Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
04.29 05:04
tomcaterror.bmpqoq
04.29 04:04
qoq.ps1
04.29 04:04
Important_Document.pdf...
04.29 04:04
dllbase64reverse.txt.exe
04.29 10:04
RuntimeBroker.exe
04.29 10:04
2555d50c-0b7e-4aa3-8d8...
04.29 10:04
csr.bin
04.29 10:04
test.exe
04.29 10:04
FreePhotoShop%20Meme%2...
04.29 10:04
discord.exe

Latest News
04.29 10:04
Uncovering MintsLoader...
04.29 10:04
Blinded from Above: Ho...
04.29 10:04
Midea Reports Strong R...
04.29 10:04
Global Manufacturing L...
04.29 10:04
Threat Actors Accelera...
04.29 10:04
Millions of Apple Airp...
04.29 10:04
From Stocks to Dollar,...
04.29 10:04
[NEU] [hoch] Redmine.o...
04.29 10:04
Making Security Invisi...
04.29 09:04
Pro-Russian hackers st...

Dropped Files | ZeroBOX

Name	c9dfa94cc64cb091_note.vbs Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\RarSFX0\note.vbs
Size	530.0B
Processes	8024 (t-d.exe)
Type	ASCII text, with CRLF line terminators
MD5	`d9024ac0a793aec24a95ba37e23985e6`
SHA1	`2aee3464ff1c652f07b54547bd116ccc09f7c431`
SHA256	`c9dfa94cc64cb091f5a80b8bf97641d0f0de5dc93e4b38d88be051c2d1f0b873`
CRC32	`3A71A192`
ssdeep	`12:/UBoUJ0itUJ0HNo3vASAyCTlWY/ym/raIk+uUJ3auUJjac4WkG+W5WLh/zI:sBoQ9Qx/ANDIpd3Q3TQjwWkq5WF/zI`
Yara	enclosed - (no description)
VirusTotal	Search for analysis

Name	310253370e144009_del.bat Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\RarSFX0\del.bat
Size	571.0B
Processes	8024 (t-d.exe)
Type	ASCII text, with CRLF line terminators
MD5	`43307cbe6d92419712f9bf417880d006`
SHA1	`9fbc9e8a0bee372f25e17c86396f2da6474569c5`
SHA256	`310253370e14400960f2fda724e55d70e7912961b915da175165acc676802708`
CRC32	`3207037C`
ssdeep	`12:ySZiaSZiXSZ60YSZ1SZiVSNHDKaSNHD6XSNHX20YSNHXJSNHDK1:ySZjSZ4SZ60YSZ1SZASVSOSo0YSHSe`
Yara	None matched
VirusTotal	Search for analysis

Name	214cf9ee6aff4bcd_ex.vbs Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\RarSFX0\ex.vbs
Size	531.0B
Processes	8024 (t-d.exe)
Type	ASCII text, with CRLF line terminators
MD5	`575b67ad172a4d78fcc779f913b240cf`
SHA1	`f2e2505fedaf00353ddf026117427ed5e0be8023`
SHA256	`214cf9ee6aff4bcd825870a2c512f7e1404a6532d4731258987f4529d8b6a5be`
CRC32	`07DC35FE`
ssdeep	`12:/UBoUJSXeUJ0HNo3vASAyCTlWY/ym/raIk+uUJ3auUJjac4WkG+W5WLh/zI:sBoQSXeQx/ANDIpd3Q3TQjwWkq5WF/zI`
Yara	enclosed - (no description)
VirusTotal	Search for analysis

Name	e3b0c44298fc1c14___tmp_rar_sfx_access_check_35866359 Empty file or file not found
Filepath	C:\Users\test22\AppData\Local\Temp\RarSFX0\__tmp_rar_sfx_access_check_35866359
Size	0.0B
Type	empty
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
CRC32	`00000000`
ssdeep	`3::`
Yara	None matched
VirusTotal	Search for analysis

Name	2c1737c1795e3fa0_run.vbs Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\RarSFX0\run.vbs
Size	200.0B
Processes	8024 (t-d.exe)
Type	ASCII text, with CRLF line terminators
MD5	`a0acb977f3867cd7e508976ef978e14e`
SHA1	`cee7631bb1159519c786447094ade725992245c3`
SHA256	`2c1737c1795e3fa0340ff45bcede98f2861e69455d4458aaac4798a7cd839562`
CRC32	`89873C63`
ssdeep	`3:jwOpF+m8nhIJAUMxVGL4ovkOVYcQEm8nhIJAXKFNH/H4ovkOwXhm8nhIJAWDe325:jRpdqhKeJoty3NqhAAotigqhINJoa`
Yara	None matched
VirusTotal	Search for analysis