popup
Dropped Files | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Dropped Files

Name 58f2e2d814299ecc_webext.sc.lz4
Submit file
Filepath C:\Users\test22\AppData\Local\Mozilla\Firefox\Profiles\qxo5wa6x.default-release\startupCache\webext.sc.lz4
Size 105.0KB
Type data
MD5 1c5d6d46653fbdfaab865d9fe0b41a54
SHA1 0bf5b952a5adbd1290f6e3baee0d944b8e95fab8
SHA256 58f2e2d814299ecc744a1a7fbdfacfb0632549941b0f3801954eb3b8ed940676
CRC32 87904CCE
ssdeep 3072:igI+ruOTMFUau+63U0BYLiM97vzY/lkRAYjIW0ePk:0+rvTYo6j1236s
Yara None matched
VirusTotal Search for analysis
Name 252ee64bfb5ade53_urlCache.bin
Submit file
Filepath C:\Users\test22\AppData\Local\Mozilla\Firefox\Profiles\qxo5wa6x.default-release\startupCache\urlCache.bin
Size 3.2KB
Type data
MD5 ed220b99d29a9f969ba42da9deea2dfa
SHA1 33afcd8d6390e85e519d49e5db7654147daf34ec
SHA256 252ee64bfb5ade53b7b419d634b519a6223008339fa8b316293d90d4e65b4ab5
CRC32 52377592
ssdeep 48:/qbHgqedXU753de/xJtISt3bqhJtgtkt0IbvVr9cHSWypBr/BWLaLWcbsyMJrls:/qMqedXUd3AIq3bucwbhcmVsXJr6
Yara None matched
VirusTotal Search for analysis
Name a67115b767cd1f5b_scriptCache-child.bin
Submit file
Filepath C:\Users\test22\AppData\Local\Mozilla\Firefox\Profiles\qxo5wa6x.default-release\startupCache\scriptCache-child.bin
Size 824.1KB
Type data
MD5 5fca71ec196a94ddd75c299f455f8289
SHA1 e2eac02c316dc41ef01819b48111f9eb9a7ae0ba
SHA256 a67115b767cd1f5b92828998b99d1865067e567f8051340849b6def682234d33
CRC32 20E727DA
ssdeep 6144:7Lv50b7rtyuRMAMgDh6QbZpZltg2ebfhAFgMWM/OB48SuTSBWobBmPLtPkZ:f5ctdD15PgMWM/OXnSBWobItcZ
Yara None matched
VirusTotal Search for analysis
Name b4709acbae8c9355_scriptCache.bin
Submit file
Filepath C:\Users\test22\AppData\Local\Mozilla\Firefox\Profiles\qxo5wa6x.default-release\startupCache\scriptCache.bin
Size 9.2MB
Type data
MD5 2a531b9908cd4740306590090699e0b2
SHA1 92fb9d89d108db2ad580c77345faf9c5961cf860
SHA256 b4709acbae8c9355f5344c2cb670de78da945a0f5b3d1636ea2fff6ca2718be0
CRC32 E6DFCFD0
ssdeep 49152:zfNsfR/eXfWVAoIgPm6tnQhA3RAViGtP7lbASvzmjdYDNMpeckIOehICZ3ZkF:zfNyYOVi6xskmPZASvz0GMs2hIF
Yara
  • RedLine_Stealer_b_Zero - RedLine stealer
  • anti_vm_detect - Possibly employs anti-virtualization techniques
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis
Name cacb3b090bd98317_compatibility.ini
Submit file
Filepath C:\Users\test22\AppData\Roaming\Mozilla\Firefox\Profiles\qxo5wa6x.default-release\compatibility.ini
Size 200.0B
Processes 3640 (firefox.exe)
Type Windows WIN.INI, ASCII text, with CRLF line terminators
MD5 63f28ee6c5768202c31eaf82725b64c2
SHA1 edc0b0c87aaa262a0aba6e6b29b2c31cc04fcf39
SHA256 cacb3b090bd98317500f593712c4bf51b5197c7aa9e07b6e10cab50144339ff0
CRC32 D70ADABB
ssdeep 3:tZAQU6oEl1mE12NE2aT/P4WX1rDZjrEFwHQ3ZjrEFwslyy:VoKmbbabN1rDVEFycVEFL
Yara None matched
VirusTotal Search for analysis
Name ec86dff13ec188e0_startupCache.8.little
Submit file
Filepath C:\Users\test22\AppData\Local\Mozilla\Firefox\Profiles\qxo5wa6x.default-release\startupCache\startupCache.8.little
Size 7.4MB
Type data
MD5 c9fdf6ced10ea267f5e1e7d6cb4b467c
SHA1 181148adeccc66362e241a8f434ea384daa5f27b
SHA256 ec86dff13ec188e0afcec1f59397551e7072a12b24d6a20dc91b3e9705a63e4e
CRC32 F1DD0004
ssdeep 98304:XxxN8Jzl6VttNx8UoxmuWR2FPGjD79MJRGD3j/s3:Xl89lMz/FuW+6D72iTk
Yara
  • anti_vm_detect - Possibly employs anti-virtualization techniques
  • OS_Processor_Check_Zero - OS Processor Check
VirusTotal Search for analysis