Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
09.24 01:09
GoogleUpdate.exe
09.24 01:09
ufw.exe
09.24 01:09
lgrn.exe
09.24 01:09
lgfjd.exe
09.24 01:09
otra.exe
09.24 01:09
66f16f7e683b4_Trippers...
09.24 01:09
1.txt.ps1
09.24 11:09
66f18a5501651_ww_a.exe
09.24 11:09
66f1aed72de87_crypted....
09.24 11:09
wsd.exe

Latest News
09.24 05:09
Replacing Selenium Rec...
09.24 05:09
가비아, 2024년 하반기 개발자-엔지니...
09.24 05:09
멜팅소울, 신메뉴 ‘피자도그’ 출시 및 ...
09.24 05:09
KISA-KT, AI 기술 활용한 스팸 ...
09.24 05:09
JPMorgan Eyes More Gro...
09.24 05:09
Masdar Agrees to Buy S...
09.24 05:09
엠지텍, A/S 정책 차별화 선보여
09.24 05:09
월드와이드메모리, '2024 푸른하늘의 ...
09.24 05:09
부산한복문화창작소, 프랑스 파리 트라노이...
09.24 05:09
딜팩토리, 'DF-002 온풍기' 얼리버...

Dropped Files | ZeroBOX

Name	20c4c1a15cbfc916_vanilla Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Vanilla
Size	7.4KB
Processes	2552 (66f19da1b85de_cryotr.exe#kisotr)
Type	data
MD5	`1f6e1d942f7115c326067899f9721c13`
SHA1	`a6b8b6c1cdd21562c0e76ef08aecfc7c927d9cee`
SHA256	`20c4c1a15cbfc9168c797ac279475f88e2041f67a459471fddc3c947b4c7229e`
CRC32	`E00588C1`
ssdeep	`192:gHAeOqAFDw09CV/2nPvj6DdMP3r1HI5jMlbN+G3k:gHAHhww+/2nlP3r1WAL3k`
Yara	None matched
VirusTotal	Search for analysis

Name	b516639ecf4b1442_executive Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Executive
Size	87.0KB
Processes	2552 (66f19da1b85de_cryotr.exe#kisotr)
Type	data
MD5	`7196bd557f712406896af3a294854ec7`
SHA1	`a02abc5c3195a66d55d55edfa5e65e96d7ba4dea`
SHA256	`b516639ecf4b1442552857afff153e161d11c58220090496dc55f823695e1651`
CRC32	`CB53EEC6`
ssdeep	`1536:LmOCb3AEOQfZmXsF9AIYcEUWd/Dfab8Ym43jGUiMgB7Qx0gLA7UE:Lm90QfYS9AIYcIaXjTKMc9gLc`
Yara	None matched
VirusTotal	Search for analysis

Name	1fa255357ad948b0_older.bat Submit file
Filepath	c:\users\test22\appdata\local\temp\older.bat
Size	20.4KB
Processes	2552 (66f19da1b85de_cryotr.exe#kisotr) 2680 (cmd.exe)
Type	ASCII text, with very long lines, with CRLF line terminators
MD5	`d10dbebda909afbfa6ffc40a44acc62d`
SHA1	`a2becc064d4ddcc82520ab09b8b4583b346f93c9`
SHA256	`1fa255357ad948b071e3a605ee4158c8ae5ea9adc1c4e6c94a8ea875481e96eb`
CRC32	`84BB50F6`
ssdeep	`384:PlNCkcyX0lySZYq8QJdXa9GIQHzfrQzudL/0uWuGGFelxe9Efycq51p951vlP8CF:P7CYElHZYeFa9KfrOudTBVGqerE2y75V`
Yara	ftp_command - ftp command OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	7aa8cf51ae643db5_mastercard Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Mastercard
Size	40.3KB
Processes	2552 (66f19da1b85de_cryotr.exe#kisotr)
Type	data
MD5	`25f854a3b28adf8e8b37c4d3951797c6`
SHA1	`64675978a35669a4ce06e9f273e5fdf5c3a49322`
SHA256	`7aa8cf51ae643db5cf02b08662a7e0afeec273645c887f2f484b11fa91e055bd`
CRC32	`AA4993D2`
ssdeep	`768:6SFED7E5ztZ+Eg1s9BUT0R3YeqeGSC7w6+lbW/8Av/qrO5QJ2GWCoID787J:6SqDY5Gvs96Tk3FlbW1SrOKwGWc787J`
Yara	None matched
VirusTotal	Search for analysis

Name	ccbc6f5ceb4cd479_n Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\244644\N
Size	545.3KB
Processes	2056 (cmd.exe)
Type	data
MD5	`2f9adb1cf6e93e4da3d602c0d48643ef`
SHA1	`34f43bb62632452a1de3fd983515f735bcc3c96a`
SHA256	`ccbc6f5ceb4cd4799f7b18d3ddcabcca989518dc1638cdc554527ecb386172ec`
CRC32	`7C20CCDB`
ssdeep	`6144:FKn9/4wDk8iH0aABqDYckm9bzR0/qsYIsUBVWCR7BuAGE1HqAKNI5dlNpGApcaec:FKn9/45HkGYo9bzRcQCR0AXlh/7ca6I`
Yara	None matched
VirusTotal	Search for analysis

Name	117d0ccc33256863_sides Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Sides
Size	76.0KB
Processes	2552 (66f19da1b85de_cryotr.exe#kisotr)
Type	data
MD5	`93a4a8b90f4c995291f4adb787282970`
SHA1	`9122a34f131c168ade197279169f625f7ca59f83`
SHA256	`117d0ccc3325686395f029a4579a5c29e3867a27b9e01139757212d425013106`
CRC32	`FD3023C2`
ssdeep	`1536:ELf8ugmSmXtJQvDLpsuyzPam/gY9MqNjDMXqAq44Qhzvw+:Y88tJQvR4PR/tfMaAhL19`
Yara	None matched
VirusTotal	Search for analysis

Name	e3b0c44298fc1c14_nsqEF42.tmp Empty file or file not found
Filepath	C:\Users\test22\AppData\Local\Temp\nsqEF42.tmp
Size	0.0B
Type	empty
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
CRC32	`00000000`
ssdeep	`3::`
Yara	None matched
VirusTotal	Search for analysis

Name	2fd771e75ed3075d_fx Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Fx
Size	84.0KB
Processes	2552 (66f19da1b85de_cryotr.exe#kisotr)
Type	data
MD5	`4c11277283eff4e61ebe7c3c0c9b7932`
SHA1	`3a322ad2cd458ad75bf41466a4c0c79090b12c9c`
SHA256	`2fd771e75ed3075d6d0c4c58670fe557bcc844e3ef3d8751e0a68306186f6e55`
CRC32	`B7826C7D`
ssdeep	`1536:D7xmUfPxF6a4VC9QEG+ciXy4yzDOvxsT7z0aYYtJDSZ+d7eUp3:AixFX4KtGniA/OJkP0JKDXp3`
Yara	None matched
VirusTotal	Search for analysis

Name	99ef2cb58432d21e_jc Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Jc
Size	66.0KB
Processes	2552 (66f19da1b85de_cryotr.exe#kisotr)
Type	data
MD5	`0aaa7223fca864daa48039c5a7a70b27`
SHA1	`8d6ed70ec5eec87231a8121fddb731c105be4d22`
SHA256	`99ef2cb58432d21e2f406c9e4e2a3436a14102ef4a7a45bec4c9fed191e6302c`
CRC32	`CF68C948`
ssdeep	`1536:qZleU7hmt5nd4lM1N7OvzDjKM8CbycuNCGEAyw:qZlndmDd/7Yv52Yw`
Yara	None matched
VirusTotal	Search for analysis

Name	f8cabdf37c7566d3_installed Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Installed
Size	865.3KB
Processes	2552 (66f19da1b85de_cryotr.exe#kisotr)
Type	data
MD5	`60330a0c955c3d7909c6397557dc11f4`
SHA1	`1666b670a6c5a6713753f48f03da8b66747bd9f8`
SHA256	`f8cabdf37c7566d3e0c6cf011ba968da0fb779c270241e2719dcf5ff1122dab9`
CRC32	`F033BACE`
ssdeep	`12288:PV0etV7qtINsegA/rMyyzlcqakvAfcN9b2MyZa31tqoPTdFbgawV2501:Nxz1JMyyzlohMf1tN70aw8501`
Yara	Malicious_Library_Zero - Malicious_Library Generic_Malware_Zero - Generic Malware OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	d8b7c7178fbadbf1_caused.pif Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\244644\Caused.pif
Size	872.7KB
Processes	2680 (cmd.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`18ce19b57f43ce0a5af149c96aecc685`
SHA1	`1bd5ca29fc35fc8ac346f23b155337c5b28bbc36`
SHA256	`d8b7c7178fbadbf169294e4f29dce582f89a5cf372e9da9215aa082330dc12fd`
CRC32	`388D364B`
ssdeep	`12288:WpV0etV7qtINsegA/rMyyzlcqakvAfcN9b2MyZa31tqoPTdFbgawV2501:WTxz1JMyyzlohMf1tN70aw8501`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsPE32 - (no description) Generic_Malware_Zero - Generic Malware UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	e65e3c0954be3035_door Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Door
Size	58.0KB
Processes	2552 (66f19da1b85de_cryotr.exe#kisotr)
Type	data
MD5	`a83b356cb3091a822ae558503bec0e81`
SHA1	`d22895742f8754ba14e993568e9de6a2d482023d`
SHA256	`e65e3c0954be3035581254959c1ed778179d03cd34e6ad55a0f548b4c3b75aea`
CRC32	`3AE3D78E`
ssdeep	`1536:vK1vXe9X8PVq1+ujN3xWk2iyl6/0/UJgjxxiX:2e9stq1BNBgiJM/U2WX`
Yara	None matched
VirusTotal	Search for analysis

Name	500d2c2b0ef48967_started Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Started
Size	78.0KB
Processes	2552 (66f19da1b85de_cryotr.exe#kisotr)
Type	data
MD5	`fb83cd37486912dc467f78cf5ae252fb`
SHA1	`8928e18f47f0aadd42144fddd0abd0cb1ea63955`
SHA256	`500d2c2b0ef4896710b96299c2ccd7eff7e6b6d14f2e8b01d43ef5b9c5034177`
CRC32	`9695D6E0`
ssdeep	`1536:OGWPCiR2Vk33wM9cT1Wnv/gEQmV23p/A4N+SfCQcOFE1JcevEnDUqQuPW:fKNI6wM9chC/g1lNpfuXfzvEDUqQf`
Yara	None matched
VirusTotal	Search for analysis

Name	718e9e97d32df03f_pts Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Pts
Size	56.0KB
Processes	2552 (66f19da1b85de_cryotr.exe#kisotr)
Type	data
MD5	`1edf95a608f35b125a2a9c29f290be47`
SHA1	`5be8f957392bf583b1852fa164d34a47c6f610b7`
SHA256	`718e9e97d32df03fcc4e055418b8023c2e6ccfb3402cc5e63d34baaa4dbaace6`
CRC32	`C9B2D666`
ssdeep	`1536:hdhaCkku1T4Xv+rnhKMKJEQ36sGN7NDNgmVU:h7Bu1cXGjhKjJEQqbRvtu`
Yara	None matched
VirusTotal	Search for analysis