Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
11.13 04:11
hello.exe
11.13 03:11
espsemhvcioff.exe
11.13 02:11
Geek_se.exe
11.13 02:11
cred64.dll
11.13 02:11
svhost.exe
11.13 02:11
nb.exe
11.13 02:11
svcyr.exe
11.13 02:11
Ghost_1.5.11.5.exe
11.13 02:11
PowderGpl.exe
11.13 02:11
goodlabel%E6%89%93%E5%...

Latest News
11.13 06:11
Critical RCE in Ivanti...
11.13 06:11
„Passwort“ Folge 18: L...
11.13 06:11
Axis Partnertag 2024: ...
11.13 06:11
Patchday Microsoft: In...
11.13 06:11
Citrix stopft Sicherhe...
11.13 06:11
Fault Injection – Down...
11.13 06:11
Intuition about Maxwel...
11.13 06:11
Tencent’s Revenue Clim...
11.13 06:11
Bumi Armada Is Said to...
11.13 05:11
시트릭스 버추얼 앱스 앤 데스크탑스 취약...

Dropped Files | ZeroBOX

Name	fdcfb94acca7a229_sequences Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Sequences
Size	52.0KB
Processes	2636 (66ed8059174df_ConsiderMilfs.exe)
Type	data
MD5	`42d99c39171ea35a6ecf889749965fd4`
SHA1	`1021a1ad9ecf4549d71b83cb0ee7bacc4469517d`
SHA256	`fdcfb94acca7a22919f6e2cb66e7290a336bdddb87525dc15f84e9ccfc048feb`
CRC32	`A5AD7F26`
ssdeep	`1536:rvTk08Py25oSz1P+zYkOcszL/H16rEfdV:rvTk0ZLSz1m55szL/kYf3`
Yara	None matched
VirusTotal	Search for analysis

Name	e3b0c44298fc1c14_nsyF126.tmp Empty file or file not found
Filepath	C:\Users\test22\AppData\Local\Temp\nsyF126.tmp
Size	0.0B
Type	empty
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
CRC32	`00000000`
ssdeep	`3::`
Yara	None matched
VirusTotal	Search for analysis

Name	b92acf55b4f00ae1_klein Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Klein
Size	96.0KB
Processes	2636 (66ed8059174df_ConsiderMilfs.exe)
Type	data
MD5	`726700550ac2d42e80a6d3a7405b8c22`
SHA1	`7d4f9b127505d70c675882485545503d18b4c9b9`
SHA256	`b92acf55b4f00ae18fb10765fd1bd0115529d0e492b1bf163f7a5ab2e0d367bc`
CRC32	`FD8DE53F`
ssdeep	`1536:kjPnjSCFXR0pdXI4nOpT9k0L7LjsuWGs9ljDpb4fcCe1lsPlehDtbb29/:vCgpd9OpT9k0fLjQnvpb4fcCefeatS9/`
Yara	None matched
VirusTotal	Search for analysis

Name	903f19bbcbc63f39_ecology Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Ecology
Size	62.0KB
Processes	2636 (66ed8059174df_ConsiderMilfs.exe)
Type	data
MD5	`6ae59a460e37c2486894b1ca8fa2dd87`
SHA1	`1954f743f6cf5953ff2ebdf0d51204a3e23bd6ec`
SHA256	`903f19bbcbc63f39726365060e05841b1f85746f78d7a0ae51392a824a97a7bb`
CRC32	`B061CF6C`
ssdeep	`1536:xodGyT2UB4h1oepI+7stA1UmnhIiBtpi9NWkUmOaGnZV5fqyzm/dUV:+dGIZB45I+d1UmnmetpANEmO5nsfSV`
Yara	None matched
VirusTotal	Search for analysis

Name	3f15bffc2b8590d4_telephony Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Telephony
Size	96.0KB
Processes	2636 (66ed8059174df_ConsiderMilfs.exe)
Type	data
MD5	`3405b6274e73d544802fffdcd585b905`
SHA1	`1d03437ae18c199cc66cab1b716031952e096068`
SHA256	`3f15bffc2b8590d4e959cebd7c30ecc4fedcbb0907f0f7860b5bef19433aaf40`
CRC32	`85EB0227`
ssdeep	`1536:o4934weOuvhrg/dgdFh/zMC6gKyf3ALh2w7cwQEQei7GYJ7tuANbEgiZzO:ocoweOqhEFyp3f3ALhVRQZ7GI1bEgiY`
Yara	None matched
VirusTotal	Search for analysis

Name	e3f4fbcfa7a3d8e4_activation Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Activation
Size	7.3KB
Processes	2636 (66ed8059174df_ConsiderMilfs.exe)
Type	data
MD5	`8b0e5b5564040244b7fe987f12c957e7`
SHA1	`ea193a80e11c4608a9c72d9bb63022688e470862`
SHA256	`e3f4fbcfa7a3d8e44e82a4b28a38724eb86b46f5599be2a0f1fb9880d0a1eb47`
CRC32	`F43C6890`
ssdeep	`192:z0HAeOqAFDw09CV/2nPvj6DdMP3r1HI5jMlbN+G3c:YHAHhww+/2nlP3r1WAL3c`
Yara	None matched
VirusTotal	Search for analysis

Name	02f710cb82f8d38f_avoid Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Avoid
Size	5.1KB
Processes	2636 (66ed8059174df_ConsiderMilfs.exe)
Type	data
MD5	`f14eaeb195d643f4fc9971f78b828491`
SHA1	`d918494734a26061b7eef0bf8dbbdc3c7bca70bf`
SHA256	`02f710cb82f8d38f9e99e1be712d9c70552f6175f024e4a035c56a630b3ff066`
CRC32	`74CADFAC`
ssdeep	`96:zE0/ozUGE/I8QvE3DOUD/etfsptH+OS3rGvGXM67j3zNJ2tGCdJnduSK1nObBtzs:zdAwGEw3vE3DO7Z6txSavGXbXgGAFdnq`
Yara	None matched
VirusTotal	Search for analysis

Name	b0fd86c3a4b267d8_resolution Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Resolution
Size	63.0KB
Processes	2636 (66ed8059174df_ConsiderMilfs.exe)
Type	data
MD5	`b110bbafcf6cfb0a8ae2f122ddf20ede`
SHA1	`a62d46e158a5ac193b6d2631510e67c35d448a15`
SHA256	`b0fd86c3a4b267d8706d7ae36b4a19eddb8fdb81fcb363c18174be45e64d9cc7`
CRC32	`1FF2BE80`
ssdeep	`1536:bdBj5yYeJQHINrZ5HhuAMQlzGLr+LseO60ZJ4QON8:j5yBT3M2zGLr+LseeZJtON8`
Yara	None matched
VirusTotal	Search for analysis

Name	94715e887f132abf_encyclopedia Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Encyclopedia
Size	99.0KB
Processes	2636 (66ed8059174df_ConsiderMilfs.exe)
Type	data
MD5	`10131cf263fe9e86e86fe75276d0a918`
SHA1	`7dc521b107deaba391232335161fc5c5c2e69ccd`
SHA256	`94715e887f132abf53cdc3d33022aa22063e1887f56a38a27e48aa21364d195a`
CRC32	`0143A721`
ssdeep	`1536:DAyRNKURVP7yWHv7rinGcFR3oHPEOz2CuivjgmmDPDT/4i9+DmqtgMZABKN:DAyNHyuv7riNOMkv8mmDbaDmqtgMZAY`
Yara	None matched
VirusTotal	Search for analysis

Name	e4a175bd91a15df2_rings Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Rings
Size	865.4KB
Processes	2636 (66ed8059174df_ConsiderMilfs.exe)
Type	data
MD5	`25055baf9907ffe607bd6cfc3f6d30ff`
SHA1	`3c77f48211fb315980d89ecafab8a74c5025aaa6`
SHA256	`e4a175bd91a15df2f47e2e65c2ad7ab8cd350425c8dafb072e479c1a4d6c4be8`
CRC32	`225C6B02`
ssdeep	`12288:hV0etV7qtINsegA/rMyyzlcqakvAfcN9b2MyZa31tqoPTdFbgawV2501:7xz1JMyyzlohMf1tN70aw8501`
Yara	Malicious_Library_Zero - Malicious_Library Generic_Malware_Zero - Generic Malware OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	695e778b876ea031_ceo.bat Submit file
Filepath	c:\users\test22\appdata\local\temp\ceo.bat
Size	9.3KB
Processes	2636 (66ed8059174df_ConsiderMilfs.exe) 2768 (cmd.exe)
Type	ASCII text, with very long lines, with CRLF line terminators
MD5	`81a3e6cbd7092474a997336697873d61`
SHA1	`c3332238a09567de8acb1f938f960ffd81e13215`
SHA256	`695e778b876ea0312ad0014ea3ec8940139aa0033e4ec5e6e6da9c836fbc7086`
CRC32	`6CD1B8EE`
ssdeep	`192:Z8T60htZtU2V/fT9SITIZsg4A9dKvoMg4wdbkyMbBGl9HAmbk:ZTKtL/fJSI0Zt4A9dKvlgbjCB29I`
Yara	None matched
VirusTotal	Search for analysis

Name	4a22f73997cba0fe_sp Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Sp
Size	79.0KB
Processes	2636 (66ed8059174df_ConsiderMilfs.exe)
Type	data
MD5	`b217e014693974adfe42c627953b8263`
SHA1	`4f2b8d085c5f0b9e80ee650d7016f4f423570989`
SHA256	`4a22f73997cba0fe3b1ecf506bef6f26ca0a84d964a5450396854502f6983fb5`
CRC32	`8C0658D7`
ssdeep	`1536:Zv+kQ1rJYfPWJ6PvIk4b+4IGjqU99orH8GCstCK7X+pmwfcVjQEJrfm:Zv7ZPWJ9+4IM9e8GCvmwEV0Epm`
Yara	None matched
VirusTotal	Search for analysis

Name	bade49216519e8d8_j Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\212475\j
Size	552.1KB
Processes	1264 (cmd.exe)
Type	data
MD5	`1ef109a71c3995dd5badf0f4a539d4a9`
SHA1	`06557f5d76fab502f8058669fcfa92fc87cbed82`
SHA256	`bade49216519e8d82c45664e46b6255feaf866a848ed3b1df5ada342ed195712`
CRC32	`E9F19FCA`
ssdeep	`12288:h5I/IMMBVwlxriW8qirLkks3//248xP4gi3d4SW1XmdNEZa:h5I/IMoVwDriW8qAwbXR8RaaR9m3qa`
Yara	None matched
VirusTotal	Search for analysis

Name	d8b7c7178fbadbf1_opponent.pif Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\212475\Opponent.pif
Size	872.7KB
Processes	2768 (cmd.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`18ce19b57f43ce0a5af149c96aecc685`
SHA1	`1bd5ca29fc35fc8ac346f23b155337c5b28bbc36`
SHA256	`d8b7c7178fbadbf169294e4f29dce582f89a5cf372e9da9215aa082330dc12fd`
CRC32	`388D364B`
ssdeep	`12288:WpV0etV7qtINsegA/rMyyzlcqakvAfcN9b2MyZa31tqoPTdFbgawV2501:WTxz1JMyyzlohMf1tN70aw8501`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsPE32 - (no description) Generic_Malware_Zero - Generic Malware UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis