Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
04.21 01:04
Explerer.exe
04.21 01:04
mmspol.dll
04.21 01:04
5nsrv2.dll
04.21 01:04
chromedriver.exe
04.21 01:04
dwinx64.exe
04.21 01:04
mienral1.exe
04.21 01:04
rref.dll
04.21 01:04
mmslib.dll
04.21 01:04
adb.exe
04.21 01:04
wmnp.exe

Latest News
04.21 01:04
예담우, 가정의 달 맞아 특별 한우 할인...
04.21 01:04
JD to Add 100,000 Deli...
04.21 01:04
[보안칼럼] LLM 화인튜닝, 성능 너머...
04.21 12:04
ISC Stormcast For Mond...
04.21 12:04
제이커넥트, 리눅스 서버보안 '파라솔 f...
04.21 11:04
XD.Inc, ARPG 토치라이트: 인피...
04.21 11:04
LG전자 베스트샵 서광주본점, 새단장 오...
04.21 11:04
FOG Ransomware Spread ...
04.21 11:04
드론부터 군함까지.. 터키, '방산 강국...
04.21 11:04
아웃도어프로덕츠, ‘2025 여름 컬렉션...

Dropped Files | ZeroBOX

Name	19ede11a6ee0a9e6_regest.skr Submit file
Filepath	C:\Users\test22\AppData\Local\shenandoah\Oxidizements100\regest.skr
Size	5.6MB
Processes	2544 (outputs.exe)
Type	data
MD5	`13025b595e7b75ca6ecaa5ea46980d05`
SHA1	`faba228adbd7978ddba801550caabb33ea0ac43e`
SHA256	`19ede11a6ee0a9e623232528f50453e4d7a178c7cc28758ba796255285a655a0`
CRC32	`AC4FCC60`
ssdeep	`1536:gUaMs/k17asSRxG4toP1NuznqPfwyOBB2JP26WowfqhRxhEhd4iwEsDZwM1ZwgyQ:O8`
Yara	None matched
VirusTotal	Search for analysis

Name	608a3607e1acd1eb_foreglance.syd Submit file
Filepath	C:\Users\test22\AppData\Local\shenandoah\Oxidizements100\foreglance.syd
Size	1.2MB
Processes	2544 (outputs.exe)
Type	data
MD5	`8b143fe2401408cc4ec4ac17ed85d424`
SHA1	`b6dfd788955742456fa9f262a9df1a5e4fda11b9`
SHA256	`608a3607e1acd1eb8a738aa69961366c1a87aba18b12c8d3c952bc5a051b1ba8`
CRC32	`D0432BA5`
ssdeep	`768:4Xc3hO9Yq51NSlgO6Ze8hulYQ9VJKf1F/Z8lQe57tBcPrS4woACRTVSztPxTcwsa:wy`
Yara	Suspicious_Obfuscation_Script_2 - Suspicious obfuscation script (e.g. executable files)
VirusTotal	Search for analysis

Name	bac8cca8cf7db789_kalveleverens.txt Submit file
Filepath	C:\Users\test22\AppData\Local\shenandoah\Oxidizements100\kalveleverens.txt
Size	270.0B
Processes	2544 (outputs.exe)
Type	ASCII text, with CRLF line terminators
MD5	`8f2f487bdf4806d07f6b410489ab881f`
SHA1	`263eab08f053f0e13f65255acb171c48ae94f794`
SHA256	`bac8cca8cf7db7898b2ea1fc90cb0b7b3ed557c13830c218fbe6d7bc4a0d99a2`
CRC32	`567B34BE`
ssdeep	`6:Vstmsi2LoTSeXMo4tGNCAQ7ODyQ5y5QhCDQavmrIASK7klM2Q:Vstm1TjaGNDKOlSQhSmxGu3`
Yara	None matched
VirusTotal	Search for analysis

Name	e3b0c44298fc1c14_nsdEFBF.tmp Empty file or file not found
Filepath	C:\Users\test22\AppData\Local\Temp\nsdEFBF.tmp
Size	0.0B
Type	empty
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
CRC32	`00000000`
ssdeep	`3::`
Yara	None matched
VirusTotal	Search for analysis

Name	18c465f2574949af_aerodermectasia.jpg Submit file
Filepath	C:\Users\test22\AppData\Local\shenandoah\Renates\aerodermectasia.jpg
Size	24.2KB
Processes	2544 (outputs.exe)
Type	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 296x687, frames 3
MD5	`551ec2d9836ff720337c1b9672dd8d46`
SHA1	`812fd3a7c6501a845d76e163cbe2f62fe674aa3a`
SHA256	`18c465f2574949aff9443b75e2eee468c76d4f60df993c621d3b0b1096947616`
CRC32	`A88F1DFA`
ssdeep	`384:s1h/n+KjH4fzS0uv8GYJIYbHuHAkzMmPTeGObnN03rrfYrFcqaLcC69g4vhp9fI9:sfL4WP0GXKHuHAkg6YbN03rrO13Cx4Nu`
Yara	JPEG_Format_Zero - JPEG Format
VirusTotal	Search for analysis

Name	3ad8596b8aa3e580_sjaskregns.ini Submit file
Filepath	C:\Users\test22\AppData\Local\shenandoah\Oxidizements100\sjaskregns.ini
Size	530.0B
Processes	2544 (outputs.exe)
Type	ASCII text, with CRLF line terminators
MD5	`e6b8e6a97e54002386dc71ad2ed8c188`
SHA1	`e5e54c8df9aaa09a512a365f2748258804d7aee6`
SHA256	`3ad8596b8aa3e58076b3e5678c3c701504647f5083e62704e7b875c5c4931687`
CRC32	`A0B8C8FE`
ssdeep	`12:/zzhQ5swOvOrT1a8Hcir6AViWxSciqvXApc/Wq:/zzWT1aHZAdA5YApc/j`
Yara	None matched
VirusTotal	Search for analysis

Name	b7c225ef3cc3e875_d93f411851d7c929.customdestinations-ms Submit file
Filepath	c:\users\test22\appdata\roaming\microsoft\windows\recent\customdestinations\d93f411851d7c929.customdestinations-ms
Size	7.8KB
Processes	2688 (powershell.exe)
Type	data
MD5	`81ca4510272caf505e8091e9a28cb716`
SHA1	`71414aeec9f1e4a6f5a461b01700cc9cc992cd9e`
SHA256	`b7c225ef3cc3e87506150eb140e7b9cc127a3469c50a808854acac71a53d98bf`
CRC32	`FC31E90F`
ssdeep	`96:EtuCcBGCPDXBqvsqvJCwoRtuCcBGCPDXBqvsEHyqvJCwor/47HwxGlUVul:EtCgXoRtCgbHnorLxY`
Yara	Antivirus - Contains references to security software Generic_Malware_Zero - Generic Malware
VirusTotal	Search for analysis

Name	8af09e1f015d4fb4_ramlerens.dev Submit file
Filepath	C:\Users\test22\AppData\Local\shenandoah\Oxidizements100\ramlerens.dev
Size	2.9MB
Processes	2544 (outputs.exe)
Type	data
MD5	`0c39ab888556c58501e5c11e2d30ea94`
SHA1	`0e819849d5850f294d0152d62d3c9802d13af8e4`
SHA256	`8af09e1f015d4fb4b800fba885c8eef159843e8c9fc2d5f099147c6ae144ba1c`
CRC32	`D7973C0D`
ssdeep	`49152:P4b1hkLLgO2VLAOncDQT8mfMwRTdRU34aoWjKdtTQ317Dhusf4WL95ZS7rOwDCwF:P4b1hkLLgO2VLAOncDQT8mfMwRTdRU38`
Yara	None matched
VirusTotal	Search for analysis

Name	36719f366191d1fe_retsbeskyttelsesperioder91.tek Submit file
Filepath	C:\Users\test22\AppData\Local\shenandoah\Renates\Retsbeskyttelsesperioder91.Tek
Size	238.6KB
Processes	2544 (outputs.exe)
Type	data
MD5	`4b689c919d5660319ca6e8edc954ef74`
SHA1	`1b00f9a7f1550e1973d33c2451b5a760a3473c68`
SHA256	`36719f366191d1fe872c39aa38dbb6365dfc7375a3d326bacbaeee86630d3c93`
CRC32	`F6E6A922`
ssdeep	`6144:2c34Rm35JuMBTwKcbjnGwgekdSGBQ6DGCyDCQEDLZGhV:0mZBEbzyBUCyujLA`
Yara	None matched
VirusTotal	Search for analysis

Name	b4a05dfafac8ede0_doyle.ita Submit file
Filepath	C:\Users\test22\AppData\Local\shenandoah\Renates\Doyle.Ita
Size	53.5KB
Processes	2544 (outputs.exe)
Type	UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators
MD5	`b215941325218d9babaafd6c38d28585`
SHA1	`1778f97c3aee0013ddf7330c787ccf8d8c79bf3a`
SHA256	`b4a05dfafac8ede034be6b8f207a451bdcd04a009b30dbeab21a056caca66960`
CRC32	`68E143A5`
ssdeep	`1536:BpeyIaFCk0u02q1LK3x5XnhB1Th2C7r9Mpt:8a6K3x5F4ur9q`
Yara	None matched
VirusTotal	Search for analysis

Name	3a559abefe774034_topdels.ini Submit file
Filepath	C:\Users\test22\AppData\Local\shenandoah\Malpighiaceous\topdels.ini
Size	346.0B
Processes	2544 (outputs.exe)
Type	ASCII text, with CRLF line terminators
MD5	`c4dae43b1502ee5971be74cfee90bf07`
SHA1	`dfc341c1bf18b7e2561281b70437373273a460e3`
SHA256	`3a559abefe7740340de5995a8df6acc9b25e929a174b2a51fb0d0eb9a9eb2933`
CRC32	`AA61298C`
ssdeep	`6:fGK9oFt6SQIvzTR9KWMAhJXERLSU0KvPKgRSMmK/eDHJyWyQmQCx0Fx8U5gW1n:v9btIvTLbOBvPKgRSyWdPCx2x8qn`
Yara	None matched
VirusTotal	Search for analysis

Name	a82e3fe4106da505_fgtningerne.ini Submit file
Filepath	C:\Users\test22\AppData\Local\shenandoah\Oxidizements100\fgtningerne.ini
Size	342.0B
Processes	2544 (outputs.exe)
Type	ASCII text, with CRLF line terminators
MD5	`625fb7022805c8e1b3022809ff062438`
SHA1	`4901240fad0ea549f82c5949507add31e81de914`
SHA256	`a82e3fe4106da505425deddd68a23e45c247b7ab0036f8db7252759da688eb97`
CRC32	`87FEBF10`
ssdeep	`6:6m0yXrvQeKMKqtc/KgxsUB0tAXy1gP/c/GERu23XK7mVpV/EMiAOKa0W7ZKKmHtI:X08vQ7PK2sS0tAXl89vSIhlNOKlYZbX`
Yara	None matched
VirusTotal	Search for analysis