Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
05.01 02:05
LoginMain(1)
05.01 02:05
LoginMain
05.01 02:05
veneziaLogin.js.pobrane
05.01 02:05
troubleshot-modal-info...
05.01 02:05
LoginMain(4)
05.01 02:05
LoginMain(3)
05.01 02:05
LoginMain(2)
05.01 02:05
LoginMain(6)
05.01 02:05
LoginMain(5)
05.01 02:05
background

Latest News
05.01 10:05
[RSAC 2025 현장 리포트–DAY ...
05.01 10:05
Instacart Buys Grocery...
05.01 10:05
Chart Toppers Live: RS...
05.01 10:05
Apple AirPlay SDK devi...
05.01 09:05
Uncovering MintsLoader...
05.01 09:05
RansomHub Ransomware D...
05.01 09:05
Why telecoms need a pr...
05.01 09:05
How to Fix Your Alert ...
05.01 09:05
Roblox Daily Users Jum...
05.01 09:05
Uncork Raises $300 Mil...

Dropped Files | ZeroBOX

Name	75c535ab8edd14d9_ssllibrary.ddl Submit file
Filepath	C:\ProgramData\Synaptics\SSLLibrary.ddl
Size	5.8MB
Processes	2800 (Synaptics.exe)
Type	ASCII text, with very long lines, with no line terminators
MD5	`b44148b172ae7f555bdcd24d018c526c`
SHA1	`f52c2909912d631894789c913de4a4ea486374ac`
SHA256	`66a73351c0ba58f1a041678782d505ba58d2ed1635c3ce9d0999677993eadc7d`
CRC32	`67971C2F`
ssdeep	`24:GZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZm:l`
Yara	None matched
VirusTotal	Search for analysis

Name	beabe2685b9369b4_synaptics.exe Submit file
Filepath	c:\programdata\synaptics\synaptics.exe
Size	753.5KB
Processes	2560 (b.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`8bd539adc685011469969085736bb081`
SHA1	`e15cdb7b57655a021ebcd508c87329c6a8857d5b`
SHA256	`beabe2685b9369b4e818913e018339145cb347144cc485d10d91fd53dc8540d9`
CRC32	`5ADD487E`
ssdeep	`12288:aMSApJVYG5lDLyjsb0eOzkv4R7QnvUUilQ35+6G75V9Ihr:ansJ39LyjbJkQFMhmC+6GD9e`
Yara	PE_Header_Zero - PE File Signature mzp_file_format - MZP(Delphi) file format Malicious_Library_Zero - Malicious_Library IsPE32 - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	be1650866941ac70_._cache_b.exe Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\._cache_b.exe
Size	1.5MB
Processes	2560 (b.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`c3c547a2f7ba40a8ccc74c64f56f74bf`
SHA1	`3499ffe761db6d8a1f3d506e3cc3497e18f0a5ff`
SHA256	`be1650866941ac704ce9dd90f87276c3b9f008f25040e8ac78f3cc2c62233124`
CRC32	`B348FD75`
ssdeep	`24576:YBbdrmZoGk/52SCUAO55ksXy4gE47he4wtL/xExlzXyDK:Or3/5PkO553eEQwtqx1`
Yara	PE_Header_Zero - PE File Signature Malicious_Packer_Zero - Malicious Packer ASPack_Zero - ASPack packed file Malicious_Library_Zero - Malicious_Library DllRegisterServer_Zero - execute regsvr32.exe IsPE32 - (no description) Generic_Malware_Zero - Generic Malware OS_Processor_Check_Zero - OS Processor Check UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	97f5ef845da64bf0_ikkklnhf.jpg Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\iKkklnhF.jpg
Size	21.3KB
Processes	2800 (Synaptics.exe)
Type	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1024x768, frames 3
MD5	`0d33968393dcc9211affc23dd15cdbe1`
SHA1	`0ad865d81d75aa49946ae22475e47b2f78afd37d`
SHA256	`97f5ef845da64bf0896744b1a543e2cbe17389d5866cae5f903cf789132dd93f`
CRC32	`E6C03107`
ssdeep	`192:ebDo5NukShRb1ASYQY4dFXYMNfG9WB2CvV0Neep:eDoSkeV1JXbNfG02Dwep`
Yara	JPEG_Format_Zero - JPEG Format
VirusTotal	Search for analysis

Name	3aa440f95af95f03_4eu79xl.ini Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\4eU79XL.ini
Size	1.6KB
Processes	2800 (Synaptics.exe)
Type	HTML document, UTF-8 Unicode text, with very long lines, with no line terminators
MD5	`5f84931fe6136e51378f0e00e212418f`
SHA1	`e326979834ade9891f64e3491fcf96c027434daa`
SHA256	`3aa440f95af95f03da794521a2370edf401363a3f05eb560051ac914a40a9807`
CRC32	`21948BA1`
ssdeep	`24:GgsF+03ESU6pepPQfkZbc6cn1BZdAe1nCr1LTHm6D9viLRIxv+5A:GgK+oE+pAZewRDK4mW`
Yara	None matched
VirusTotal	Search for analysis

Name	113528adbbf5f745_TemporaryFile Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\25264562\TemporaryFile\TemporaryFile
Size	892.0KB
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`a38a05e4a9dbfc6e7b6608b7f48d909c`
SHA1	`72013c52a8d0572c803f7f7240d84c4819e307c7`
SHA256	`113528adbbf5f74519d59a556e232e43f87e067ebe229ce0698bb9cd2a3656b0`
CRC32	`85387865`
ssdeep	`12288:v5mcnXTgXcH3y4gE94PDheqjwLpL/duo6F+tdjBgj3V6XEHNYEu0l8+zXw:v55ksXy4gE47he4wtL/xExlzX`
Yara	PE_Header_Zero - PE File Signature Malicious_Packer_Zero - Malicious Packer Malicious_Library_Zero - Malicious_Library DllRegisterServer_Zero - execute regsvr32.exe IsPE32 - (no description) Generic_Malware_Zero - Generic Malware OS_Processor_Check_Zero - OS Processor Check UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	b9eae90f8e942cc4_synaptics.dll Submit file
Filepath	C:\ProgramData\Synaptics\Synaptics.dll
Size	15.0KB
Processes	2800 (Synaptics.exe)
Type	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5	`c0ef4d6237d106bf51c8884d57953f92`
SHA1	`f1da7ecbbee32878c19e53c7528c8a7a775418eb`
SHA256	`b9eae90f8e942cc4586d31dc484f29079651ad64c49f90d99f86932630c66af2`
CRC32	`9466E8B5`
ssdeep	`192:n+s61A/0LiwxqfKD6Vk/gqWhiQ7ST92s2APu4Tk8QjcW5tPx:lx0iwxqsRQmT92sPuR8Azr5`
Yara	PE_Header_Zero - PE File Signature IsDLL - (no description) mzp_file_format - MZP(Delphi) file format IsPE32 - (no description)
VirusTotal	Search for analysis