popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 58f2e2d814299ecc_webext.sc.lz4
Submit file
Filepath C:\Users\test22\AppData\Local\Mozilla\Firefox\Profiles\qxo5wa6x.default-release\startupCache\webext.sc.lz4
Size 105.0KB
Type data
MD5 1c5d6d46653fbdfaab865d9fe0b41a54
SHA1 0bf5b952a5adbd1290f6e3baee0d944b8e95fab8
SHA256 58f2e2d814299ecc744a1a7fbdfacfb0632549941b0f3801954eb3b8ed940676
CRC32 87904CCE
ssdeep 3072:igI+ruOTMFUau+63U0BYLiM97vzY/lkRAYjIW0ePk:0+rvTYo6j1236s
Yara None matched
VirusTotal Search for analysis
Name 0b8607fdf72f3e65_cookies.sqlite
Submit file
Filepath C:\Users\test22\AppData\Roaming\Mozilla\Firefox\Profiles\qxo5wa6x.default-release\cookies.sqlite
Size 96.0KB
Type SQLite 3.x database, user version 12, last written using SQLite version 3038003
MD5 d367ddfda80fdcf578726bc3b0bc3e3c
SHA1 23fcd5e4e0e5e296bee7e5224a8404ecd92cf671
SHA256 0b8607fdf72f3e651a2a8b0ac7be171b4cb44909d76bb8d6c47393b8ea3d84a0
CRC32 842B3569
ssdeep 12:DQAwfWk73Fmdmc/OPVJXfPNn43etRRfYR5O8atLqxeYaNcDakMG/lO:DQAwff32mNVpP965Ra8KN0MG/lO
Yara None matched
VirusTotal Search for analysis
Name 252ee64bfb5ade53_urlCache.bin
Submit file
Filepath C:\Users\test22\AppData\Local\Mozilla\Firefox\Profiles\qxo5wa6x.default-release\startupCache\urlCache.bin
Size 3.2KB
Type data
MD5 ed220b99d29a9f969ba42da9deea2dfa
SHA1 33afcd8d6390e85e519d49e5db7654147daf34ec
SHA256 252ee64bfb5ade53b7b419d634b519a6223008339fa8b316293d90d4e65b4ab5
CRC32 52377592
ssdeep 48:/qbHgqedXU753de/xJtISt3bqhJtgtkt0IbvVr9cHSWypBr/BWLaLWcbsyMJrls:/qMqedXUd3AIq3bucwbhcmVsXJr6
Yara None matched
VirusTotal Search for analysis
Name a67115b767cd1f5b_scriptCache-child.bin
Submit file
Filepath C:\Users\test22\AppData\Local\Mozilla\Firefox\Profiles\qxo5wa6x.default-release\startupCache\scriptCache-child.bin
Size 824.1KB
Type data
MD5 5fca71ec196a94ddd75c299f455f8289
SHA1 e2eac02c316dc41ef01819b48111f9eb9a7ae0ba
SHA256 a67115b767cd1f5b92828998b99d1865067e567f8051340849b6def682234d33
CRC32 20E727DA
ssdeep 6144:7Lv50b7rtyuRMAMgDh6QbZpZltg2ebfhAFgMWM/OB48SuTSBWobBmPLtPkZ:f5ctdD15PgMWM/OXnSBWobItcZ
Yara None matched
VirusTotal Search for analysis
Name b4709acbae8c9355_scriptCache.bin
Submit file
Filepath C:\Users\test22\AppData\Local\Mozilla\Firefox\Profiles\qxo5wa6x.default-release\startupCache\scriptCache.bin
Size 9.2MB
Type data
MD5 2a531b9908cd4740306590090699e0b2
SHA1 92fb9d89d108db2ad580c77345faf9c5961cf860
SHA256 b4709acbae8c9355f5344c2cb670de78da945a0f5b3d1636ea2fff6ca2718be0
CRC32 E6DFCFD0
ssdeep 49152:zfNsfR/eXfWVAoIgPm6tnQhA3RAViGtP7lbASvzmjdYDNMpeckIOehICZ3ZkF:zfNyYOVi6xskmPZASvz0GMs2hIF
Yara
  • anti_vm_detect - Possibly employs anti-virtualization techniques
  • RedLine_Stealer_b_Zero - RedLine stealer
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name cacb3b090bd98317_compatibility.ini
Submit file
Filepath C:\Users\test22\AppData\Roaming\Mozilla\Firefox\Profiles\qxo5wa6x.default-release\compatibility.ini
Size 200.0B
Processes 2164 (firefox.exe) 560 (firefox.exe) 3288 (firefox.exe) 2180 (firefox.exe) 4020 (firefox.exe) 3788 (firefox.exe) 3676 (firefox.exe)
Type Windows WIN.INI, ASCII text, with CRLF line terminators
MD5 63f28ee6c5768202c31eaf82725b64c2
SHA1 edc0b0c87aaa262a0aba6e6b29b2c31cc04fcf39
SHA256 cacb3b090bd98317500f593712c4bf51b5197c7aa9e07b6e10cab50144339ff0
CRC32 D70ADABB
ssdeep 3:tZAQU6oEl1mE12NE2aT/P4WX1rDZjrEFwHQ3ZjrEFwslyy:VoKmbbabN1rDVEFycVEFL
Yara None matched
VirusTotal Search for analysis
Name ec86dff13ec188e0_startupCache.8.little
Submit file
Filepath C:\Users\test22\AppData\Local\Mozilla\Firefox\Profiles\qxo5wa6x.default-release\startupCache\startupCache.8.little
Size 7.4MB
Type data
MD5 c9fdf6ced10ea267f5e1e7d6cb4b467c
SHA1 181148adeccc66362e241a8f434ea384daa5f27b
SHA256 ec86dff13ec188e0afcec1f59397551e7072a12b24d6a20dc91b3e9705a63e4e
CRC32 F1DD0004
ssdeep 98304:XxxN8Jzl6VttNx8UoxmuWR2FPGjD79MJRGD3j/s3:Xl89lMz/FuW+6D72iTk
Yara
  • anti_vm_detect - Possibly employs anti-virtualization techniques
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis