Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
01.30 07:01
joiner.exe
01.30 07:01
stub.exe
01.30 07:01
fag.exe
01.30 07:01
rh_0-8_2025-01-23_15-0...
01.30 07:01
newest.exe
01.30 07:01
setup_64.msi
01.30 07:01
1.jar
01.30 07:01
enai2.exe
01.30 07:01
BQEHIQAG.exe
01.30 07:01
lmao.exe

Latest News
01.31 11:01
DeepSeek’s Rise Shows ...
01.31 11:01
‘Mario Kart’ May Help ...
01.31 10:01
대구사이버대학교, 2025 미술치료학과 ...
01.31 10:01
로얄 캐네디언, 2024 ‘미래창조경영우...
01.31 10:01
IT Sicherheitsnews tae...
01.31 10:01
IT Sicherheitsnews tae...
01.31 09:01
Files of interest
01.31 09:01
광주요, 캐주얼라인 신규 컬러 '도화 소...
01.31 09:01
Samsung’s Chip Profit ...
01.31 09:01
US Probing Whether Dee...

Dropped Files | ZeroBOX

Name	5e95b7f0f6195641_values Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Values
Size	105.0KB
Processes	2536 (extrac32.exe)
Type	data
MD5	`ded93e90f58e2c9626a72ed4ba4404c2`
SHA1	`b8422e7d6714ebe06f2e0187fc3b50db32cd9a40`
SHA256	`5e95b7f0f61956416e514698ee7bc6adefaaf321276940b947ea4fce7b2df28d`
CRC32	`43654013`
ssdeep	`1536:/u2IwNnPEBiqXv+G/UXT6TvY464qvI932eOypvcLSDOSpZ+Sh+I+FrbCyI7P4Cx3:rcBiqXvpgF4qv+32eOyKODOSpQSAU4CR`
Yara	None matched
VirusTotal	Search for analysis

Name	80d298fc901763b1_remove Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Remove
Size	53.0KB
Processes	872 (1.exe)
Type	data
MD5	`cc5fffb779a4f41e56566a7012584961`
SHA1	`51097e48414b2964cae865a5f6242277de41cd22`
SHA256	`80d298fc901763b121b1055474882f2dbc39023a90b2a07880917528ccefe710`
CRC32	`2DE18AB4`
ssdeep	`1536:nT7lEI20uiz6lJ3W7Y/0wCVCdxnBJUqyfYGi7SKgnyH:nPlEiNzEW7YdCo/nBoYL7i4`
Yara	None matched
VirusTotal	Search for analysis

Name	6d85d7c342a3ba28_universities Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Universities
Size	25.4KB
Processes	872 (1.exe)
Type	ASCII text, with very long lines, with CRLF line terminators
MD5	`ea5bb74e17f13a38198f152786e83aad`
SHA1	`39d4cd7c660a4de6aaab32365c4d557bee3f1e14`
SHA256	`6d85d7c342a3ba28411fa4c69983cfceea5df9c70835444052704644edead06b`
CRC32	`39B3E7EC`
ssdeep	`768:3lDGu1PMj43YyiRqFm3OMBiTeSc4rPHtZKpXVaQfRIJW6i8:35Guo4oyiam3ONFTR`
Yara	None matched
VirusTotal	Search for analysis

Name	00f9508cfaa49cb0_q Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\634977\Q
Size	254.9KB
Processes	2672 (cmd.exe)
Type	data
MD5	`18d6ca5cd4425b2a59d0204845b3a313`
SHA1	`d40789e751f1df3d8b4a3589e3c0e46c73734982`
SHA256	`00f9508cfaa49cb06d23a766bcf7400a01d520e9c59ded5ee432445433dc92a7`
CRC32	`26C4A821`
ssdeep	`6144:uI+2kC/+Hpt4pXPjBEXBH/ziVCDRFyHaKxxY2y6Nu:GSKtGLBE1/hDDkaKx7Bu`
Yara	None matched
VirusTotal	Search for analysis

Name	3254c74935f6680e_throws Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Throws
Size	74.0KB
Processes	872 (1.exe)
Type	data
MD5	`2331dd69e6c3c1ecac03980021baa6df`
SHA1	`8f10c41f00e379c88e729b41641fd463833a0376`
SHA256	`3254c74935f6680e0236e1e1eba86001049c09cc2e13872d15da14850a608288`
CRC32	`5A5B5065`
ssdeep	`1536:ptek8sXflQVCDsfwQvY5u7YRxemFgqNMo5qSr+z:ptekFdQVCDRu7Yyqgd9`
Yara	None matched
VirusTotal	Search for analysis

Name	abc00f6ea9b8e1cc_competing Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Competing
Size	43.9KB
Processes	872 (1.exe)
Type	data
MD5	`d746b31bfc276902000f23e46ca7e00b`
SHA1	`28dedd273385b424355907e3b894564e384f4059`
SHA256	`abc00f6ea9b8e1cc8088ea704e592037fea434afd5fff489d90c30611324975b`
CRC32	`9DF1D08F`
ssdeep	`768:VIE0Wbi1KHNRnKPLDoxra1xTOg9PZbG24I2y6oOjX+bUWyhnu:VIK1tRnKPL8xu1xq02y6Yghnu`
Yara	None matched
VirusTotal	Search for analysis

Name	9104124ae4ad1d8c_voltage Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Voltage
Size	55.0KB
Processes	2536 (extrac32.exe)
Type	data
MD5	`8efbda5bb6164a66a1f120d8930da11b`
SHA1	`a1015e9d7078a246be522ac4b35f52a607c17782`
SHA256	`9104124ae4ad1d8c695959c01373d95e256cc15f71425b08d1f62cec180ac6f2`
CRC32	`B8F788C3`
ssdeep	`1536:peoMmOrrHL/uDoiouK+r5bLmbZzW9FfTubb1/Dde6YFI:peoMmOqDoioO5bLezW9FfTut/Dde6uI`
Yara	None matched
VirusTotal	Search for analysis

Name	e5c79f935df843f9_wagon Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Wagon
Size	1.6KB
Processes	2536 (extrac32.exe)
Type	data
MD5	`aceb4987ea23e89dc0ff759872b4150b`
SHA1	`d0afee14ceb4cd5b5b8a312fc59375099915a415`
SHA256	`e5c79f935df843f966f156b4af4f8705f43b51107ff046272bfbccbf2914be94`
CRC32	`8325DB49`
ssdeep	`24:hyGS9PvCA433C+sCNC1skNkvQfhSHQU2L55e1yb/uBx39lt6Y:a9n9mTsCNvEQH5O5U1nPf`
Yara	None matched
VirusTotal	Search for analysis

Name	ca5148eff2fbb467_nec Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Nec
Size	126.0KB
Processes	2536 (extrac32.exe)
Type	data
MD5	`7607db05af8586a80dade4c8f1a86ad8`
SHA1	`54caefa7ddedc91c34b600f9b41be61593c56f68`
SHA256	`ca5148eff2fbb467e84ce97caff533293a07d8e76185feb4415736ef77502006`
CRC32	`9305A264`
ssdeep	`1536:TKaj6iTcPAsAhxjgarB/5el3EYrDWyu0uZo2B:T6whxjgarB/5elDWy4ZNB`
Yara	Malicious_Library_Zero - Malicious_Library Generic_Malware_Zero - Generic Malware
VirusTotal	Search for analysis

Name	b395934f2de31fcb_kate Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Kate
Size	46.5KB
Processes	2536 (extrac32.exe)
Type	data
MD5	`a0dcdce55a0627816c76cd3461759e39`
SHA1	`48e473e8e049f3ac258a629a3e6e8c6c5fc64867`
SHA256	`b395934f2de31fcb8309f6a5cba3d07cb5122380117d11b1f681c2d7c2b79976`
CRC32	`8511F6AA`
ssdeep	`768:M9BGmd9OTGQ1Dv7sMvLHfR/ZByLiFuO/ChgZ45VatJVEV3GPkjF:M9BGmdATGODv7xvTphAiPChgZ2kOE6`
Yara	None matched
VirusTotal	Search for analysis

Name	04b3af982173bc42_gothic Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Gothic
Size	113.0KB
Processes	2536 (extrac32.exe)
Type	data
MD5	`b24851fb189761252c2e60157aa349e9`
SHA1	`1c8950ab3ab3476f22ea451bf2d1d4c04a4b6e3b`
SHA256	`04b3af982173bc42e37ed4145162a79abaccef1914996fbde18aa377ee75f45d`
CRC32	`8FD410C7`
ssdeep	`3072:7VOoQ7t8T6pUkBJR8CThpmESv+AqVnBypIbv18mLthfhny:o6AUkB0CThp6vmVnjphfhny`
Yara	None matched
VirusTotal	Search for analysis

Name	bb782d6a6b5a646a_expanding Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Expanding
Size	56.0KB
Processes	2536 (extrac32.exe)
Type	data
MD5	`fb1683f53f13b7dbe5db3aef09074e67`
SHA1	`04542e61c4f24a07e5fd2d24a093edf8bd5b0f59`
SHA256	`bb782d6a6b5a646a35eaa0ec09e17e48dbed725ec4e4b21358fa085f76baad65`
CRC32	`AD883EA0`
ssdeep	`1536:Tq0vQEcmFdni8yDGVFE5gOHu1CwCMIBZwneAJu7QnswIPumV3B4:G0Imbi80PtCZEMnVIPPB4`
Yara	None matched
VirusTotal	Search for analysis

Name	1300262a9d6bb6fc_surrey.com Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\634977\Surrey.com
Size	925.1KB
Processes	2628 (cmd.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`62d09f076e6e0240548c2f837536a46a`
SHA1	`26bdbc63af8abae9a8fb6ec0913a307ef6614cf2`
SHA256	`1300262a9d6bb6fcbefc0d299cce194435790e70b9c7b4a651e202e90a32fd49`
CRC32	`03563F8F`
ssdeep	`24576:uvG4FEq/TQ+Svbi3zcNjmsuENOJuM8WU2a+BYK:u9GqLQHbijkmc2umva+OK`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsPE32 - (no description) Generic_Malware_Zero - Generic Malware UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	3b60082174b17222_courage Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Courage
Size	84.0KB
Processes	872 (1.exe)
Type	data
MD5	`7cd4bd9c45027736143df559673df306`
SHA1	`4080a3c2a9f6444185c1525fe4e619a2fe9f5576`
SHA256	`3b60082174b17222df87b064230a32fcfb079f9f2721bb0b5b7cd59111a45548`
CRC32	`1C58F90D`
ssdeep	`1536:MOYugiEST40rqxwTrrJ6CVKZRC/I3o0XNe9jyj32bp7PAxhTALUg8mAA13:uiESk0+85KjC/I3HXNlaVPStALig3`
Yara	None matched
VirusTotal	Search for analysis

Name	f726fe147bde8e66_representing Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Representing
Size	131.0KB
Processes	2536 (extrac32.exe)
Type	data
MD5	`f100c01d94625f55d67b50aa1e5de126`
SHA1	`273ac1108a9fce76270344b8140ebf30e1931702`
SHA256	`f726fe147bde8e66309e97ffc5a17bafb950e11552d41033b5f4d54b0df882f7`
CRC32	`0EFAE851`
ssdeep	`3072:cT/sZydTmRxlHS3NxrHSBRtNPnj0nEoXnmowS2u5l:O/sZ7HS3zcNPj0nEo3tb2G`
Yara	None matched
VirusTotal	Search for analysis

Name	e3b0c44298fc1c14_nszBEC7.tmp Empty file or file not found
Filepath	C:\Users\test22\AppData\Local\Temp\nszBEC7.tmp
Size	0.0B
Type	empty
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
CRC32	`00000000`
ssdeep	`3::`
Yara	None matched
VirusTotal	Search for analysis

Name	c7257e587eab697f_refinance Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Refinance
Size	147.0KB
Processes	2536 (extrac32.exe)
Type	data
MD5	`1fc300e7b135f7417a1978b287c3aed9`
SHA1	`70dcbfbfcd51fcea6f9ac25d00b3dfb000117b3f`
SHA256	`c7257e587eab697f7dd09f02193af3f6a9c1c4f298aa36182b574ac44dde65e2`
CRC32	`95C13CD1`
ssdeep	`3072:J40ewy4Za9coRC2jfTq8QLeAg0Fuz08XvBNbjaAtsP1:J4V14ZgP0JaAOz04phdy9`
Yara	None matched
VirusTotal	Search for analysis

Name	6c7f3899ebb6a5a6_firewire Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Firewire
Size	144.0KB
Processes	2536 (extrac32.exe)
Type	data
MD5	`c6a95332417fbff1a331f58887c76a59`
SHA1	`f6661b22a4fbb12ad6cb3604018d680c21326ac5`
SHA256	`6c7f3899ebb6a5a63cf289a24cb0347f9b7b2183d6811addfab51b9b9f34d81e`
CRC32	`EA56BD81`
ssdeep	`3072:WZg5PXPeiR6MKkjGWoUlJUPdgQa8Bp/LxyA3laW2UDQWf05mjm:WK5vPeDkjGgQaE/loUDtf0am`
Yara	None matched
VirusTotal	Search for analysis

Name	5cbd6b08d52bd78a_gtk Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Gtk
Size	476.3KB
Processes	872 (1.exe)
Type	Microsoft Cabinet archive data, 487718 bytes, 10 files
MD5	`7a6e2b31b9bf017af1dc514571165556`
SHA1	`30175d44711a4fae5de3783bb38d2d3dedb549d6`
SHA256	`5cbd6b08d52bd78a8d6fd160ff78005c194e4a356036a43af74bb01fb347f479`
CRC32	`2C0BD761`
ssdeep	`12288:e9+oAnGSLTiB9FvDXW1JkUVmtElyUb/XCsM2Lu:e4nGlDvDm1zgtE8uM2Lu`
Yara	CAB_file_format - CAB archive file
VirusTotal	Search for analysis