Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
11.05 04:11
VST32License.exe
11.05 03:11
VST32License.exe
11.03 01:11
DocTromTinNhan.exe
11.01 06:11
MPDW-constraints.vbs
11.01 06:11
87f3f2.exe
11.01 06:11
Client-built.exe
11.01 06:11
norm.exe
11.01 06:11
chrome_131.exe
11.01 06:11
kjrhjijawdkrjhh.exe
11.01 09:11
Calibre_Installer.exe

Latest News
11.05 01:11
메가존클라우드-파이오링크, 클라우드 보안...
11.05 01:11
프로페셔널 헤어케어 브랜드 레삐, ‘20...
11.05 01:11
Chinese Group Accused ...
11.05 01:11
25년 정보보호 전자공시시스템 고도화 및...
11.05 01:11
KISA, 민원 응대 보호시스템 전사 확대
11.05 01:11
아늑샵, 2024년 4분기 '한국소비자인...
11.05 01:11
크라운슬립, 프리미엄 구스 이불 론칭 기...
11.05 01:11
Google Warns of Active...
11.05 12:11
안랩, 2024년 3분기 매출 685억,...
11.05 12:11
Southeast Asia’s Digit...

Dropped Files | ZeroBOX

Name	d8b7c7178fbadbf1_dump.pif Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\438799\Dump.pif
Size	872.7KB
Processes	2096 (cmd.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`18ce19b57f43ce0a5af149c96aecc685`
SHA1	`1bd5ca29fc35fc8ac346f23b155337c5b28bbc36`
SHA256	`d8b7c7178fbadbf169294e4f29dce582f89a5cf372e9da9215aa082330dc12fd`
CRC32	`388D364B`
ssdeep	`12288:WpV0etV7qtINsegA/rMyyzlcqakvAfcN9b2MyZa31tqoPTdFbgawV2501:WTxz1JMyyzlohMf1tN70aw8501`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsPE32 - (no description) Generic_Malware_Zero - Generic Malware UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	8a787b23bd5bef3d_l Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\438799\L
Size	219.2KB
Processes	2552 (cmd.exe)
Type	data
MD5	`7c55f7cb1af93f36a36462daeb277e12`
SHA1	`7997ec97a93b98e63b4297cce8536aa5acc4391f`
SHA256	`8a787b23bd5bef3d04590f9b0fe65b2d8dd68b1239a8bf64b3b4f4f6a2ed0633`
CRC32	`E9433F1F`
ssdeep	`3072:t3+D+6cImItj8aknXlll/tzfZHLc5E7D7qlqPYmzgAsVwVZhPlDxad4pE31eG5zf:IDhmlakFxqi7D7lgr6VZJJ/E1vr3z`
Yara	None matched
VirusTotal	Search for analysis

Name	2023b2b1b846879c_threat Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Threat
Size	866.8KB
Processes	1460 (BandiCut.exe)
Type	data
MD5	`575fab4ea3ad0352f99fb2f1b40904b2`
SHA1	`c6c98243bf86a6ce11149ca68a1af80926275efe`
SHA256	`2023b2b1b846879c0299968af3cb8fca736b29533b1488d317ea7b9cdc96537c`
CRC32	`E3D9C265`
ssdeep	`12288:rV0etV7qtINsegA/rMyyzlcqakvAfcN9b2MyZa31tqoPTdFbgawV2501:xxz1JMyyzlohMf1tN70aw8501`
Yara	Malicious_Library_Zero - Malicious_Library Generic_Malware_Zero - Generic Malware OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	a7233c9a08756c3e_highlighted Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Highlighted
Size	7.0KB
Processes	1460 (BandiCut.exe)
Type	ASCII text, with very long lines, with CRLF line terminators
MD5	`674742a294ae6ee0a685696ca91d9913`
SHA1	`def90db4c44fdf4ec1d8698477434e3960063342`
SHA256	`a7233c9a08756c3eb05c6253a7a6c2ef9ec4f36816a8a733ae5280bf0e28cea6`
CRC32	`E8E464C3`
ssdeep	`192:QQmwxz2Dt7hgS/ryUml7U5MW2zgzn/T22D:FWyUmVCMWrPD`
Yara	None matched
VirusTotal	Search for analysis

Name	42a9fd93f9537cf5_tale Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Tale
Size	71.0KB
Processes	1460 (BandiCut.exe)
Type	data
MD5	`0058d41f87a34c360bd93510db25c6d1`
SHA1	`a186ef494091cc652c03e232b16bc98c5a5714aa`
SHA256	`42a9fd93f9537cf54282fb095ae2eab4bb35a44f5073ebde4da10b0df7a621d7`
CRC32	`0718EE06`
ssdeep	`1536:UzhqN4gqPYiLzLfE7MsVweop2gZhPlDopsvPid4npE318:RlqPYmzgAsVwVZhPlDxad4pE318`
Yara	None matched
VirusTotal	Search for analysis

Name	fb0b8c6e6d54f431_flyer Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Flyer
Size	5.9KB
Processes	1460 (BandiCut.exe)
Type	data
MD5	`7c69fc2b30363c5df405306dd8a0be9f`
SHA1	`f87ecb504029520a1a143eaf3277558a25199ceb`
SHA256	`fb0b8c6e6d54f43174a71c7b42c0bd0b7cf2140f52aaab514bb06ecce15f80d1`
CRC32	`5E3255A2`
ssdeep	`96:xxgUzr4tgOwVAfBzDICS09CAi6R7u+IhsObfS+NsPvj6ooxdofjxP3yGj1H039LL:3HAeOqAFDw09CV/2nPvj6DdMP3r1HI5L`
Yara	Suspicious_Obfuscation_Script_2 - Suspicious obfuscation script (e.g. executable files)
VirusTotal	Search for analysis

Name	e3b0c44298fc1c14_nspC195.tmp Empty file or file not found
Filepath	C:\Users\test22\AppData\Local\Temp\nspC195.tmp
Size	0.0B
Type	empty
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
CRC32	`00000000`
ssdeep	`3::`
Yara	None matched
VirusTotal	Search for analysis

Name	c5039fa8d454c804_turn Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Turn
Size	92.0KB
Processes	1460 (BandiCut.exe)
Type	data
MD5	`af1c4b06a417402cb7499cafb8f20dc9`
SHA1	`d15cfe3df9118d5443cf1ecb2169e648b08984f2`
SHA256	`c5039fa8d454c8042bb41d5398e524805197ec753cb68b18f1c3e32b063eec2b`
CRC32	`6DAFB592`
ssdeep	`1536:t2K13O1LDzK6cIppQTIUIj8akLPaebXllVr/9PzOr3ByZHkyirghi5rI7V2CtFg:t3+D+6cImItj8aknXlll/tzfZHLc5E7A`
Yara	None matched
VirusTotal	Search for analysis

Name	e833449be64833ff_intensity Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Intensity
Size	56.2KB
Processes	1460 (BandiCut.exe)
Type	data
MD5	`06330d422df60304b4ba3f65e50efd3b`
SHA1	`14084105f183a59b0d6f5556d0ccd40059b5a989`
SHA256	`e833449be64833fff70a2b81d72bc9e79d46676b30f9bd47d9fa2c51f26d7241`
CRC32	`9EAB208D`
ssdeep	`768:TjNlqwJ/mmjrtGesZk4Rraajw+ZcG7dsoH12Q2IhdzNXt59udwzVX3Oppwvoihb5:tlqYj8tBOa5P7aQrhdzL59u4tOGj`
Yara	None matched
VirusTotal	Search for analysis