Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
05.03 02:05
android.pcap.out
05.03 01:05
Kula A . protokół paźd...
05.03 01:05
Kula A.- protokól kwie...
05.03 01:05
vt_setup.msi
05.03 01:05
Chmod Suspicious Direc...
05.03 01:05
奇安信情报沙箱.html
05.03 12:05
Download Microsoft Edg...
05.02 09:05
Portal Orzeczeń Sądu R...
05.02 09:05
Portal Orzeczeń Sądu R...
05.02 05:05
dd.exe

Latest News
05.03 06:05
The Double-Edged Sword...
05.03 06:05
Amazon, CrowdStrike, G...
05.03 05:05
Tariffs Weigh on Big T...
05.03 05:05
Raytheon settles with ...
05.03 05:05
Mike Waltz Has Somehow...
05.03 05:05
Smart Speaker Gets Bra...
05.03 04:05
US Presses for Google ...
05.03 04:05
Venom Spider Uses Serv...
05.03 04:05
Tiny Logistics Firm’s ...
05.03 03:05
3D Printed Spirograph ...

Dropped Files | ZeroBOX

Name	6d67335c5beedeb1_exceed.bat Submit file
Filepath	c:\users\test22\appdata\local\temp\exceed.bat
Size	21.5KB
Processes	2556 (66e5f96b41510_GageEpa.exe#111us) 2660 (cmd.exe)
Type	ASCII text, with very long lines, with CRLF line terminators
MD5	`a15fb1f2fc25e382bc35a75af320c8d5`
SHA1	`db156f523e11d63ff07dd3a9d22ec6d81279d3ad`
SHA256	`6d67335c5beedeb1e53bc414f76ca3c2a811af1f920e2145d3f2ed04a892cedf`
CRC32	`981A7CC7`
ssdeep	`384:AoJKjyAsKq36os18o9yENmG0e10HUOnrF5CBPzemGrCUgHxldGm8SKux:XuyGmrEQxFr3C7egXqS`
Yara	None matched
VirusTotal	Search for analysis

Name	1486b6bf45f4c7d1_grounds Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Grounds
Size	54.6KB
Processes	2556 (66e5f96b41510_GageEpa.exe#111us)
Type	data
MD5	`d8ff8ec0bf3e6d6adeced27764d7524c`
SHA1	`854859ab59e75a7b79e4b07a8c19e8bd93523676`
SHA256	`1486b6bf45f4c7d178c3d15dff7654be7bc56dc873754790bc33a40741f4980d`
CRC32	`4879F6AC`
ssdeep	`1536:hl12cMLgJnKFLCKrhx1CU5Be4/ac21Pk6MC5VsZrqK:hScMMF4DnkU5Be4/ab1PN8ZB`
Yara	None matched
VirusTotal	Search for analysis

Name	a50ad1d8d7dea9fe_oe Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Oe
Size	2.8KB
Processes	2556 (66e5f96b41510_GageEpa.exe#111us)
Type	data
MD5	`7a940180248437b3b48a7d50940ea91e`
SHA1	`dfc3091d7384844294f7ce6d6d798f84b703c54b`
SHA256	`a50ad1d8d7dea9fe80b3cfa1788af14570ea4488d4f142f5131e8d49f54db811`
CRC32	`287E20A6`
ssdeep	`48:zn4xqtUzrCrt+ikNv9mJHWxPrhBlA1FygzqyIsJj/G09CAi6R7uk1IhGyTa90:ExgUzr4tgOwVAfBzDICS09CAi6R7u+ID`
Yara	None matched
VirusTotal	Search for analysis

Name	f69928281be28923_plymouth Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Plymouth
Size	56.0KB
Processes	2556 (66e5f96b41510_GageEpa.exe#111us)
Type	data
MD5	`e371a4eed9e3fc4738cd2332743a6b48`
SHA1	`a942b830b65a494e502deb6af48abfe88e53373e`
SHA256	`f69928281be28923e2052bac547c37a8986286386bc10dc2143e58617ef2920b`
CRC32	`4CE806E6`
ssdeep	`1536:lKh0ZC/psi75tkHOOdtW8mwBzqA+Ha7mLfOCit/cdoHsqSt:lm0ZC/jkuKAwm6arocKW`
Yara	None matched
VirusTotal	Search for analysis

Name	97d902027afb78a8_containers Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Containers
Size	66.0KB
Processes	2556 (66e5f96b41510_GageEpa.exe#111us)
Type	data
MD5	`cd91ed2dd284782805c99d3d9392d070`
SHA1	`96a99373350320ed71b102b052279c3d99b1e5fe`
SHA256	`97d902027afb78a80eda022c942f7810fcfbe69e2107873c4a68cc3ecfef03d9`
CRC32	`66D188C1`
ssdeep	`1536:2Xbt+UsNvFQDq0RvjU6D03TV1ryGVVavex0MlgL6UXhneapji5QmYaYsf:2XhZ4uDq0R46YJZyGbavDsghnJjEY2f`
Yara	None matched
VirusTotal	Search for analysis

Name	fbdcdcee83ace5e2_checks Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Checks
Size	85.0KB
Processes	2556 (66e5f96b41510_GageEpa.exe#111us)
Type	data
MD5	`494475eb511eef17b5e3a0677e8d9d40`
SHA1	`8e6c081692cd942744c52421695a5e62b5572d27`
SHA256	`fbdcdcee83ace5e22451eba67f33daf3c996e254363f6e675b9b2ce19c43fb33`
CRC32	`14C7BE94`
ssdeep	`1536:zZOY5zcJkBvINj5wIJLW3dDK2oEuNzOE5Fqm2EKKKmDQ33lA1X:kY5QqxINNzJLqdrouWFqmN3h833lAV`
Yara	None matched
VirusTotal	Search for analysis

Name	8add0b38828c1d98_dept Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Dept
Size	97.0KB
Processes	2556 (66e5f96b41510_GageEpa.exe#111us)
Type	data
MD5	`ba8c8e0ac31ab41e7bf4c1bf876447a7`
SHA1	`bd4cecfc670bcb48649d0ef6699890ac9b87d843`
SHA256	`8add0b38828c1d98c42edc11ff90de9897f6d5bf336418bff10101ba85d65f87`
CRC32	`508FB4C5`
ssdeep	`1536:N8KM/zirGPTp6lDK1lg0+Da69T1Jan6JpHpFoLJA1gKMAwhvBfjdZbYZwkZbMmqX:NCuAp6E1lDmJ9TCcHpFN7M/h9qzZoD`
Yara	None matched
VirusTotal	Search for analysis

Name	e3b0c44298fc1c14_nseF01C.tmp Empty file or file not found
Filepath	C:\Users\test22\AppData\Local\Temp\nseF01C.tmp
Size	0.0B
Type	empty
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
CRC32	`00000000`
ssdeep	`3::`
Yara	None matched
VirusTotal	Search for analysis

Name	d8b7c7178fbadbf1_playboy.pif Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\758927\Playboy.pif
Size	872.7KB
Processes	2660 (cmd.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`18ce19b57f43ce0a5af149c96aecc685`
SHA1	`1bd5ca29fc35fc8ac346f23b155337c5b28bbc36`
SHA256	`d8b7c7178fbadbf169294e4f29dce582f89a5cf372e9da9215aa082330dc12fd`
CRC32	`388D364B`
ssdeep	`12288:WpV0etV7qtINsegA/rMyyzlcqakvAfcN9b2MyZa31tqoPTdFbgawV2501:WTxz1JMyyzlohMf1tN70aw8501`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsPE32 - (no description) Generic_Malware_Zero - Generic Malware UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	6d9736e0d27580cf_p Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\758927\p
Size	569.6KB
Processes	1120 (cmd.exe)
Type	data
MD5	`83afc888b04243510b45c81be0aca90b`
SHA1	`24307ecbf84dbeb6ba0a1d444f4728bbbc3ddee4`
SHA256	`6d9736e0d27580cf23ca2dde04e7ad37e81f3784ab62055ec9e99111dea31dc4`
CRC32	`F193A6D4`
ssdeep	`12288:uXiBz4QUFoV5UQpEzmThThmKULO37rgISNt+Cu4ItDkx4aEB:uXiBz4pKV5U+ymtM7LO37svS7NS4ao`
Yara	None matched
VirusTotal	Search for analysis

Name	b5452a3ec7cd068f_leu Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Leu
Size	869.9KB
Processes	2556 (66e5f96b41510_GageEpa.exe#111us)
Type	data
MD5	`9ba9a85629b0428b7c45b5a0f89c06d6`
SHA1	`b401b4cc2461fc49144ab3883e0bbcf54bc8d5e7`
SHA256	`b5452a3ec7cd068fc89f74f39180c6f60177a7aaab21d80c2d749cd787f29ca3`
CRC32	`FCA6F4AB`
ssdeep	`12288:lpV0etV7qtINsegA/rMyyzlcqakvAfcN9b2MyZa31tqoPTdFbgawV2501:lTxz1JMyyzlohMf1tN70aw8501`
Yara	Malicious_Library_Zero - Malicious_Library Generic_Malware_Zero - Generic Malware OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	db07c2a20a33ac2f_algorithm Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Algorithm
Size	84.0KB
Processes	2556 (66e5f96b41510_GageEpa.exe#111us)
Type	data
MD5	`139313e3e17639000484574c5b868583`
SHA1	`3bd610784217d674a47d9ecfea8212732a27f680`
SHA256	`db07c2a20a33ac2fb5db98528bf254fe27de25cb57886183b945e687757c5fdf`
CRC32	`572BB5D4`
ssdeep	`1536:lZZQOyLoX+GFONadswhwF5/ZsTp8CYaVOKGbk5Bw6QqFhVpt5Emqo5kdhSqbWYsh:lLwGFOkIF5/9jaykL9bzrEmdkdhJbLQx`
Yara	None matched
VirusTotal	Search for analysis

Name	437694e2a7677cfd_cal Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Cal
Size	51.0KB
Processes	2556 (66e5f96b41510_GageEpa.exe#111us)
Type	data
MD5	`4d5b3e82ce74ba3e1dbe07e948dccfd7`
SHA1	`1ef8a20e6d1091e5022578a274775c5cfbbc9687`
SHA256	`437694e2a7677cfd3bb7b58bcc3c9953da52422faf7aeae1c124403c9fe40d0f`
CRC32	`AE83AA03`
ssdeep	`768:OueMI0WeWmHdh7/qHzAGMlUnRJuX8H3W/lADqpS83cQvLP0BCTn0f5/UhQbXB:jI0Wn+H/s2l+uX8HycUKAhQTB`
Yara	None matched
VirusTotal	Search for analysis

Name	6d3e4f61e4bb756e_filled Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Filled
Size	76.0KB
Processes	2556 (66e5f96b41510_GageEpa.exe#111us)
Type	data
MD5	`6734f9d63c2a86c37009889239ea9645`
SHA1	`382e96c0763a1b303ebbb486d098b02eb33e3693`
SHA256	`6d3e4f61e4bb756ef58c8d87628339c44f7b1ee667397ce2212bde29c434bcae`
CRC32	`C9B2C5FC`
ssdeep	`1536:sU51MN/46ABB7lZwd5IQfQrwAop6GYpcmk0suq9uI6NCdLzYqKUvhz:bXMN/4RHaISp1Mcos79uvNGpKU1`
Yara	None matched
VirusTotal	Search for analysis