Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

Dropped Files | ZeroBOX

Name	5b31062934d1afe4_represent Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Represent
Size	66.0KB
Processes	792 (1.exe)
Type	data
MD5	`09cafc2cd2586f5bfab33937d069b114`
SHA1	`c7303feb233867e8deedec7003347dfe90701f0b`
SHA256	`5b31062934d1afe4e887b181cc0f2add523465a63f710333824102749ae2a768`
CRC32	`CFF2F160`
ssdeep	`1536:uACIpQQTQhsU1zyOQ6CSNKjROvdpONM1sOVzLv4:mIpxTBU1kvjQ2Mfn4`
Yara	None matched
VirusTotal	Search for analysis

Name	4a1c8403f1325713_connection Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Connection
Size	51.0KB
Processes	792 (1.exe)
Type	data
MD5	`b6b68a11d199c97c897a262d3314a9ed`
SHA1	`07b63697ebdfdcd1910390b43477562dbc150355`
SHA256	`4a1c8403f1325713242c06529510ea73e88590760d20d836d7ba987586e99613`
CRC32	`8559A692`
ssdeep	`768:dUTSDydsRK+pG7mdPmJggMMkN3JF7aACtQ+U3BDOe4OhgvONSv+68gnHQ/4+:dUmDwWK+phUO3HHL3BjTgfv+68gnHQQ+`
Yara	None matched
VirusTotal	Search for analysis

Name	53744685d58b788e_humans Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Humans
Size	91.0KB
Processes	792 (1.exe)
Type	data
MD5	`82b096504036d6c23531db83a3dbc2bb`
SHA1	`6747cc73044ada91759edfcc19206038dd5af327`
SHA256	`53744685d58b788ec091eb57fa850ed1a78c17b80ee1ba21796d6533e4c07cd0`
CRC32	`2EA9F054`
ssdeep	`1536:39Xh+SUhO1fn9CX1fJRrPYE2f+H+3Kayivh6Ys445ToLaaDLRHfbQCHX:9hBUhO1fMRrPYE2f+Hl+h6rDdaPRzQSX`
Yara	None matched
VirusTotal	Search for analysis

Name	45173dcbe34d1963_atmospheric Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Atmospheric
Size	64.0KB
Processes	792 (1.exe)
Type	data
MD5	`155702daaed607a3b9ae37027494655e`
SHA1	`b641842104fe4d99fcb4daae6435c5c3a9836d4a`
SHA256	`45173dcbe34d1963927f6f5f1a30be883807b9cfa55c27857115a43fa14c9e15`
CRC32	`4E873C2F`
ssdeep	`1536:yl75TDzuvOEpU95GVyYyBkic73BAi0ltYxX:o79uvOEpI5xYymt7337xX`
Yara	None matched
VirusTotal	Search for analysis

Name	df754244594bab7d_router Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Router
Size	78.0KB
Processes	792 (1.exe)
Type	data
MD5	`44d0f8f9c4b06736e9063432c40ad468`
SHA1	`79396180851fba1d3b611603455d61798574891d`
SHA256	`df754244594bab7d25764ca6df24dc7e19d3d6eb8ab29a575b665c8559f6ef78`
CRC32	`ABEB65AE`
ssdeep	`1536:QFZrVBHBTNIDho7gnJOFVE26So8If1jtdAZQyd1uYXomo5dyf5YEEQ:QJBHBSdo7gnKVEPSKdAaO1uYXoEaEr`
Yara	None matched
VirusTotal	Search for analysis

Name	a354428e5be2519a_profession Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Profession
Size	7.0KB
Processes	792 (1.exe)
Type	data
MD5	`6095cc0e5110bfbf129b695533148cf3`
SHA1	`4dfd2f248e726dc1357f15b16b80a1ab71f3a46e`
SHA256	`a354428e5be2519aa3db2abed313d510ae754ddf052c38f405235bdc73c2c630`
CRC32	`E50AB29E`
ssdeep	`192:dHAeOqAFDw09CV/2nPvj6DdMP3r1HI5jMlbNt:dHAHhww+/2nlP3r1WAT`
Yara	Suspicious_Obfuscation_Script_2 - Suspicious obfuscation script (e.g. executable files)
VirusTotal	Search for analysis

Name	d8b7c7178fbadbf1_batch.pif Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\400445\Batch.pif
Size	872.7KB
Processes	2084 (cmd.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`18ce19b57f43ce0a5af149c96aecc685`
SHA1	`1bd5ca29fc35fc8ac346f23b155337c5b28bbc36`
SHA256	`d8b7c7178fbadbf169294e4f29dce582f89a5cf372e9da9215aa082330dc12fd`
CRC32	`388D364B`
ssdeep	`12288:WpV0etV7qtINsegA/rMyyzlcqakvAfcN9b2MyZa31tqoPTdFbgawV2501:WTxz1JMyyzlohMf1tN70aw8501`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsPE32 - (no description) Generic_Malware_Zero - Generic Malware UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	02631bb82ed0d343_antonio Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Antonio
Size	865.7KB
Processes	792 (1.exe)
Type	data
MD5	`f893c06408989444917becc2c67e9720`
SHA1	`734160892a99b544f052fd92382010b80d054020`
SHA256	`02631bb82ed0d34347ba2980f9d5eb2ba2cd26e942c3f922b9215dd19ddf267e`
CRC32	`B1EBEF10`
ssdeep	`12288:mV0etV7qtINsegA/rMyyzlcqakvAfcN9b2MyZa31tqoPTdFbgawV2501:sxz1JMyyzlohMf1tN70aw8501`
Yara	Malicious_Library_Zero - Malicious_Library Generic_Malware_Zero - Generic Malware OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	38206815f4ea3341_sol Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Sol
Size	30.1KB
Processes	792 (1.exe)
Type	data
MD5	`caefb3c36d5bd6c6923ea3c264f76de7`
SHA1	`4554acb578278bbb2c4db326960e49736c968459`
SHA256	`38206815f4ea33415c17f1c5e6ec111cbcff8f31b4ebf1f16b2caf3e0e9f3ee3`
CRC32	`21ECA7F6`
ssdeep	`384:mbAkiZzvHEtuS2S77HZGZzkhmqosfpk/CYJ9w3zC79LGoireZXGPYk4mJWVBdep/:THAh9zRmDsBSNJ9KzCA62PYka6V6O`
Yara	None matched
VirusTotal	Search for analysis

Name	5ba66a80e757c3a7_href Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Href
Size	97.0KB
Processes	792 (1.exe)
Type	data
MD5	`39904f7826116996701e702069a0ca0d`
SHA1	`5b0133ca89160ac7f4805f4b054337a985086f69`
SHA256	`5ba66a80e757c3a7cf2e16e709090fcbe8f8019e70c4266fd957ce4878b8719a`
CRC32	`6CD5799B`
ssdeep	`1536:iIofhYfMIH6MRThRDL2NgT+zGv1wcT8xTSYHhkAs+zi8L8ZIsuBH5lrZIAti4:NofhZeDLDL2muG+Az2zco/lNi4`
Yara	None matched
VirusTotal	Search for analysis

Name	bd7d098fba2a3430_o Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\400445\O
Size	549.1KB
Processes	2584 (cmd.exe)
Type	data
MD5	`06217e9f55ff1dc889a0aa9aa2999b3c`
SHA1	`fad711a89fe670deca51f31fab7249d3f4232b3d`
SHA256	`bd7d098fba2a343099199ba99efd5191d62c341ad8883c7d4049e529f2355ffe`
CRC32	`F48D6E77`
ssdeep	`12288:oBuYYFZrozHfsDJA1fpmQOqLQqO9JJFvyp1EwSJY7Ek:ooUzHWy1OaQpJvasPY7Ek`
Yara	None matched
VirusTotal	Search for analysis

Name	dc10cd792e285970_commons Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Commons
Size	72.0KB
Processes	792 (1.exe)
Type	data
MD5	`01d316f7f74b486c817c69726cefc328`
SHA1	`26c56b95c7aa7dc4fce2ddaadd9ec344bcc9f2e2`
SHA256	`dc10cd792e2859702c384da65c0c1bdaac764563c7311fb3c58495ed96791534`
CRC32	`C13FA0DF`
ssdeep	`1536:HIbhzgxot9BtblQLg76/egzRCe9ua3idZ7L0nJAxifL1kuF5:ob2xot9H2Lg76/gsuSW/0nJAApz`
Yara	None matched
VirusTotal	Search for analysis

Name	e3b0c44298fc1c14_nsrC28F.tmp Empty file or file not found
Filepath	C:\Users\test22\AppData\Local\Temp\nsrC28F.tmp
Size	0.0B
Type	empty
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
CRC32	`00000000`
ssdeep	`3::`
Yara	None matched
VirusTotal	Search for analysis

Name	afcd2cdc62a903f0_tits.bat Submit file
Filepath	c:\users\test22\appdata\local\temp\tits.bat
Size	20.2KB
Processes	792 (1.exe) 2084 (cmd.exe)
Type	ASCII text, with very long lines, with CRLF line terminators
MD5	`1a43009615b399c7da8fc4748bd7149d`
SHA1	`4a118c8b399b92d7812d715b588f049b37efd6d2`
SHA256	`afcd2cdc62a903f0cb91c678bc8f9e6a0022a06ae6ce4bb25edf3d6886ff7165`
CRC32	`09505A85`
ssdeep	`384:D271Mg7Bi7MmXkjuAJ9Eh9J1TdO4VyzfhGF9jzG+20XRQ1hQHTu+3pBJtXonJ:D25XB2fQuIKXAUyzfhGF9jzG+PXRQ1SS`
Yara	None matched
VirusTotal	Search for analysis