Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
11.05 04:11
VST32License.exe
11.05 03:11
VST32License.exe
11.03 01:11
DocTromTinNhan.exe
11.01 06:11
MPDW-constraints.vbs
11.01 06:11
87f3f2.exe
11.01 06:11
Client-built.exe
11.01 06:11
norm.exe
11.01 06:11
chrome_131.exe
11.01 06:11
kjrhjijawdkrjhh.exe
11.01 09:11
Calibre_Installer.exe

Latest News
11.05 01:11
메가존클라우드-파이오링크, 클라우드 보안...
11.05 01:11
프로페셔널 헤어케어 브랜드 레삐, ‘20...
11.05 01:11
Chinese Group Accused ...
11.05 01:11
25년 정보보호 전자공시시스템 고도화 및...
11.05 01:11
KISA, 민원 응대 보호시스템 전사 확대
11.05 01:11
아늑샵, 2024년 4분기 '한국소비자인...
11.05 01:11
크라운슬립, 프리미엄 구스 이불 론칭 기...
11.05 01:11
Google Warns of Active...
11.05 12:11
안랩, 2024년 3분기 매출 685억,...
11.05 12:11
Southeast Asia’s Digit...

Dropped Files | ZeroBOX

Name	d8b7c7178fbadbf1_eva.pif Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\451111\Eva.pif
Size	872.7KB
Processes	2748 (cmd.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`18ce19b57f43ce0a5af149c96aecc685`
SHA1	`1bd5ca29fc35fc8ac346f23b155337c5b28bbc36`
SHA256	`d8b7c7178fbadbf169294e4f29dce582f89a5cf372e9da9215aa082330dc12fd`
CRC32	`388D364B`
ssdeep	`12288:WpV0etV7qtINsegA/rMyyzlcqakvAfcN9b2MyZa31tqoPTdFbgawV2501:WTxz1JMyyzlohMf1tN70aw8501`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsPE32 - (no description) Generic_Malware_Zero - Generic Malware UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	2b045baf903e6254_preferences Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Preferences
Size	6.4KB
Processes	2624 (66f8f23776c09_DisplayedScreensavers.exe#kiscryptvid)
Type	data
MD5	`44122dde18931389e0f7088be63f5f67`
SHA1	`18586cc132b0cc69bded5131083c91def243634f`
SHA256	`2b045baf903e6254c36360c049fb11b18cac41b30b58240124e951a578ec7a7f`
CRC32	`C1DA16DB`
ssdeep	`192:kHAeOqAFDw09CV/2nPvj6DdMP3r1HI5jMM:kHAHhww+/2nlP3r1Wx`
Yara	None matched
VirusTotal	Search for analysis

Name	b41997937523f519_american Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\American
Size	72.0KB
Processes	2624 (66f8f23776c09_DisplayedScreensavers.exe#kiscryptvid)
Type	data
MD5	`d0724873433464365897cbdd1181c6fa`
SHA1	`6a554572a534cbbc2f43c2b6f5aeb2dd9a8a6166`
SHA256	`b41997937523f5198bdd965996bc157c7b1501b9a7b1b770c7ffd208a4e053dd`
CRC32	`95D1F610`
ssdeep	`1536:NJ3NrHpCJ+wy0WBMeMB7t4dDvVrRZVJSrl6cHTdZ8fPqdTS:PZHoswy0QuYNZPSrl6o8PyTS`
Yara	None matched
VirusTotal	Search for analysis

Name	d4ac14787d616809_fusion Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Fusion
Size	92.0KB
Processes	2624 (66f8f23776c09_DisplayedScreensavers.exe#kiscryptvid)
Type	data
MD5	`b3e4eff4d25c622f39e9d1ff5f783ee7`
SHA1	`3655b699f2cb5a5198f163143ed910736eec0b28`
SHA256	`d4ac14787d616809fdcdf0efffbf66ac5ed49940c9678a177abdca3c1f27ea10`
CRC32	`196F2340`
ssdeep	`1536:1N5slnSM++7rIIu6uwDl5k+Rp7fW20Hkoj62C1jHP0GdYZ8ZKaYITene+Xib7/:1PeSeHIv0Pk+7TWjdCVzYI+eT`
Yara	None matched
VirusTotal	Search for analysis

Name	1f24d3eb0dbd08db_madison Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Madison
Size	99.0KB
Processes	2624 (66f8f23776c09_DisplayedScreensavers.exe#kiscryptvid)
Type	data
MD5	`bc1c0b96530b86fef9ebba8e92d6757d`
SHA1	`bf0a035ae382d3dbfe77322413c25d60b6852073`
SHA256	`1f24d3eb0dbd08dbcfc13fa1132d37e3a0a417d8b3c77a72f728aa0afc77911b`
CRC32	`C9B3A9B9`
ssdeep	`3072:rSKhWjbXCzT4AEL9oqGu5urbVOP4V5MCMLT63rRHY8:g3ynFEBxtugPKMLT63lL`
Yara	None matched
VirusTotal	Search for analysis

Name	dd48412f04551d16_hacker.bat Submit file
Filepath	c:\users\test22\appdata\local\temp\hacker.bat
Size	10.3KB
Processes	2624 (66f8f23776c09_DisplayedScreensavers.exe#kiscryptvid) 2748 (cmd.exe)
Type	ASCII text, with very long lines, with CRLF line terminators
MD5	`5f61cf71d1d5f0299db96aee48f996e1`
SHA1	`e1b10c0088b13807f57983bcc1e899d7fd39e6c7`
SHA256	`dd48412f04551d16cbe548b2c7d6db7786dc594dbdc49046b1ded034a7707d5f`
CRC32	`B3FC49C5`
ssdeep	`192:A1eCk3G6lgLrRmvNbaiLU0y5qS1F5nIReyNlpCGZbeO3RvI1i1nVu4dY:ieCk3GVURaEKJblyFCGBHEKY`
Yara	None matched
VirusTotal	Search for analysis

Name	c108290a40c05baf_t Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\451111\t
Size	553.1KB
Processes	2112 (cmd.exe)
Type	data
MD5	`42b6247eb01a7f1c3ce77535b104e15f`
SHA1	`8ee28ba3974bde8f8a721702701f7034e45944c4`
SHA256	`c108290a40c05baf029e4a221c2068c544f298f3a1b5aaed33395e236fd9cca8`
CRC32	`9B4ACF45`
ssdeep	`12288:J7WzYworqyeznPmyYbn/Z240MLe3nfxzoKKZlG6:hkYwcqPPILkaLOnfxzo5TG6`
Yara	None matched
VirusTotal	Search for analysis

Name	44d18057e2b57067_general Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\General
Size	50.0KB
Processes	2624 (66f8f23776c09_DisplayedScreensavers.exe#kiscryptvid)
Type	data
MD5	`dbc69f1de67abe78235796c6b53931d6`
SHA1	`ac903dce7699c722e917ce48af515a313471a300`
SHA256	`44d18057e2b570671c2c0dcbdcddee9e205cc3232d3231a500d09d16176f86be`
CRC32	`33DF00EB`
ssdeep	`1536:q3Kwpxrqq2fjQRqCdyG8CKUFO2QbqIOU4:UUf0lN88s2QbLOr`
Yara	None matched
VirusTotal	Search for analysis

Name	499036759bf5f708_finnish Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Finnish
Size	24.1KB
Processes	2624 (66f8f23776c09_DisplayedScreensavers.exe#kiscryptvid)
Type	data
MD5	`01f4c13c088e337c0c3d250fb41bb1ee`
SHA1	`7a730c336f7e46333bfbdeef30d5594eeb5c9f6a`
SHA256	`499036759bf5f708b07f3de22724bc4cfa7b070768e0c4e415605d8601e2d2c0`
CRC32	`D2D1EBEB`
ssdeep	`384:uWEZ65xxre/w3LSFNfef8Ey7BgpM5qIH2gCbhMhI3MFQxBKmHGV5524BLEWXF:9reYb8feU31gy5P2gZh4XBhHW5zLl`
Yara	None matched
VirusTotal	Search for analysis

Name	ba2f8724ffa332a1_overseas Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Overseas
Size	71.0KB
Processes	2624 (66f8f23776c09_DisplayedScreensavers.exe#kiscryptvid)
Type	data
MD5	`4505ca2d80a6ecf61e228533c910227a`
SHA1	`b5c4b9d7d27ef99ecfbe0eb8d4285baee47023f8`
SHA256	`ba2f8724ffa332a136a4c92728744638a1ab1deb9dd9611b31eb6178a66db2aa`
CRC32	`A2956598`
ssdeep	`1536:gnOz2b35sR+ZiATVFmgVbVF3cJ+mXkCE2nkqhpDztG/hzC6J19x88hcxFPeE:gn02b35stARYIVFsJ+mXk4nj/+zPDE`
Yara	None matched
VirusTotal	Search for analysis

Name	330c49cb5a2eb472_revolutionary Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Revolutionary
Size	866.3KB
Processes	2624 (66f8f23776c09_DisplayedScreensavers.exe#kiscryptvid)
Type	data
MD5	`307e56ba648b5fafbf09ec5608af78f9`
SHA1	`13548d75c1c9b1e8f70c6c8ef1eeb02693aff804`
SHA256	`330c49cb5a2eb47298e1c0701b788278bf44766cfccd0b28b3ca1bd63204be23`
CRC32	`B676AF3D`
ssdeep	`12288:ZV0etV7qtINsegA/rMyyzlcqakvAfcN9b2MyZa31tqoPTdFbgawV2501:jxz1JMyyzlohMf1tN70aw8501`
Yara	Malicious_Library_Zero - Malicious_Library Generic_Malware_Zero - Generic Malware OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	e3b0c44298fc1c14_nswF136.tmp Empty file or file not found
Filepath	C:\Users\test22\AppData\Local\Temp\nswF136.tmp
Size	0.0B
Type	empty
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
CRC32	`00000000`
ssdeep	`3::`
Yara	None matched
VirusTotal	Search for analysis

Name	dddf14008ea6cb63_smith Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Smith
Size	92.0KB
Processes	2624 (66f8f23776c09_DisplayedScreensavers.exe#kiscryptvid)
Type	data
MD5	`6bd6ccba2626c469bb31edc54353e389`
SHA1	`a91724e713329a5511a377d417b1fc4555293463`
SHA256	`dddf14008ea6cb63dd94faaa9af398069df49e2d270139c6d2c256272f576119`
CRC32	`1C002BFF`
ssdeep	`1536:xL4Ml7FBQHRYHOwlkiVSTb3vJvPkrxFNvfsbL/RlZqcNiMJYTpfUZak1c:xLll7TQHK7SfvaNSLZbnNfJYBUZj1c`
Yara	None matched
VirusTotal	Search for analysis

Name	1cfda193e575b888_seminars Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Seminars
Size	53.0KB
Processes	2624 (66f8f23776c09_DisplayedScreensavers.exe#kiscryptvid)
Type	data
MD5	`5440f8833665f72e9ba0306856f83a35`
SHA1	`95a58389ffb8bae3e5f5fea204b46c8e928f905a`
SHA256	`1cfda193e575b888535bf3f79a2f81637d5cef83820bc63f1672063e8b30fc87`
CRC32	`D7FBE716`
ssdeep	`768:PzT6HjkbgC+gRx57Psr1G8Ypv0LB+dc4VR6MEqpgUvq8Y2DI9wnfsP4zpakNrI6Y:PP2HsRuYCsdc0cM3gH8Y2V1zpaelY`
Yara	None matched
VirusTotal	Search for analysis