Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
11.05 04:11
VST32License.exe
11.05 03:11
VST32License.exe
11.03 01:11
DocTromTinNhan.exe
11.01 06:11
MPDW-constraints.vbs
11.01 06:11
87f3f2.exe
11.01 06:11
Client-built.exe
11.01 06:11
norm.exe
11.01 06:11
chrome_131.exe
11.01 06:11
kjrhjijawdkrjhh.exe
11.01 09:11
Calibre_Installer.exe

Latest News
11.05 01:11
메가존클라우드-파이오링크, 클라우드 보안...
11.05 01:11
프로페셔널 헤어케어 브랜드 레삐, ‘20...
11.05 01:11
Chinese Group Accused ...
11.05 01:11
25년 정보보호 전자공시시스템 고도화 및...
11.05 01:11
KISA, 민원 응대 보호시스템 전사 확대
11.05 01:11
아늑샵, 2024년 4분기 '한국소비자인...
11.05 01:11
크라운슬립, 프리미엄 구스 이불 론칭 기...
11.05 01:11
Google Warns of Active...
11.05 12:11
안랩, 2024년 3분기 매출 685억,...
11.05 12:11
Southeast Asia’s Digit...

Dropped Files | ZeroBOX

Name	6d876c526b5cbc5d_setup.exe Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\7z8C39F5B4\setup.exe
Size	872.5KB
Processes	1460 (AutoHotkey_1.1.37.02_setup.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`b98ee9e00b5546763f9c6e65e436f6e6`
SHA1	`a28e2b0ba6cc748d166b2eb6d0c8acb0bd3b9f3b`
SHA256	`6d876c526b5cbc5dc5341c1011b1c91639597f46677a1d42426f4a52dfea6756`
CRC32	`0F596D93`
ssdeep	`12288:TYEd//LbpeDJ4jfiIaBRtwfESz9pfYbVC3pKEVj4988fpIXxnKubN:TbJIJ4TiIaBYfTz9wC3pKqH8feXxnNbN`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature Malicious_Packer_Zero - Malicious Packer IsPE32 - (no description) Generic_Malware_Zero - Generic Malware UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	ef88ba74aef53793_installer.ahk Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\7z8C39F5B4\Installer.ahk
Size	65.9KB
Processes	1460 (AutoHotkey_1.1.37.02_setup.exe)
Type	ASCII text, with CRLF, CR, LF line terminators
MD5	`015d8f0a9ba93e41f418b8db8bef6a10`
SHA1	`06d35e419dc82f91d123f129b88ff46511d1cf2b`
SHA256	`ef88ba74aef53793937ddfaaca4908772fbaf2e7c9bfb5fdeb3c0a6b95755cd0`
CRC32	`91F76C60`
ssdeep	`1536:iha0PbLo/88KSAn4HJzlbfuxp7NaBNZ/MXtM:ihJYxbfuLMMXtM`
Yara	None matched
VirusTotal	Search for analysis

Name	6e7c9ae1daabdb95_unicode 64-bit.bin Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\7z8C39F5B4\Compiler\Unicode 64-bit.bin
Size	1.2MB
Processes	1460 (AutoHotkey_1.1.37.02_setup.exe)
Type	PE32+ executable (GUI) x86-64, for MS Windows
MD5	`30da2df436169d6f09732e61d8849a05`
SHA1	`25694362dfa391caf55733772ca61a95978d507c`
SHA256	`6e7c9ae1daabdb958a4d9c8e7297ba956c9504b5f76ce61fc31281f5bb0b0b55`
CRC32	`D96DD666`
ssdeep	`24576:lUNxvqF6FGYJf6yjNQpNONZNlTX5PlGPgquLEIWxUc7N11QaSYx7Gqc:lUNxvC6FGYJf6yjNQpNONZnTX5PlGPgc`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature Malicious_Packer_Zero - Malicious Packer IsPE64 - (no description) Generic_Malware_Zero - Generic Malware UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	b27c1a7c92686e47_license.txt Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\7z8C39F5B4\license.txt
Size	17.7KB
Processes	1460 (AutoHotkey_1.1.37.02_setup.exe)
Type	ASCII text, with CRLF line terminators
MD5	`e3f2ad7733f3166fe770e4dc00af6c45`
SHA1	`3d436ffdd69f7187b85e0cf8f075bd6154123623`
SHA256	`b27c1a7c92686e47f8740850ad24877a50be23fd3dbd44edee50ac1223135e38`
CRC32	`0ABAFB55`
ssdeep	`384:gq2PmwE3b6k/iAVX/dUY2ZpEGMOZ77oPyBrsS/S9B:gzuh1iYWrTXoPAs9B`
Yara	None matched
VirusTotal	Search for analysis

Name	de37a93068ca2570_autohotkey.chm Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\7z8C39F5B4\AutoHotkey.chm
Size	1.9MB
Processes	1460 (AutoHotkey_1.1.37.02_setup.exe)
Type	MS Windows HtmlHelp Data
MD5	`17d5e275dbc8278d888f7da1d681d7e3`
SHA1	`245cd35e6caa42fdd3936d2122c7464c877d6591`
SHA256	`de37a93068ca25701b3413eab0f01fa1646d2dab0346d78494192e95d94ad521`
CRC32	`3556DC4E`
ssdeep	`49152:7X6QKboATWz2KXn3H6p2HPIn5lfkwHiAUG8E8LbBpOh:7Xf6oATVKqp8Pk5lNHi1GCbBpm`
Yara	chm_file_format - chm file format
VirusTotal	Search for analysis

Name	754a28ed76a7b4eb_ahk2exe.exe Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\7z8C39F5B4\Compiler\Ahk2Exe.exe
Size	972.0KB
Processes	1460 (AutoHotkey_1.1.37.02_setup.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`78515b1091f74c0f828aed92d3c972b0`
SHA1	`0103e030518db102631310ce4e2eb7673d7a1994`
SHA256	`754a28ed76a7b4eba7909b146cfc4c4c2aa43aff54e10a5cd6dbc939c0732b6a`
CRC32	`768E3A94`
ssdeep	`24576:Vbi/QhDC8mY93kyw8hC2A5CxLbRpWrzzZyP4UMd0I7W:M/QMnl5YL7WzZyQRdM`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature Malicious_Packer_Zero - Malicious Packer IsPE32 - (no description) Generic_Malware_Zero - Generic Malware UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	effdea83c6b7a1dc_autohotkeyu64.exe Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\7z8C39F5B4\AutoHotkeyU64.exe
Size	1.3MB
Processes	1460 (AutoHotkey_1.1.37.02_setup.exe)
Type	PE32+ executable (GUI) x86-64, for MS Windows
MD5	`2d0600fe2b1b3bdc45d833ca32a37fdb`
SHA1	`e9a7411bfef54050de3b485833556f84cabd6e41`
SHA256	`effdea83c6b7a1dc2ce9e9d40e91dfd59bed9fcbd580903423648b7ca97d9696`
CRC32	`9E40A9FD`
ssdeep	`24576:a3CTQQje6KWjFUsTNEDcN20pah5nQsrivkdhWeWr2O8hYzlj1TNp4j7YoqK:a3CTQQjxKWjFUsTWDcN20k5nQsrivkdq`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature Malicious_Packer_Zero - Malicious Packer IsPE64 - (no description) Generic_Malware_Zero - Generic Malware UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	6a98b438b67da731_autohotkeya32.exe Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\7z8C39F5B4\AutoHotkeyA32.exe
Size	775.5KB
Processes	1460 (AutoHotkey_1.1.37.02_setup.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`fd94b77958305a1ac3eeac27ee765256`
SHA1	`bdf7f5633cd529186c7c9c87c120a58c35515d2e`
SHA256	`6a98b438b67da7316e9251eb1a92cd5384a8349d239a77903f7282fa076a77c3`
CRC32	`E2898BA1`
ssdeep	`24576:Xm5sulQV7Bf5eUHngzv3xynU96at5gxqR:N8QV7RZov3xY5`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature Malicious_Packer_Zero - Malicious Packer IsPE32 - (no description) Generic_Malware_Zero - Generic Malware UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	4688629be394986c_windowspy.ahk Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\7z8C39F5B4\WindowSpy.ahk
Size	5.7KB
Processes	1460 (AutoHotkey_1.1.37.02_setup.exe)
Type	ASCII text, with CRLF line terminators
MD5	`32020e55548b1e9e7ce22899617d5cd2`
SHA1	`6aaeb5009dfae698449449e560feda2257187fd0`
SHA256	`4688629be394986c8dbe6517032429e6e8cdd9f5801ddb1ac1f53e6fe86eee7b`
CRC32	`E828397A`
ssdeep	`96:qama1ocNHbBffkP1TIQP1Iqc7WRSdqr+nTGNRp184yGSc0RcJO0M/cEcVMiTogi8:fma1ocNHbBkP1v+f7WRSdiWGNX1ivnRs`
Yara	None matched
VirusTotal	Search for analysis

Name	f5a5c05bf0fedcc4_ansi 32-bit.bin Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\7z8C39F5B4\Compiler\ANSI 32-bit.bin
Size	704.5KB
Processes	1460 (AutoHotkey_1.1.37.02_setup.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`31ed560d3edc5f1eea515c4358b90406`
SHA1	`36efc45f806ee021ef972dc80932f13f532d9ccd`
SHA256	`f5a5c05bf0fedcc451ade5676a5647e828a6f08cf6c21970e6c035f4311b5a3c`
CRC32	`E70C528B`
ssdeep	`12288:mU+9H3900EJqrekLEyTYQcDL/TNuUCziP6VFGO5lrEaKYNtcBvAuvlee2NCFbLkH:mU+9XNrenyktDLdYNtcdvQNC9wHAP5cX`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature Malicious_Packer_Zero - Malicious Packer IsPE32 - (no description) Generic_Malware_Zero - Generic Malware UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	23e5115a25e2d539_template.ahk Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\7z8C39F5B4\Template.ahk
Size	324.0B
Processes	1460 (AutoHotkey_1.1.37.02_setup.exe)
Type	UTF-8 Unicode (with BOM) text, with CRLF line terminators
MD5	`a85eeb1dc6f9a33897c407b4240dc20f`
SHA1	`be409c1ba630f2f11ab31e5f42c8a90ab49e8d8c`
SHA256	`23e5115a25e2d539057443b0f0e9740b9ae85d7de0da204f1d739c9b2e206058`
CRC32	`1BB6C0A3`
ssdeep	`6:cI7A/h++KZx7bXdqXwhuVIyMVI7eAAY4AATeBNFseoNNQWF5m7LdJy:cI7Ap++K/7zdqjwI7fFASHWeoN6WzsLy`
Yara	None matched
VirusTotal	Search for analysis

Name	ba35b8b4346b79b8_autohotkeyu32.exe Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\7z8C39F5B4\AutoHotkeyU32.exe
Size	893.0KB
Processes	1460 (AutoHotkey_1.1.37.02_setup.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`b6af97aa32c636c3c4e87bb768a3ceb7`
SHA1	`83054af67df43ae70c7f8ac6e8a499d9c9dd82ec`
SHA256	`ba35b8b4346b79b8bb4f97360025cb6befaf501b03149a3b5fef8f07bdf265c7`
CRC32	`C530CA5A`
ssdeep	`24576:Kbi/QhDC8mY93kyw8hC2A5CxLbRpWrzzZyP4UMdg:1/QMnl5YL7WzZyQRd`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature Malicious_Packer_Zero - Malicious Packer IsPE32 - (no description) Generic_Malware_Zero - Generic Malware UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	2d193510b56fbdb8_unicode 32-bit.bin Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\7z8C39F5B4\Compiler\Unicode 32-bit.bin
Size	822.5KB
Processes	1460 (AutoHotkey_1.1.37.02_setup.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`db213c2dc5d0f542a1e925f09c021e05`
SHA1	`41bebccc1dd9c44c4407892daa3d3fe44c2216d7`
SHA256	`2d193510b56fbdb8530f8ded2f1c9fb982df971dca5fad1f24f558be16a4f804`
CRC32	`1E6CFEBE`
ssdeep	`12288:9YEd//LbpeDJ4jfiIaBRtwfESz9pfYbVC3pKEVj4988fH:9bJIJ4TiIaBYfTz9wC3pKqH8fH`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature Malicious_Packer_Zero - Malicious Packer IsPE32 - (no description) Generic_Malware_Zero - Generic Malware UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis