Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
04.29 05:04
tomcaterror.bmpqoq
04.29 04:04
qoq.ps1
04.29 04:04
Important_Document.pdf...
04.29 04:04
dllbase64reverse.txt.exe
04.29 10:04
RuntimeBroker.exe
04.29 10:04
2555d50c-0b7e-4aa3-8d8...
04.29 10:04
csr.bin
04.29 10:04
test.exe
04.29 10:04
FreePhotoShop%20Meme%2...
04.29 10:04
discord.exe

Latest News
04.30 07:04
RSAC 2025 executive in...
04.30 07:04
RSAC 2025 executive in...
04.30 07:04
Steuergeld finanziert ...
04.30 07:04
DOJ Google Antitrust C...
04.30 06:04
Securing AI at the Cor...
04.30 06:04
RSAC 2025 executive in...
04.30 06:04
Role of Cyber Threat I...
04.30 06:04
RSAC 2025 executive in...
04.30 06:04
RASC 2025 executive in...
04.30 06:04
How AI Is Evolving Sec...

Dropped Files | ZeroBOX

Name	62302a357a15ed63_cj Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Cj
Size	133.0KB
Processes	3048 (extrac32.exe)
Type	data
MD5	`6746ba5797b80dbc155f530e4b66b3bb`
SHA1	`3f9e9a109aa2178c755e3a052e5c9bd60734e6f8`
SHA256	`62302a357a15ed63b0db3f3d82bfe2b6cc6e8905383a26fe203eb22c0ef4e3ba`
CRC32	`D73F424D`
ssdeep	`3072:PnBypIbv18mLthfhnueoMmOqDoioO5bLezW9FfTut/Dde6u640ewy4Za9coRC2jx:PnjphfhnvO5bLezWWt/Dd314V14ZgP0q`
Yara	None matched
VirusTotal	Search for analysis

Name	ebce45cd2b1879c0_flexible Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Flexible
Size	52.0KB
Processes	3048 (extrac32.exe)
Type	data
MD5	`f1e17750e2dd20e7041fd2ff4afb2514`
SHA1	`dcfd0841e1dc45bddda809b2abc9b934cdc146d8`
SHA256	`ebce45cd2b1879c07980dd317d21da5e07203c46dd40a178f024396ee2492bf8`
CRC32	`66535BFF`
ssdeep	`768:AQ18OWrM81EyJqx9EdzGGXZVfmlqTmN5WAQIGK2ud5lS87uzh7JCQ/sE7mOB6XSY:T1/AD1EsdzVXnP94SGGLpRB6M2z`
Yara	None matched
VirusTotal	Search for analysis

Name	56558d2970de2894_hard Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Hard
Size	140.0KB
Processes	3048 (extrac32.exe)
Type	data
MD5	`fc941a0ecd46f8c784fbd46719d8f3af`
SHA1	`e5e71cc36f16d20e22d04c55c129f09cc55a3b93`
SHA256	`56558d2970de28944234a0ec4251ab7985c8428022f6bb1295851f54708e0e6f`
CRC32	`31690B4B`
ssdeep	`3072:MgF4qv+32eOyKODOSpQSAU4CE0Imbi80PtCZS:xBmmLsiS+SAhClbfSCo`
Yara	None matched
VirusTotal	Search for analysis

Name	70511026a5c16ea7_ka.wmv Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Ka.wmv
Size	50.0KB
Processes	2552 (zx4PJh6.exe)
Type	data
MD5	`406eb9558625ee07b06a64f6dbf39765`
SHA1	`09fd217e546c9e6871acac2d38a6f1af6577f1e2`
SHA256	`70511026a5c16ea793d8904f6489bcfb0f6dff3dea26fb3c9ea2d4477ee837dc`
CRC32	`A1542EB4`
ssdeep	`768:PNb6CMauH1GpZBMXlDBEvyrJTD9S8eLZUfNuyueLvA8rWsitkEUwAu39OuiI4:RCWGgMJ9deKfNu/cLWf4`
Yara	None matched
VirusTotal	Search for analysis

Name	89d7a9aaad61abc8_spare.wmv Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Spare.wmv
Size	24.4KB
Processes	2552 (zx4PJh6.exe)
Type	ASCII text, with very long lines, with CRLF line terminators
MD5	`237136e22237a90f7393a7e36092ebbe`
SHA1	`fb9a31d2fe60dcad2a2d15b08f445f3bd9282d5f`
SHA256	`89d7a9aaad61abc813af7e22c9835b923e5af30647f772c5d4a0f6168ed5001f`
CRC32	`E1B2EA9E`
ssdeep	`768:UkNSP0PcXaaZ/Gd0YXj+kaC3GaYxz7PZcGr3t64+96pjS:7SPnLK4IGyQpW`
Yara	None matched
VirusTotal	Search for analysis

Name	8b41188af16d4d5c_witness.wmv Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Witness.wmv
Size	95.0KB
Processes	2552 (zx4PJh6.exe)
Type	data
MD5	`be1e5883192a4f06520ae7147d9c43c5`
SHA1	`45761ba0db2c20940b8e8d1b195982e8973e237b`
SHA256	`8b41188af16d4d5c200a1fbd6fc09523071ee5ddc5ba75c37ff0e7739c8b6a66`
CRC32	`58E087CF`
ssdeep	`1536:t4Yrw4wcUYuycdc8V6lvPsH6oPtl4uS9GMefZIrUwSezkjoeJXxUjCimRSm:KkS5bJdc8VtHDPbCe+rUszkke5xUVoZ`
Yara	None matched
VirusTotal	Search for analysis

Name	537c6f974b1057de_liability.wmv Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Liability.wmv
Size	99.0KB
Processes	2552 (zx4PJh6.exe)
Type	data
MD5	`307e8ae8c2f837ab64caa4f1e2184c44`
SHA1	`5a2a9f6bb7c65661eac3ef76ae81bca8cd4d7eb7`
SHA256	`537c6f974b1057de97ba842b97fc2f422ada9ae0b6b229c6e375259b9b4c617a`
CRC32	`00067249`
ssdeep	`3072:IbOEf9UxsEvwFeBXr+B3aNNPFJm9rRl7sokkwiv:IbTUxuFq+5aLPnm9dlDFww`
Yara	None matched
VirusTotal	Search for analysis

Name	e337ec32ebae2fca_submitting.wmv Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Submitting.wmv
Size	76.0KB
Processes	2552 (zx4PJh6.exe)
Type	data
MD5	`bb45b1e87dd1b5af5243a1e288a04401`
SHA1	`f1be3185a0a4c86b0d325734b56c3fa1e40e4c75`
SHA256	`e337ec32ebae2fcafc5b134519642c0545ca8d53f3ec586a2215556a9ec62510`
CRC32	`48CE8E48`
ssdeep	`1536:TKvhQrbqSqYTTw91HCkW2JtGDPdjnwfQCD0S7hU8sPG/YET:TKvhQrbqRYTTw91J0yfQCDbVxYET`
Yara	None matched
VirusTotal	Search for analysis

Name	95ee958e8b264778_damn Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Damn
Size	106.0KB
Processes	3048 (extrac32.exe)
Type	data
MD5	`894ffc2f0e893d6158f22a064c293fb1`
SHA1	`c9569d743588bf27027d00c1ad97330afffd5185`
SHA256	`95ee958e8b264778a138ede8f9f76d5fb2c94c05d824c4b43d6cdd1b783bf36d`
CRC32	`3BEBF397`
ssdeep	`3072:5kjGWoUlJUPdgQa8Bp/LxyA3laW2UDQWf05mjccBiqXvY:5kjGgQaE/loUDtf0accB3A`
Yara	None matched
VirusTotal	Search for analysis

Name	fc1f37050dd7089c_architecture.wmv Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Architecture.wmv
Size	478.6KB
Processes	2552 (zx4PJh6.exe)
Type	Microsoft Cabinet archive data, 490041 bytes, 10 files
MD5	`0c4d83aaf13581a8a9b2bad332eec341`
SHA1	`17840d606cb0bd1b04a71811b401e14e6d155b33`
SHA256	`fc1f37050dd7089c1356b58737003b9b56247483a643fcefab4e86345701dbe3`
CRC32	`0F598FC3`
ssdeep	`12288:2Uq3o/N4re4Llw10PkYT0bDiZYg+pnuLRWWl6:2F3yb4m10Pk1WupnudD6`
Yara	CAB_file_format - CAB archive file
VirusTotal	Search for analysis

Name	b5d118dc9625f38f_drainage Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Drainage
Size	128.0KB
Processes	3048 (extrac32.exe)
Type	data
MD5	`5e2d5f5c188f22b02614549ada2d8e05`
SHA1	`603321e2ed71cb505aecb960d498aa1a4834dc63`
SHA256	`b5d118dc9625f38f6adbc5b7758d768af6a02e4193a726f0f7f04f223065cbf4`
CRC32	`29A63AF0`
ssdeep	`1536:3Kaj6iTcPAsAhxjgarB/5el3EYrDWyu0uZo2+9BGmdATGO3:f6whxjgarB/5elDWy4ZNoGmRO3`
Yara	Malicious_Library_Zero - Malicious_Library Generic_Malware_Zero - Generic Malware
VirusTotal	Search for analysis

Name	2935ab290a5eea8c_bali.wmv Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Bali.wmv
Size	86.0KB
Processes	2552 (zx4PJh6.exe)
Type	data
MD5	`cad57b5592ed1bc660830dd6d45adc15`
SHA1	`32369a2fcdfb852d9f302fa680a9748f2b6cc320`
SHA256	`2935ab290a5eea8c46abca4e7894481a8394437a648faf68f596e20fb52ab7c0`
CRC32	`5082372A`
ssdeep	`1536:JTFh+9vnS+0OGIgO3kXFzQQSxMRAC0aN5atTOhhS6aJS2YQoWbLX:J5hYPSnFIsFzWxMRdH5atMqjoWbLX`
Yara	None matched
VirusTotal	Search for analysis

Name	1300262a9d6bb6fc_organizations.com Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\440824\Organizations.com
Size	925.1KB
Processes	1404 (cmd.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`62d09f076e6e0240548c2f837536a46a`
SHA1	`26bdbc63af8abae9a8fb6ec0913a307ef6614cf2`
SHA256	`1300262a9d6bb6fcbefc0d299cce194435790e70b9c7b4a651e202e90a32fd49`
CRC32	`03563F8F`
ssdeep	`24576:uvG4FEq/TQ+Svbi3zcNjmsuENOJuM8WU2a+BYK:u9GqLQHbijkmc2umva+OK`
Yara	Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsPE32 - (no description) Generic_Malware_Zero - Generic Malware OS_Processor_Check_Zero - OS Processor Check UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	4daf42d09a5c12cc_boulevard Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Boulevard
Size	133.0KB
Processes	3048 (extrac32.exe)
Type	data
MD5	`fd47acad8759d7c732673acb82b743fb`
SHA1	`0a8864c5637465201f252a1a0995a389dd7d9862`
SHA256	`4daf42d09a5c12cc1f04432231c84ccd77021adca9557eb7db8208fa7c03c16e`
CRC32	`6A5A4A56`
ssdeep	`1536:Dh6R8anHsWccd0vtmgMbFuz08QuklMBNIimuzaAwusPF:Nq8QLeAg0Fuz08XvBNbjaAtsPF`
Yara	None matched
VirusTotal	Search for analysis

Name	9b92421057e0e313_bd.wmv Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Bd.wmv
Size	17.0KB
Processes	2552 (zx4PJh6.exe)
Type	data
MD5	`530381647b9ec246474e47b5fc40a490`
SHA1	`9366d6581ae271113005ba57d4cc8bf90b84a3c3`
SHA256	`9b92421057e0e313c341a1e40c81d83f04f3c60a699019000a193218af187d2f`
CRC32	`56E23B56`
ssdeep	`384:QlQJ7hd4K/NYu5cRrbyjNgyMTaaocpPt0eMGNA7qb1S+Gq/kk6+U:QAhF/crOj3NcbMf7qbtGq78`
Yara	None matched
VirusTotal	Search for analysis

Name	27956de2234bc936_physiology.wmv Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Physiology.wmv
Size	90.0KB
Processes	2552 (zx4PJh6.exe)
Type	data
MD5	`f654d985a7b5597c6a0effa5b765a1e9`
SHA1	`a43abe4afaf44c50d6391d6a81a28e8537d1d801`
SHA256	`27956de2234bc936ddf1a5e56541495ca4a9bf8b39d9df3395ef3a00e819d70d`
CRC32	`82EC7C3C`
ssdeep	`1536:bs4f84V3wfn0N2y9jW0OEDTwQfd/cZhyntotyVRjVB3Fd4qKqEZKZpJf:NfN3wfn0Nx9jUYpfdErytVJFdVf`
Yara	None matched
VirusTotal	Search for analysis

Name	e3d83b3533da271a_college Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\College
Size	141.0KB
Processes	3048 (extrac32.exe)
Type	DOS executable (COM)
MD5	`6d662a7c67d8446259b0bfbf4bc77ca7`
SHA1	`565e49f16c7e70a009b33bb3a725d8822d86b245`
SHA256	`e3d83b3533da271a5e33875ee2136f6a1159bb9e4faad0701344c8ed78b5f7d4`
CRC32	`B5E3371B`
ssdeep	`3072:tMnVIPPBxT/sZydTmRxlHS3NxrHSBRtNPnj0nEoXnmowS2u5hk:tMVIPPL/sZ7HS3zcNPj0nEo3tb2D`
Yara	None matched
VirusTotal	Search for analysis

Name	51420577a0088aa2_truth Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Truth
Size	28.7KB
Processes	3048 (extrac32.exe)
Type	data
MD5	`7011dd4ea366e5b4856821425af62505`
SHA1	`52dae5b599554c6e30c17d6d56c657e2c2b9f3dc`
SHA256	`51420577a0088aa2d64f00262a7a0e82e361246c6c437fb6c9d60b453bff8509`
CRC32	`B96B7DC1`
ssdeep	`768:Tv7sMvLHfR/ZByLiFuO/ChgZ45VatJVEV3GPkjF:Tv7xvTphAiPChgZ2kOE6`
Yara	None matched
VirusTotal	Search for analysis

Name	e3b0c44298fc1c14_nsgF0C8.tmp Empty file or file not found
Filepath	C:\Users\test22\AppData\Local\Temp\nsgF0C8.tmp
Size	0.0B
Type	empty
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
CRC32	`00000000`
ssdeep	`3::`
Yara	None matched
VirusTotal	Search for analysis

Name	71128b41dca71e47_lamps.wmv Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Lamps.wmv
Size	52.0KB
Processes	2552 (zx4PJh6.exe)
Type	data
MD5	`4f1710640fe51809404092836313d2cc`
SHA1	`87dce87d4bda20185f045b4b7422af67fcaf1776`
SHA256	`71128b41dca71e47b73c6e52f46bd1798d80b135890c60f6b9be26fc3b2803b9`
CRC32	`60909561`
ssdeep	`1536:tNEP0bnimCaw672Mfb5ILuOQI71bGS5SXYQdVi:o0LimG672MDggI71bGSwYyE`
Yara	None matched
VirusTotal	Search for analysis

Name	f568f70ba2a93419_shakespeare.wmv Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Shakespeare.wmv
Size	74.0KB
Processes	2552 (zx4PJh6.exe)
Type	data
MD5	`6dcfac3d2a6202f346939f6bf993bb1e`
SHA1	`a1285160d19a1ada44ca406b2a8cda07ecbb0e16`
SHA256	`f568f70ba2a9341937736e24c6796a9dcba94dfadee81de799f95e614c10e552`
CRC32	`053E0C01`
ssdeep	`1536:TEu55pG41obDdvuTIg0jpmdxXSbwKf0MzzcrHpTONKShcWjCSkbTE:TEQG4shvTg0F+MwKsMz41T2htmSoE`
Yara	None matched
VirusTotal	Search for analysis

Name	883fef00c5b8b2e0_electro.wmv Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Electro.wmv
Size	51.0KB
Processes	2552 (zx4PJh6.exe)
Type	data
MD5	`c3fe4959b4153796a08667bcfcd7bb94`
SHA1	`dabda189db4d194c7f9eb26c76c9c9f294d574df`
SHA256	`883fef00c5b8b2e09062d5fc1f87df7d47e2dcb2163feea2c3fe795e7c3bcffc`
CRC32	`9554D5AC`
ssdeep	`768:iuYv2Edui4RAMmdf+iahmeuMJYm+XNedeY7rJ3XqGS0dO4e2JFN4MtDzJ3gCQSH:xY31GAzWcgYxXB4FldO4DJFNXfpgCQq`
Yara	None matched
VirusTotal	Search for analysis

Name	edc4166ce9ba15f0_dancing.wmv Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Dancing.wmv
Size	52.0KB
Processes	2552 (zx4PJh6.exe)
Type	data
MD5	`206fe2abf11d4fbeb610bdb8d8daede2`
SHA1	`b75ec9d616026670b68779b10a1f10abc2e9043b`
SHA256	`edc4166ce9ba15f0d4e62d03a51cc8c663f3db9d1a70e5a7ebdfb2cf5eaa5ffd`
CRC32	`B3D732D6`
ssdeep	`1536:AFGcEHxcjsElw8gCKXHpMzcGHClYzhm2DIlMKzI:AQcERzawDyDClihmG9KzI`
Yara	None matched
VirusTotal	Search for analysis

Name	93bfb6f517764721_corp Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Corp
Size	63.0KB
Processes	3048 (extrac32.exe)
Type	data
MD5	`1f2346fe63483701db5d1f461c900a57`
SHA1	`b7338316f39ce53a32a62b2ea8d3567195490123`
SHA256	`93bfb6f5177647210c2c0613dbdbc50258aff04aa50cba66261ed8f715d8b90a`
CRC32	`ADFB39F8`
ssdeep	`1536:IOoQjz7nts/M26N7oKzYkBvRmLORuCYm9PrpmESvn+pqFqp:IOoQ7t8T6pUkBJR8CThpmESv+Aqp`
Yara	None matched
VirusTotal	Search for analysis

Name	42597847cdb8fd1b_h Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\440824\h
Size	795.0KB
Processes	1264 (cmd.exe)
Type	data
MD5	`a6880e9e37b529bb0431cf8baed7dba8`
SHA1	`48349c539d38e516e1be11899ea8dcc56340010f`
SHA256	`42597847cdb8fd1b5f45c125835ee4bdb141a447150b2384e8c8ea3e434d7166`
CRC32	`84CECECC`
ssdeep	`12288:AqBPtGEDeSocr5RLUyq+ornywzOis7HDSbUs+mTNTTUJA1v6mOxhXxtnIk2tpIC6:FN8cD4yq+orysOicfxgBLKxhXnIvCiQ`
Yara	None matched
VirusTotal	Search for analysis

Name	f576032e6d0070ac_inter Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Inter
Size	368.0B
Processes	3048 (extrac32.exe)
Type	data
MD5	`42e09fd3cd95e5aa6de6f578c3b00431`
SHA1	`2157204d64a6c5efe45ba3c7f4ae2205feccaf42`
SHA256	`f576032e6d0070ac57e56ecf3c3df854f8d7c5f87131ce2bea5d647dd322989d`
CRC32	`D91A27FC`
ssdeep	`6:ZdqjvVg3F+X32+hZCt7HSbYwClS6CSNEcixN3Qdp94sA4PvMt/66hX:jyGSG+fCtJfjEvadTfA43k66hX`
Yara	None matched
VirusTotal	Search for analysis

Name	0863b1f31610dfe4_make.wmv Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\Make.wmv
Size	53.0KB
Processes	2552 (zx4PJh6.exe)
Type	data
MD5	`be673493455e4d2329ec77af5a8988eb`
SHA1	`3c116949191cd677d028c8f2bfbdfefa1dc4e35f`
SHA256	`0863b1f31610dfe42e88dd3e35b398384a12a7092a628b06ef6d7f0d5a6fa03c`
CRC32	`B694D948`
ssdeep	`768:iApY3aj7TN2GphoAe3GrXc0ciHTIzUahobsnJnCUUw6nLFRg0O8qc2z+HQGWEGzG:ighEGLcizIQau/PTnLFRg0F29+WFBA7`
Yara	None matched
VirusTotal	Search for analysis