Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
11.05 04:11
VST32License.exe
11.05 03:11
VST32License.exe
11.03 01:11
DocTromTinNhan.exe
11.01 06:11
MPDW-constraints.vbs
11.01 06:11
87f3f2.exe
11.01 06:11
Client-built.exe
11.01 06:11
norm.exe
11.01 06:11
chrome_131.exe
11.01 06:11
kjrhjijawdkrjhh.exe
11.01 09:11
Calibre_Installer.exe

Latest News
11.05 01:11
메가존클라우드-파이오링크, 클라우드 보안...
11.05 01:11
프로페셔널 헤어케어 브랜드 레삐, ‘20...
11.05 01:11
Chinese Group Accused ...
11.05 01:11
25년 정보보호 전자공시시스템 고도화 및...
11.05 01:11
KISA, 민원 응대 보호시스템 전사 확대
11.05 01:11
아늑샵, 2024년 4분기 '한국소비자인...
11.05 01:11
크라운슬립, 프리미엄 구스 이불 론칭 기...
11.05 01:11
Google Warns of Active...
11.05 12:11
안랩, 2024년 3분기 매출 685억,...
11.05 12:11
Southeast Asia’s Digit...

Dropped Files | ZeroBOX

Name	8704cb6ebe7eef39_correct Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Correct
Size	81.0KB
Processes	1648 (Bundicut.exe)
Type	data
MD5	`d91b8b96745f7b7d81179268d4da4b4d`
SHA1	`b4ad21afb4044b0c1461e1c5523d792110fb6130`
SHA256	`8704cb6ebe7eef39f91ca6838c2d06eb9b21ed6e6dfddc5f5707b8cb4a9f64f1`
CRC32	`0D1EED92`
ssdeep	`1536:+bNAgMpBbyaSuuG7cEFKWgtnMOCQZaT1BB+kEcr1Ue38UnKC8TsvVwFLcFlEOtMI:TBbyuIEFutntgrfgC5diAuOS8V`
Yara	None matched
VirusTotal	Search for analysis

Name	f83c95dd15e4eb1b_latin Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Latin
Size	89.0KB
Processes	1648 (Bundicut.exe)
Type	data
MD5	`ac72a864d71e31270399396cefa534e7`
SHA1	`c41004bcfb507028f7d109ea2cbab9a8ba5f4bd9`
SHA256	`f83c95dd15e4eb1b7f68946ecb8f1a689cc16cebe02ae68ebc4e08e7ab467296`
CRC32	`CD861301`
ssdeep	`1536:POwYt0r7QuNT7NQyPOPSpnezwcV9xE1zaFTpX3XQwM78kIxTUU8n1V4J/:iIQu5NGPYezvTxE1upX3XQwsjUYVO/`
Yara	None matched
VirusTotal	Search for analysis

Name	3133dfe772afbe5f_n Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\103495\n
Size	575.7KB
Processes	2648 (cmd.exe)
Type	data
MD5	`d61bfd64fbf003ba89a0038e38339df6`
SHA1	`ef8f3ea9aa749ea516e2d62ae586680c4e14d4e5`
SHA256	`3133dfe772afbe5ffd178038bee3ff413665ec29a5565881d63bbb5370c58af2`
CRC32	`01807A8B`
ssdeep	`12288:+WPM1wUWq0fYgJafcwbk88kntuz+WrR9sv9mkkNVTJMa:+WPiwfqGYgAfnU6CR9Pk+TJMa`
Yara	None matched
VirusTotal	Search for analysis

Name	75cb47c2bb9beded_fine Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Fine
Size	7.6KB
Processes	1648 (Bundicut.exe)
Type	data
MD5	`5a3868fbe5a6517157d7a0337c938e0a`
SHA1	`4e8e6c526393d3d679c93d2a57b0dca2ec0427fc`
SHA256	`75cb47c2bb9bededd276c0008683b7e655a9e943626d2755bfa7d7e167f2b31b`
CRC32	`727652F6`
ssdeep	`192:fUHAeOqAFDw09CV/2nPvj6DdMP3r1HI5jMlbN+G3yM:fUHAHhww+/2nlP3r1WAL3yM`
Yara	Suspicious_Obfuscation_Script_2 - Suspicious obfuscation script (e.g. executable files)
VirusTotal	Search for analysis

Name	a47c770a23612063_gloves Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Gloves
Size	96.0KB
Processes	1648 (Bundicut.exe)
Type	data
MD5	`383cecc8de45b96cefdf4ce6ddbae343`
SHA1	`8a12728453735e74e0d633b28bdf4556d4b0af41`
SHA256	`a47c770a23612063f299f22871e18642b3d4668fb58765cdc279c4c0c3a23321`
CRC32	`F7BE53D2`
ssdeep	`1536:LhAC8plpAB13tObsRlWOFw5a7qbRSIBDoJ0MiSJj9cwhXYxZvJk0EKSxImCGg7AK:LIpABRtmsRlWYw5a7KyJZcwRYxBJHE5m`
Yara	None matched
VirusTotal	Search for analysis

Name	29a6f67de3f128b7_barbie Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Barbie
Size	67.0KB
Processes	1648 (Bundicut.exe)
Type	data
MD5	`001014c69a9062b0753718619b7e71e3`
SHA1	`5ee78ab9158525c3f2342707c29fbc8c50dc8426`
SHA256	`29a6f67de3f128b72f48cd17714c88ec0ef28771a242a4c6924087807d0f1182`
CRC32	`22A19D43`
ssdeep	`1536:/BvokD+6XgWAVRX3efhLoR1Q28NgQhjbfa5ZU:/BRD+68VRX3eiB21GA`
Yara	None matched
VirusTotal	Search for analysis

Name	c2e3adf32419b416_serious Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Serious
Size	865.1KB
Processes	1648 (Bundicut.exe)
Type	data
MD5	`194a567844c46f20eabdcf8a7bf469dd`
SHA1	`ccc915eeaebea7ad2c5550a3ba1c917b3708c469`
SHA256	`c2e3adf32419b4163876794fce4ed1f2c5d631a13aaaa955f3d3e30f1eb66a13`
CRC32	`87BEEDF5`
ssdeep	`12288:kV0etV7qtINsegA/rMyyzlcqakvAfcN9b2MyZa31tqoPTdFbgawV2501:exz1JMyyzlohMf1tN70aw8501`
Yara	Malicious_Library_Zero - Malicious_Library Generic_Malware_Zero - Generic Malware OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	344b4c601fd07df6_appraisal Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Appraisal
Size	3.7KB
Processes	1648 (Bundicut.exe)
Type	data
MD5	`768db4ac22081145374c24722fcc43ad`
SHA1	`bdb3807c1202e377300c0ba5c3583a698c37adfd`
SHA256	`344b4c601fd07df63377194621d87533a3afa29ff6f56190c4f64b5d9fab5b08`
CRC32	`540AFED4`
ssdeep	`96:HtLdIQTWXW4M4hKF9wZpR7ezSKMaRTeBvOG03d2oF1U2pkmIgSl:HtBIQTb4ZpR0SKMaIBe3QoF1BNDSl`
Yara	None matched
VirusTotal	Search for analysis

Name	e3b0c44298fc1c14_nsmC416.tmp Empty file or file not found
Filepath	C:\Users\test22\AppData\Local\Temp\nsmC416.tmp
Size	0.0B
Type	empty
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
CRC32	`00000000`
ssdeep	`3::`
Yara	None matched
VirusTotal	Search for analysis

Name	d9aea2aad680efcd_transparent Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Transparent
Size	76.0KB
Processes	1648 (Bundicut.exe)
Type	data
MD5	`0b034950e941768616af2eba4f9d4000`
SHA1	`a50f20a10e8df21a1b2c1655f9f300c31d2ebed3`
SHA256	`d9aea2aad680efcd111b992b6124e72f6ba2feb178867d1c5f5167a21423bd4e`
CRC32	`61697DFC`
ssdeep	`1536:AITtaftyMQXhoaS4SjfF7iLuiVjVK5xCUFQcCzo55:75aftCVS4SJ7Yuy4we5`
Yara	None matched
VirusTotal	Search for analysis

Name	d8b7c7178fbadbf1_powder.pif Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\103495\Powder.pif
Size	872.7KB
Processes	2168 (cmd.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`18ce19b57f43ce0a5af149c96aecc685`
SHA1	`1bd5ca29fc35fc8ac346f23b155337c5b28bbc36`
SHA256	`d8b7c7178fbadbf169294e4f29dce582f89a5cf372e9da9215aa082330dc12fd`
CRC32	`388D364B`
ssdeep	`12288:WpV0etV7qtINsegA/rMyyzlcqakvAfcN9b2MyZa31tqoPTdFbgawV2501:WTxz1JMyyzlohMf1tN70aw8501`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsPE32 - (no description) Generic_Malware_Zero - Generic Malware UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	f7ad68ce94df8b24_ski Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Ski
Size	91.0KB
Processes	1648 (Bundicut.exe)
Type	data
MD5	`08342a0886a607763230cc9e7f9763e9`
SHA1	`edbea1401b8653fed918c0e6adbaf9e6271bec52`
SHA256	`f7ad68ce94df8b242fc3f6e9bd7814a16011214952805ed5e8e6adef74a27f48`
CRC32	`22AA2BE1`
ssdeep	`1536:FhL2bzYtAJ28r1yhcuDzkoKPze14spu84cnY6lxlbj1mCTS4Yj2VMr:H2fYtAJ2k1yWWhUzeRNYy3bjNTS4YyGr`
Yara	None matched
VirusTotal	Search for analysis

Name	c1551d0d3d6c658c_story Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Story
Size	72.0KB
Processes	1648 (Bundicut.exe)
Type	data
MD5	`99e977093bc7ab3360cbc1146d0ee20c`
SHA1	`ad950626c995af3bbe62e9ac187fa7cabda406ad`
SHA256	`c1551d0d3d6c658c1b55558c4fdb2b1be9233715b63485997c935c434bd570e7`
CRC32	`C5A03387`
ssdeep	`1536:J+Q3dgxNnWvKXe/b3h7iLpHdJUzOSa6kNFZett8zMdvBG:1Wje/ZilHdJUKSa6kNLetttvBG`
Yara	None matched
VirusTotal	Search for analysis

Name	67d35db2809da95d_centres.bat Submit file
Filepath	c:\users\test22\appdata\local\temp\centres.bat
Size	23.3KB
Processes	1648 (Bundicut.exe) 2168 (cmd.exe)
Type	ASCII text, with very long lines, with CRLF line terminators
MD5	`de5800b2ad98e412afe2a7bc93dfa639`
SHA1	`e3d423c60e01c7c079261521b0939da80a85649a`
SHA256	`67d35db2809da95d2dc7e4ce76800103cbc042e2f02d1cc1934a6c06e5e6737c`
CRC32	`C31CF72E`
ssdeep	`384:Q4VFdKAGOKr0a70GNJZdjLU7xQnrSVAMqmTLQ+dsbBBTlwKns/N7UosAy+xmlYf:PVFdjKrPYCJZVU7xQrMqcM+2Rlw3N7Uy`
Yara	None matched
VirusTotal	Search for analysis