Dropped Files | ZeroBOX
Name 12cd84892a7597ca_{353ec832-0f5e-11f0-948e-94de278c3274}.dat
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{353EC832-0F5E-11F0-948E-94DE278C3274}.dat
Size 4.5KB
Processes 148 (iexplore.exe)
Type Composite Document File V2 Document, Cannot read section info
MD5 c3565b82220ba2efc00c8b16008c43a0
SHA1 71825e2724a1c9e537fdfb4a325747fb9af7e143
SHA256 12cd84892a7597ca84accd24c805f846964ac5e54d09d681e2e8fa1b2dedcab1
CRC32 E568D77F
ssdeep 12:rlxAFEhrEgm8GL7KFt1xrEgm8Gr7qsANl26abax1NlgfRbax:rHG8d1xG8WANlIoNls
Yara
  • Microsoft_Office_File_Zero - Microsoft Office File
VirusTotal Search for analysis
Name 44e8aa0601fffe82_590aee7bdd69b59b.customDestinations-ms~RF5d7069.TMP
Submit file
Filepath C:\Users\test22\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-ms~RF5d7069.TMP
Size 7.8KB
Processes 2560 (powershell.exe) 3000 (powershell.exe)
Type data
MD5 ee6cfd78f72f03663db2a7df0c696dd7
SHA1 56126e81a5f6577f8e24a890185d0c9eb600fa02
SHA256 44e8aa0601fffe82c494bbc7d7280aa3bc5e90effe2aee2d716d5716e1d6b568
CRC32 F27137C4
ssdeep 96:EtuCcBGCPDXBqvsqvJCwoRtuCcBGCPDXBqvsEHyqvJCworu4tDHXyGlUVul:EtCgXoRtCgbHnorBTyY
Yara
  • Antivirus - Contains references to security software
  • Generic_Malware_Zero - Generic Malware
VirusTotal Search for analysis
Name 01180f814fe3dc06_recoverystore.{353ec831-0f5e-11f0-948e-94de278c3274}.dat
Submit file
Filepath C:\Users\test22\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{353EC831-0F5E-11F0-948E-94DE278C3274}.dat
Size 5.0KB
Processes 148 (iexplore.exe)
Type Composite Document File V2 Document, Cannot read section info
MD5 62d01b0aa9e96c1c2883b4b755d75c01
SHA1 2f2e3f8fdb4c0bb197e40e02cda7c7863b729c72
SHA256 01180f814fe3dc063eb169e502b5f1c68a108378c46cb68737df8628c02be628
CRC32 E65E5F5E
ssdeep 24:rqa5/fnTG5/k85jBM+NlWgNAB0NlWgNB+:r75zG5cojBSF
Yara
  • Microsoft_Office_File_Zero - Microsoft Office File
VirusTotal Search for analysis