Dropped Files | ZeroBOX

Name	6b660666f031843a_한중 북중 안보현안 비공개 정책간담회 계획.lnk Submit file
Size	1.1MB
Type	MS Windows shortcut, Has Description string, Has command line arguments, Icon number=0, ctime=Sun Dec 31 15:32:08 1600, mtime=Sun Dec 31 15:32:08 1600, atime=Sun Dec 31 15:32:08 1600, length=0, window=hidenormalshowminimized
MD5	`32e828282dbe16073293dacc17f0598c`
SHA1	`5b9ade0255a0f49b7db9fa8bb390864155a7b4f2`
SHA256	`6b660666f031843a36225e791f6564983c2c8cabf85d2216f0617702a978c838`
CRC32	`6C011225`
ssdeep	`1536:LCNrr8wc73ExbcrAoHXnTKZva0CfkTYcIJex+155sB:LCNrr8wc73ExbcrAUnTKUfkiH54`
Yara	HWP_file_format - HWP Document File Microsoft_Office_File_Zero - Microsoft Office File lnk_file_format - Microsoft Windows Shortcut File Format Lnk_Format_Zero - LNK Format
VirusTotal	Search for analysis

Name	b7c225ef3cc3e875_d93f411851d7c929.customDestinations-ms~RF1818404.TMP Submit file
Filepath	C:\Users\test22\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d93f411851d7c929.customDestinations-ms~RF1818404.TMP
Size	7.8KB
Processes	2752 (powershell.exe) 2920 (powershell.exe)
Type	data
MD5	`81ca4510272caf505e8091e9a28cb716`
SHA1	`71414aeec9f1e4a6f5a461b01700cc9cc992cd9e`
SHA256	`b7c225ef3cc3e87506150eb140e7b9cc127a3469c50a808854acac71a53d98bf`
CRC32	`FC31E90F`
ssdeep	`96:EtuCcBGCPDXBqvsqvJCwoRtuCcBGCPDXBqvsEHyqvJCwor/47HwxGlUVul:EtCgXoRtCgbHnorLxY`
Yara	Antivirus - Contains references to security software Generic_Malware_Zero - Generic Malware
VirusTotal	Search for analysis

Name	32e739ea04e2afc0_한중 북중 안보현안 비공개 정책간담회 계획 Submit file
Size	52.0KB
Type	Hangul (Korean) Word Processor File 5.x
MD5	`724bf81c0a9adb3ffe6b03a21f7cab09`
SHA1	`bfcb7e6e5048c19020e26be236d70714e56c4048`
SHA256	`32e739ea04e2afc0f73d54f78f08cc3368867c036b00be21b6e58a0d1d466151`
CRC32	`DE93047F`
ssdeep	`768:7THX1IWmS9CwKlnvaBqCuu/K4ZgTgzcIrP9exvmX1/LxffBI4XF95s62l4wqIRxa:PHXnTKZva0CfkTYcIJex+155sI`
Yara	HWP_file_format - HWP Document File Microsoft_Office_File_Zero - Microsoft Office File
VirusTotal	Search for analysis