Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
04.29 05:04
tomcaterror.bmpqoq
04.29 04:04
qoq.ps1
04.29 04:04
Important_Document.pdf...
04.29 04:04
dllbase64reverse.txt.exe
04.29 10:04
RuntimeBroker.exe
04.29 10:04
2555d50c-0b7e-4aa3-8d8...
04.29 10:04
csr.bin
04.29 10:04
test.exe
04.29 10:04
FreePhotoShop%20Meme%2...
04.29 10:04
discord.exe

Latest News
04.30 04:04
Apple AirPlay: Sicherh...
04.30 04:04
Schwere Lücken in AirP...
04.30 04:04
Reddit-User wurden ung...
04.30 04:04
Recall in Windows 11: ...
04.30 04:04
Effizienz neu gedacht:...
04.30 04:04
Beim Jugendschutz vers...
04.30 04:04
10 Best Cybersecurity ...
04.30 04:04
Over 400 servers found...
04.30 04:04
Amazon, CrowdStrike le...
04.30 04:04
There’s An Venusian Sp...

Dropped Files | ZeroBOX

Name	8f392681e8f691e1_glg909.tmp Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\GLG909.tmp
Size	145.0B
Processes	2660 (update.exe)
Type	diff output, ASCII text, with CRLF line terminators
MD5	`ca83f8251cf791adade70aa22d447f2f`
SHA1	`1ce6541d73c01af50324fa30949d12bf62afdb9e`
SHA256	`8f392681e8f691e10c5922d884c19cdb5a944908ecce3809fbbaf260e40f8ac8`
CRC32	`2CF002BD`
ssdeep	`3:8LWRFRLw0m7LmdMFF/yKwM/xFw5wVyRxtQHfcfZDmWxpcL4E2J5xAIkCAY:8LWXRLU7Lmds/yKwsxmxtQGmQpcLJ23T`
Yara	None matched
VirusTotal	Search for analysis

Name	79a6d0024d14a70d_glh30b.tmp Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\GLH30B.tmp
Size	5.5KB
Processes	2660 (update.exe)
Type	MS-DOS executable
MD5	`3880bdc203719f808345ccfdf9a74066`
SHA1	`b2cfdf81e70e4ac057ca1c8f3ad42fe7196c3ab6`
SHA256	`79a6d0024d14a70d7f739ab98b87670d0415a5eeeda772dec9f15efe3572a427`
CRC32	`2D0CBA84`
ssdeep	`96:brtHwpBUTLRhXyb7ZFXMI04QeV+ESweYAejAnyzX9UQ2RByDtzCaEFJ/:brtHABiRhXcFnrvV+EveYARRBEIJ/`
Yara	PE_Header_Zero - PE File Signature
VirusTotal	Search for analysis

Name	6773b4143b6bae4d_gljfd1d.tmp Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\GLJFD1D.tmp
Size	24.0KB
Processes	2660 (update.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`95d7beed5d12ae564b15dc9c94965ce3`
SHA1	`47d53f9343921a79dae191435cebcd9a3187a8e4`
SHA256	`6773b4143b6bae4dee4a15c9c9b92faf98c3005c4b6bc95711b2b3b275fcb41c`
CRC32	`CFFAAF94`
ssdeep	`384:YqpSzXOY60zmlyF0yyaSEIXRqEfIwoS3:BpQemHmyaEFEfIwoO`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature DllRegisterServer_Zero - execute regsvr32.exe IsPE32 - (no description) Generic_Malware_Zero - Generic Malware
VirusTotal	Search for analysis

Name	1db360830b5760e2_glcfd0d.tmp Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\GLCFD0D.tmp
Size	152.0KB
Processes	2660 (update.exe)
Type	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5	`f0418e5219b5e8fd5a596cdebb40f80c`
SHA1	`c7187cae1be1b313b6bbdf022fecf7a386bddc22`
SHA256	`1db360830b5760e2e0c77539014e0a517fd6ec1fea699359d025769dc66caec7`
CRC32	`8393646C`
ssdeep	`3072:OLmu9qcCWEuEqHHPWm8UKGV+P+UHfBP3poEeSAf:OF4NuvHHPWPGgP+UBQ3`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsDLL - (no description) DllRegisterServer_Zero - execute regsvr32.exe IsPE32 - (no description) OS_Processor_Check_Zero - OS Processor Check UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	d280079c0017f60e_gl_500.exe Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\GL_500.EXE
Size	16.0KB
Processes	2660 (update.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`28c03f03c74db0eba6a24080151b7aa4`
SHA1	`ae7e09544e2787e20cca1f4af2fe6a9e168da717`
SHA256	`d280079c0017f60efced486f07c4a92890c1f8c08cda8723dd227a63bcec67a8`
CRC32	`9FE38568`
ssdeep	`48:qUUK7+HT6q3vFKL28RBbQF2YmcG+EDpMh:5ol3vQL2GB8DmqE9Mh`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsPE32 - (no description) Generic_Malware_Zero - Generic Malware
VirusTotal	Search for analysis

Name	94ef91b4c7864bd1_glh106.tmp Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\GLH106.tmp
Size	26.5KB
Processes	2660 (update.exe)
Type	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5	`89cf6af0a2a1cfebc82851c20852c121`
SHA1	`9106f4ade6a696d5f98968bce895333ad5dbd9ae`
SHA256	`94ef91b4c7864bd1ecc0db099e58298708bc5d22da40132ebb1c17feb4675964`
CRC32	`28A66C20`
ssdeep	`384:S2p4jGewJXucxt8U7fAETozP7vTn3BTgcMBevbNE/srnCLV1x01JXS+vSpHWPJFn:S2p43iecxtloHvb3BUrkTDuLuy+vRJF`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE32 - (no description)
VirusTotal	Search for analysis

Name	f80ff272a594c1a1_glf90a.tmp Submit file
Filepath	c:\users\test22\appdata\local\temp\glf90a.tmp
Size	32.0KB
Processes	2660 (update.exe)
Type	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5	`1ab44393b29d16f27c0f5bb6e433d6f8`
SHA1	`74e4eb0587cca9c243bcc8ac25d3c62dd683c1d4`
SHA256	`f80ff272a594c1a180b17ad52960c2b2f0703460c6b1c6d15b9fe5c32b3161b8`
CRC32	`01D553CB`
ssdeep	`384:9FohJLg8vpD2symlxcdDyynb7JXgGoERcT+:HohJRDWdDywb7xfoE2T`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsDLL - (no description) IsPE32 - (no description)
VirusTotal	Search for analysis