Dropped Files | ZeroBOX
Name 722fcfe103a9f3f0_{ab5ebbbc-af95-11ef-948e-94de278c3274}.dat
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{AB5EBBBC-AF95-11EF-948E-94DE278C3274}.dat
Size 4.5KB
Processes 2776 (iexplore.exe)
Type Composite Document File V2 Document, Cannot read section info
MD5 db79bf47df8cba53361dbb7a1b7dc58c
SHA1 634f1b855a82d13f93b1887465b6ab773da0b1fe
SHA256 722fcfe103a9f3f07cfd0c6c1f672b8ac73415f7bd42a0686490e8e995b36185
CRC32 7B62AFE7
ssdeep 12:rlxAF0rEgm8GL7KFzXxrEgm8Gr7qsANl26abax1NlgfRbax:r7G8TxG8WANlIoNls
Yara
  • Microsoft_Office_File_Zero - Microsoft Office File
VirusTotal Search for analysis
Name 1beb05868ce93bcc_IE9CompatViewList[1].xml
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTDTA402\IE9CompatViewList[1].xml
Size 141.8KB
Type XML 1.0 document, ASCII text, with CRLF line terminators
MD5 9b63e0fb3785ffa49686dd75e303d177
SHA1 e3992de5a1b8f58a11a52ad71f275ae413927eb4
SHA256 1beb05868ce93bcc8fafc46adccdda6d104f3c6f6c6ed454d8a6c0c208d9bd0e
CRC32 F778EDEF
ssdeep 3072:AoSMrEDL1FwhdFFaz6l8vHG+TbFPAzepobjyG7I1K1IB2+Tir8v1IG9aIedyPcFC:dSMrEDL1FwhdFFaz6l8vHG+TbFPAzepR
Yara None matched
VirusTotal Search for analysis
Name 46da367d27a75161_recoverystore.{aebb6ca5-af95-11ef-948e-94de278c3274}.dat
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{AEBB6CA5-AF95-11EF-948E-94DE278C3274}.dat
Size 5.0KB
Processes 2448 (iexplore.exe)
Type Composite Document File V2 Document, Cannot read section info
MD5 2de40d45cfde4b50a31750d0017257f4
SHA1 a76c3ed5127d210ce11be6d7a38d4dfd7d43a364
SHA256 46da367d27a7516177cc62b43af2de9423ef9abfb61b68290c4ca34ff5f107a1
CRC32 5C8759C9
ssdeep 12:rlfF27rEg5+IaCrI0CI7eF2ITrEgmZ+IaCrI0CIc8GmRVOeMiqI771NlTqbaxcfL:rq75/fITG5/k85jBM+NlWPL8NlWPgq
Yara
  • Microsoft_Office_File_Zero - Microsoft Office File
VirusTotal Search for analysis
Name b7c225ef3cc3e875_d93f411851d7c929.customDestinations-ms~RF125ffcb.TMP
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d93f411851d7c929.customDestinations-ms~RF125ffcb.TMP
Size 7.8KB
Processes 3052 (powershell.exe) 1336 (powershell.exe)
Type data
MD5 81ca4510272caf505e8091e9a28cb716
SHA1 71414aeec9f1e4a6f5a461b01700cc9cc992cd9e
SHA256 b7c225ef3cc3e87506150eb140e7b9cc127a3469c50a808854acac71a53d98bf
CRC32 FC31E90F
ssdeep 96:EtuCcBGCPDXBqvsqvJCwoRtuCcBGCPDXBqvsEHyqvJCwor/47HwxGlUVul:EtCgXoRtCgbHnorLxY
Yara
  • Antivirus - Contains references to security software
  • Generic_Malware_Zero - Generic Malware
VirusTotal Search for analysis
Name deb75dd9ce642d0b_recoverystore.{ab5ebbbb-af95-11ef-948e-94de278c3274}.dat
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{AB5EBBBB-AF95-11EF-948E-94DE278C3274}.dat
Size 5.0KB
Processes 2776 (iexplore.exe)
Type Composite Document File V2 Document, Cannot read section info
MD5 173a2edf1320b9baddb8bae6f6173a51
SHA1 d4566db434dc26b2e6fe89ea31b17db1489925b8
SHA256 deb75dd9ce642d0b3044922ce8198fc3b11d06c0a6c886c6b33bc7d40fcff3e1
CRC32 2DB22EE4
ssdeep 24:rqH5/ft1yTG5/k85jBM+NlWXvOHNlWXe5:rK5fGG5cojBSXvZX
Yara
  • Microsoft_Office_File_Zero - Microsoft Office File
VirusTotal Search for analysis
Name 94b49ff565d6e137_{aebb6ca6-af95-11ef-948e-94de278c3274}.dat
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{AEBB6CA6-AF95-11EF-948E-94DE278C3274}.dat
Size 4.5KB
Processes 2448 (iexplore.exe)
Type Composite Document File V2 Document, Cannot read section info
MD5 5b5ef53ca00ea07c12fea07022b6f6c3
SHA1 557a185f996b74a958c65e7a5ea708239b07b2e9
SHA256 94b49ff565d6e1373c2b2772b6036a4cc81594aff4d4a60081b9b4f0973b7068
CRC32 2B389B4F
ssdeep 12:rlxAFPrEgm8GL7KFWxrEgm8Gr7qsANl26abax1NlgfRbax:rgG8GxG8WANlIoNls
Yara
  • Microsoft_Office_File_Zero - Microsoft Office File
VirusTotal Search for analysis