qfBegL3oBUivit+THvPqOpjypqNIXU9M5JlN+LkNoMHGcAM4HGcAMPPe:0t+73Xt6EQSkNoMmcAM4mcAM`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsPE32 - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	c34be1a480ca2474_vgdyfc1vcbsqmc2ssnuc62y1.exe Submit file
Filepath	C:\Users\test22\Pictures\vgdyfc1VcBsqmc2SsNuc62Y1.exe
Size	1.7MB
Processes	1880 (file1.exe)
Type	PE32+ executable (GUI) x86-64, for MS Windows
MD5	`bdc539c6056ca1e6f6f0427f44591b1a`
SHA1	`21782cb7b77d566593168e091c91fc87394e592f`
SHA256	`c34be1a480ca2474118cbe10b626bd006896e79ad99b5e2a90a5d2db09f78a49`
CRC32	`C0D2CA6F`
ssdeep	`49152:k1hZXvtRv/rMkht4ByZWfCd+NWdpxt4/O5vU:ehB7/3t4ByB6WjH8OC`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsPE64 - (no description) Generic_Malware_Zero - Generic Malware UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	6c3dd31fc921a7bd_keygen.bat Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\RarSFX0\keygen.bat
Size	37.0B
Processes	2640 (vgdyfc1VcBsqmc2SsNuc62Y1.exe)
Type	DOS batch file, ASCII text, with CRLF line terminators
MD5	`23369d98b7922f616bca2dabac2dc5a1`
SHA1	`e447be14dc89bfc46e74e5e14092008c83cd1b12`
SHA256	`6c3dd31fc921a7bd419f26cf2ab2a3fb2dc4cce52731d2420b3856dcf74cec1b`
CRC32	`6C39D029`
ssdeep	`3:mKDDFRKvzWRwVLy:h6z1VLy`
Yara	None matched
VirusTotal	Search for analysis

Name	49ca040e502a4517_aogsi6aihrweckm36ype6wq7.bat Submit file
Filepath	C:\Users\test22\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AOgSI6AiHrwEcKm36yPe6WQ7.bat
Size	70.0B
Processes	1880 (file1.exe)
Type	ASCII text, with no line terminators
MD5	`76dbbd4991042affbc0ab19fc5ab3830`
SHA1	`936623ed363334dfd2d3e4e4c58f60e218020e13`
SHA256	`49ca040e502a4517faa647034591c03410c11e467bd3d820164d8e973c084b22`
CRC32	`C50769EA`
ssdeep	`3:Ljn9m1mWxpcL4E2J5RqgUjhXmP9L:fE1mQpcLJ23hwhWPR`
Yara	None matched
VirusTotal	Search for analysis

Name	01ea90bc52a4211e_4ros4juapsw2ks71cb0ofjym.bat Submit file
Filepath	C:\Users\test22\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\4Ros4JuAPsw2Ks71Cb0ofjym.bat
Size	70.0B
Processes	1880 (file1.exe)
Type	ASCII text, with no line terminators
MD5	`bde8162a144be940c0fe64f765546655`
SHA1	`b04891e4c4f923930042cb1f4995a525f44d569c`
SHA256	`01ea90bc52a4211e5b1b01a740e3085a084fbf6d1767d791591b5ca1c0154088`
CRC32	`C43D411F`
ssdeep	`3:Ljn9m1mWxpcL4E2J5NXcOhmzqVV4iF:fE1mQpcLJ23FdEuVv`
Yara	None matched
VirusTotal	Search for analysis

Name	c47442640a071b57_by1wxv8eleobwnctpr7kl9vv.exe Submit file
Filepath	C:\Users\test22\Pictures\bY1WXV8eleObWNCtpR7Kl9vV.exe
Size	7.2MB
Processes	1880 (file1.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`45a96ed03c6c80865fd53dc008908681`
SHA1	`15dc6b43feb9bcb296d38bdcf06698c260653424`
SHA256	`c47442640a071b5773ab99145e78a968a83a6ed5e57486f56264e2b3910a35d9`
CRC32	`7A57D45A`
ssdeep	`196608:91OMtG0a05Awtm5DqENycC+zeapzRHVEZ/TL3Vdfr2mQZSMROqKAx:3OMtGZw+wpGzRH2/fSmgpRL`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsPE32 - (no description)
VirusTotal	Search for analysis

Name	59b99afc03bf4f57_ctmgnzqw0rxprs4h71wqdxsn.bat Submit file
Filepath	C:\Users\test22\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CTmGnZQw0rXprS4H71WQdxSN.bat
Size	70.0B
Processes	1880 (file1.exe)
Type	ASCII text, with no line terminators
MD5	`5a73aeee84190abd5f874436170fdd8c`
SHA1	`19667b7891489633a52f2160c55b2a973b1511b0`
SHA256	`59b99afc03bf4f57463f0b8b3aab237eff7c9107362b352131873552bad99f4f`
CRC32	`79377BCB`
ssdeep	`3:Ljn9m1mWxpcL4E2J5kC0cvQdBh0VU0dAHF:fE1mQpcLJ23k/dBaQ`
Yara	None matched
VirusTotal	Search for analysis

Name	a85378e7f3bdada7_keygen-step-2.cpl Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\RarSFX0\keygen-step-2.cpl
Size	1.5MB
Processes	2640 (vgdyfc1VcBsqmc2SsNuc62Y1.exe)
Type	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5	`12cae571e64492458fb8c8bad13a6625`
SHA1	`e1674fd9bbaff6681475dfc5814512411cf187b6`
SHA256	`a85378e7f3bdada770384764dd20aead8a6ec634a9316f8c81f3ce5e5587a100`
CRC32	`A5AA6872`
ssdeep	`24576:oJ0NS+hWr1IFXTZOT2xvJCVro7Aq+IKYF0X/xuJE2zGSCOv3gYpdS3ciMCGd:Cr1Ip9x4Vk7/+IKNX/caFrtYpd4cC`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE32 - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	e3b0c44298fc1c14___tmp_rar_sfx_access_check_2570328 Empty file or file not found
Filepath	C:\Users\test22\AppData\Local\Temp\RarSFX0\__tmp_rar_sfx_access_check_2570328
Size	0.0B
Type	empty
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
CRC32	`00000000`
ssdeep	`3::`
Yara	None matched
VirusTotal	Search for analysis