popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name d6431d5645fffd05_d93f411851d7c929.customdestinations-ms
Submit file
Filepath c:\users\test22\appdata\roaming\microsoft\windows\recent\customdestinations\d93f411851d7c929.customdestinations-ms
Size 7.8KB
Processes 496 (powershell.exe)
Type data
MD5 260d23ce04a8f8555a73b7d2dc15e911
SHA1 ebad746fb7de847c50f7502a44f6e35534733efd
SHA256 d6431d5645fffd05a23166d630253bc7ce8c099cf6e9c956f8ae5e1249ee8588
CRC32 11D6B213
ssdeep 96:ctuCeGCPDXBqvsqvJCwo5tuCeGCPDXBqvsEHyqvJCworSP7Hwxf2lUVul:ctvXo5tvbHnorrxQ
Yara
  • Antivirus - Contains references to security software
  • Generic_Malware_Zero - Generic Malware
VirusTotal Search for analysis
Name 5a1217de6b0e4161_id.log
Submit file
Filepath C:\Users\Public\Documents\id.log
Size 78.0B
Processes 496 (powershell.exe)
Type Little-endian UTF-16 Unicode text, with CR line terminators
MD5 c0fb8a429554b132eb16d026aeb0ad8c
SHA1 ff0812484474401faec917858f0608ea857c8b02
SHA256 5a1217de6b0e41617937ec576480e9ce725550f72e2bdefa37327110612d3e19
CRC32 3EA50516
ssdeep 3:QGnkljMPIlRDylblX6WWlDG:QGnk2I6lbYRG
Yara None matched
VirusTotal Search for analysis
Name a9220271c0eb79e5_d93f411851d7c929.customDestinations-ms~RF102193e.TMP
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d93f411851d7c929.customDestinations-ms~RF102193e.TMP
Size 7.8KB
Type data
MD5 b0c9ff441742f3847ea27da9dee7f2cd
SHA1 c42a1eb32ba953a0ce5d8635caabf71b5b281495
SHA256 a9220271c0eb79e5750e0d0e62058ecac560e09cdf9e82ef61aeeabada5d48a4
CRC32 0BBCAB1A
ssdeep 96:RutuCOGCPDXBqvsqvJCwo+utuCOGCPDXBqvsEHyqvJCworSP7Hwxf2lUVul:UtvXoxtvbHnorrxQ
Yara
  • Antivirus - Contains references to security software
  • Generic_Malware_Zero - Generic Malware
VirusTotal Search for analysis
Name d27e10fd2e98fed4_google chrome.lnk
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Google Chrome.lnk
Size 2.8KB
Processes 496 (powershell.exe)
Type MS Windows shortcut, Item id list present, Has Description string, Has Relative path, Has command line arguments, Icon number=0, ctime=Sun Dec 31 15:32:08 1600, mtime=Sun Dec 31 15:32:08 1600, atime=Sun Dec 31 15:32:08 1600, length=0, window=hidenormalshowminimized
MD5 906f95c60391a80d0a849adab8219b6c
SHA1 2bf4f33893c0232fdb6a15558d840eee2330d062
SHA256 d27e10fd2e98fed43c0c49c9f71d5e5001fc10dcfdc23b76eb1e8ccbdc06963e
CRC32 3327073F
ssdeep 24:8YpQQ3vrg+/CWtiFC+cJ753+g+ccmg3PHIgo6zi+cSCsMhfoqHEPZPTZfxdRZN0B:8YpQsSV/og5UpmxTnd/KR+/KRwy
Yara
  • Antivirus - Contains references to security software
  • lnk_file_format - Microsoft Windows Shortcut File Format
  • Lnk_Format_Zero - LNK Format
  • Generic_Malware_Zero - Generic Malware
VirusTotal Search for analysis