| Name | cc8b761583872bc8_lock.llpbgbfevgeij.txt |
|---|---|
| Filepath | C:\Users\test22\Documents\Lock.LLpBgBfEvgEiJ.txt |
| Size | 282.6KB |
| Processes | 2972 (KarLocker_exe.exe) |
| Type | data |
| MD5 | 6e87798bec2938b834dd09cdf2561794 |
| SHA1 | ba6a5d67d1cc1b30b34aeaea4b0a3fc24d42f862 |
| SHA256 | cc8b761583872bc80eb1883ec12f6fd3aa05a733de42fb54e1e5a3e9349f53ab |
| CRC32 | 0DAE9D05 |
| ssdeep | 6144:akYq8X+CuITi1y1xwDn2WWTWqbZMMdd30yIIzeue6R10q:aA8X16yEDkCQuzyIIzeue9q |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 3c6b1f0335ebecef_lock.nxaosxjtqzdyg.txt |
|---|---|
| Filepath | C:\Users\test22\Documents\Lock.NXaoSxjTqzdYG.txt |
| Size | 139.7KB |
| Processes | 2972 (KarLocker_exe.exe) |
| Type | data |
| MD5 | cd694cf1555542d102d80b70c99bf20f |
| SHA1 | 3186c5b6c4f82a298c1985462909ec9b2aba3ff2 |
| SHA256 | 3c6b1f0335ebecef6d1a05bd12a081b4a6e1b567da13bdf1ad3bdcd8b47a481a |
| CRC32 | 834ED98B |
| ssdeep | 3072:uSNP3vIgRzCWk2pDGdd/7+kzervaTe3DN9A0S6ezwmvfh7:/hgg1CWk9ddwkezNeFhHh7 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 79f6c5e4f3a10812_ZyMQVIOJRV.rtf |
|---|---|
| Filepath | C:\Users\test22\Documents\ZyMQVIOJRV.rtf |
| Size | 256.9KB |
| Type | data |
| MD5 | 3ebb204274a423d7ce60e83ca86c5346 |
| SHA1 | 24dd70a81dfcff49010806ee561eb6488f15e41c |
| SHA256 | 79f6c5e4f3a1081263ffe683c9bbe5d2634edd984cc70f9d2dea9e77c108d05b |
| CRC32 | 5E47E4A6 |
| ssdeep | 3:: |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | ff3e65599f220162_HnLBNMQcuiDk.docm |
|---|---|
| Filepath | C:\Users\test22\Documents\HnLBNMQcuiDk.docm |
| Size | 375.6KB |
| Type | data |
| MD5 | 1a5370f46d14898dd38a7852790533a6 |
| SHA1 | c0b39c99fa0fbcbfc724fab996ab4be6daa1f55d |
| SHA256 | ff3e65599f220162c14f60ce11c67cf329dbe0616fecdd657c6bde8450f02deb |
| CRC32 | B194F5DE |
| ssdeep | 6144:az5pY+Ulg2I+UFWWiMvrXohAryNj2KJcLf4jEm1wsomEu:IA7GfwMjYhGm0AI6UDu |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | f528ec6ebffb101f_JDHeJjBWHuxqp.doc |
|---|---|
| Filepath | C:\Users\test22\Documents\JDHeJjBWHuxqp.doc |
| Size | 230.1KB |
| Type | data |
| MD5 | 2eba488d541f8f3fda77fabd130bef16 |
| SHA1 | 5875ae06399d39f787a38738aaebecf8d873ef74 |
| SHA256 | f528ec6ebffb101f76457eef88e295b7ca290d134e5386907cda333d77c1c617 |
| CRC32 | 03EF1FA4 |
| ssdeep | 6144:3axipu7kSy7EuiI4j3nhsY3QiIfWnEOY/p:qxipu7zux4rhsY3QiIfWpYR |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 5a4b6eb0a3456a74_OejfVnyKEZi.docx |
|---|---|
| Filepath | C:\Users\test22\Documents\OejfVnyKEZi.docx |
| Size | 404.0KB |
| Type | data |
| MD5 | 7bfc450196821ae666ff699166b63a80 |
| SHA1 | af88d2cbbf9ee8559ba7b2f69893b05e24388093 |
| SHA256 | 5a4b6eb0a3456a744f59bd8187e90b2a33d155f67a037fd3ecbe86ace5c2e746 |
| CRC32 | 11366CEA |
| ssdeep | 12288:Yg6AYSr3WA73S20xKHV90R+9orcAClVtKtVWxRfom:nY+313SG1904AMrIVqtr |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 4ef42b28c2d34762_lock.desktop.ini |
|---|---|
| Filepath | C:\Users\test22\Documents\Lock.desktop.ini |
| Size | 408.0B |
| Processes | 2972 (KarLocker_exe.exe) |
| Type | data |
| MD5 | 7835655816219d921dffbdb312396000 |
| SHA1 | bee4392a2a21f1faff64510296ed6d29d5ba6e7a |
| SHA256 | 4ef42b28c2d34762c16b1b31beae549b7a01c891ecf402fe5fe84b79f12afce5 |
| CRC32 | 5B69294B |
| ssdeep | 6:x/unJ6ZESn4iPU+HID8/KOv9CuA4+2Nof9wWdQM4hW0Zi7DYVc8k:x/YcZ74iPoQKG9CuA4GlqG2k |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 7c77124be8990130_lock.wmxfdlmbat.doc |
|---|---|
| Filepath | C:\Users\test22\Documents\Lock.WmXfDlmbAt.doc |
| Size | 341.2KB |
| Processes | 2972 (KarLocker_exe.exe) |
| Type | data |
| MD5 | fd1bc8e4fc26fbcfffc68b6eeccaa7cd |
| SHA1 | 0b608c31f3a14275221cdde60dc17d51589eda37 |
| SHA256 | 7c77124be8990130e778fca869fff7a7b7196e1a6cead1d4ac5de265c526bf87 |
| CRC32 | C685C34F |
| ssdeep | 6144:ms/hLVBJaQHgUA6NxTQkh217S3tbAjmKdhZodEu9mc9SYlmyYGYARtP/BpoPCv8D:ms/9VDaQnpNxLhrdbqheEGP9zp9poPYa |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | add3c298da89cbea_vBALutNOxj.pptx |
|---|---|
| Filepath | C:\Users\test22\Documents\vBALutNOxj.pptx |
| Size | 566.4KB |
| Type | data |
| MD5 | 070b592e319ce5a76202e753f5345e39 |
| SHA1 | 18206c638cec7f0b40834ed9f73ef4598bcbbdc3 |
| SHA256 | add3c298da89cbea5010ea2576254c7c247b598c5df75a78a1c2044204875a2c |
| CRC32 | 8D4F9CF9 |
| ssdeep | 12288:ARNeZW3mIn5MwBIZCOYang3fqlg2oCXJyFKBwSTO4gXo:c4kNXog3fYgTCwK+OO4gXo |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | a83f9aa3cdd99a4c_lock.fowratdvst.docm |
|---|---|
| Filepath | C:\Users\test22\Documents\Lock.FOwRatdvSt.docm |
| Size | 625.2KB |
| Processes | 2972 (KarLocker_exe.exe) |
| Type | data |
| MD5 | e9929a9069d7ba0e219b3d4ce6b7fa70 |
| SHA1 | 1f1fc0d1394852b7b40a83db16345cbbbafd3269 |
| SHA256 | a83f9aa3cdd99a4cb654b7daea944b18da2957ed4d6ba5bc72af7ad881886579 |
| CRC32 | 85666946 |
| ssdeep | 12288:gPqXopu+tN5/jZxPSJaQmNQdXzoP0sqKbatkH+xBGx3CH1zDZm2FCSt:6qX0v5/jPPmKQdccsqIat6AGxA1ZmAt |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 8301e344371b0753_desktop.ini |
|---|---|
| Filepath | C:\Users\test22\Music\desktop.ini |
| Size | 504.0B |
| Type | Little-endian UTF-16 Unicode text, with CRLF, CR line terminators |
| MD5 | 06e8f7e6ddd666dbd323f7d9210f91ae |
| SHA1 | 883ae527ee83ed9346cd82c33dfc0eb97298dc14 |
| SHA256 | 8301e344371b0753d547b429c5fe513908b1c9813144f08549563ac7f4d7da68 |
| CRC32 | 12C87CD2 |
| ssdeep | 12:QZsiL5wmHOlDmo0qml3lDmo0qmZclLwr2FlDmo0IWUol94klrgl2FlDmo0qjKAZY:QCGwv4o0x34o02lLwiF4o0ZvbUsF4o0Z |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 7d7bb02f193e1134_YjNGHHaCFd.docx |
|---|---|
| Filepath | C:\Users\test22\Documents\YjNGHHaCFd.docx |
| Size | 57.2KB |
| Type | data |
| MD5 | 821275418e48f9d94af20a93f4887f99 |
| SHA1 | 1b68e1513ec1e8cfa38dc98c6a92eab3437c3fb2 |
| SHA256 | 7d7bb02f193e11345538f00c631479765b2ae124a1117b10b3eec989d16a9afc |
| CRC32 | 48021A8C |
| ssdeep | 1536:OqqhTynRR4E9aP6r+yKAHSDTQh7BUIxy0RucGk3XpcDzV/:Eh+RHaeXdqTQhaIucGccnl |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 169734501142e65e_lock.axtzwdbeungqbg.ppt |
|---|---|
| Filepath | C:\Users\test22\Documents\Lock.axTZwDBeUngqBG.ppt |
| Size | 719.0KB |
| Processes | 2972 (KarLocker_exe.exe) |
| Type | data |
| MD5 | 5898eb5963e4b0409dd1df6a4209ed98 |
| SHA1 | f67a0273160de86c9e279d0e30d6d0a8b1232ff9 |
| SHA256 | 169734501142e65e8d7edd6d0d4586b7cfeeaff6006524df772a6238f06e02a9 |
| CRC32 | D3F029F1 |
| ssdeep | 12288:ZKBt+hZQpz/yLeQ8wTAusnmOnTWet9lzkBGuaRD4ARGut83tyXz9q5mlf0xEIr2Y:YOfQpERfAuim+Ht7zkbaR8tupXJ6EIiW |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 0a2dce01812cbf94_microsoft update.lnk |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Update.lnk |
| Size | 924.0B |
| Processes | 2972 (KarLocker_exe.exe) |
| Type | MS Windows shortcut, Item id list present, Has Relative path, Has Working directory, ctime=Sun Dec 31 15:32:08 1600, mtime=Sun Dec 31 15:32:08 1600, atime=Sun Dec 31 15:32:08 1600, length=0, window=hide |
| MD5 | dbd7b5a1066cf69329b349386d980f65 |
| SHA1 | 0c6c7ea17c4d9480dc21996263ed5b9de1d41f1d |
| SHA256 | 0a2dce01812cbf94224671fe5ad3d62814dbc037de115a607f966b30264bb5ae |
| CRC32 | 812D0E2B |
| ssdeep | 12:8wl01Y3HV7GyuR+/fGyP1Tmm/Q18/omNJkKA54t2YLEPKzlX8:8mZqRQRPBYSoCHADPy |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | cafec240d998e4b6_desktop.ini |
|---|---|
| Filepath | C:\Users\test22\Documents\desktop.ini |
| Size | 402.0B |
| Type | Little-endian UTF-16 Unicode text, with CRLF, CR line terminators |
| MD5 | ecf88f261853fe08d58e2e903220da14 |
| SHA1 | f72807a9e081906654ae196605e681d5938a2e6c |
| SHA256 | cafec240d998e4b6e92ad1329cd417e8e9cbd73157488889fd93a542de4a4844 |
| CRC32 | 5B59DF6F |
| ssdeep | 12:QZsiL5wmHOlDmo0qmUclLwr2FlDmo0IWF9klrgl2FlDmo0qjKAev:QCGwv4o0hlLwiF4o0UUsF4o01AM |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | e78630bba5644793_lock.desktop.ini |
|---|---|
| Filepath | C:\Users\test22\Videos\Lock.desktop.ini |
| Size | 512.0B |
| Processes | 2972 (KarLocker_exe.exe) |
| Type | data |
| MD5 | ba8e16029d84e8959d9562cb2032d9bf |
| SHA1 | b2953e85caaeca1257522b2efcbec4c0937b20da |
| SHA256 | e78630bba56447930624526c839eeb26fa8192df0f97ddd5115fbf630dc2eeb0 |
| CRC32 | 54A169F1 |
| ssdeep | 12:x/YcZ74iPoQKG9ChqkxEWGx/rb0l4iLNnO91lo:xwA71FCAdf5rM/ |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 73671d1ba8a835e7_desktop.ini |
|---|---|
| Filepath | C:\Users\Public\Pictures\desktop.ini |
| Size | 380.0B |
| Type | Little-endian UTF-16 Unicode text, with CRLF, CR line terminators |
| MD5 | 2f145cca0196fb928ee5656f2cfc2934 |
| SHA1 | 1e90a311b867131811fe6faafd75aa17c3af64e9 |
| SHA256 | 73671d1ba8a835e74033f7e62afb9371c98f01efdd760a2d7093abbfcab7fafa |
| CRC32 | BE75B27C |
| ssdeep | 6:QyqRsioTA5wmHOlRaQmZWGokJqAMhAlC+92fOlRaQmZWGokJqAMhAlNv4DAlLwk6:QZsiL5wmHOlDmo0qmCKlDmo0qmN4clL2 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 4b9d687ac625690f_desktop.ini |
|---|---|
| Filepath | C:\Users\test22\Desktop\desktop.ini |
| Size | 282.0B |
| Type | Little-endian UTF-16 Unicode text, with CRLF, CR line terminators |
| MD5 | 9e36cc3537ee9ee1e3b10fa4e761045b |
| SHA1 | 7726f55012e1e26cc762c9982e7c6c54ca7bb303 |
| SHA256 | 4b9d687ac625690fd026ed4b236dad1cac90ef69e7ad256cc42766a065b50026 |
| CRC32 | E0297D8F |
| ssdeep | 6:QyqRsioTA5wmHOlRaQmZWGokJqAMhAlWygDAlLwkAl2FlRaQmZWGokJISlfY:QZsiL5wmHOlDmo0qmWvclLwr2FlDmo0I |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 28f0751177ff8753_lock.gdipfontcachev1.dat |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Lock.GDIPFONTCACHEV1.DAT |
| Size | 160.5KB |
| Processes | 2972 (KarLocker_exe.exe) |
| Type | data |
| MD5 | e1931f8c61939eb080707696e18cc99b |
| SHA1 | 286ecd942f99559b1d43386bb2452432349db0f2 |
| SHA256 | 28f0751177ff8753d8c67d2925bddf663c1e21bf13e7ea9d1b0b8e5b570a1361 |
| CRC32 | 4583B376 |
| ssdeep | 3072:OyoX9LDCnwXdl0nrwxa1+yWQJSdmUOZm5cG/dYPJ7CM/Rzo1jrUek4jQR+0z61m3:RSPDHMrwVy5JSMUOZm5DE5Rzo1jgePc7 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 6835f8c4e7b16494_gxeffFGQwhrjD.rtf |
|---|---|
| Filepath | C:\Users\test22\Documents\gxeffFGQwhrjD.rtf |
| Size | 954.0KB |
| Type | data |
| MD5 | d3ee1bfb072f0c78ff1a3a1dcf96ac8d |
| SHA1 | 87e92f6b8c56d81385c03445427376d91d7f3f74 |
| SHA256 | 6835f8c4e7b164945d3d2e64c18648cc6a15a50dc22c4a62bdb7e5f4ccef718e |
| CRC32 | E1C0A99E |
| ssdeep | 3:: |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | cde468f4deeca2b2_FOwRatdvSt.docm |
|---|---|
| Filepath | C:\Users\test22\Documents\FOwRatdvSt.docm |
| Size | 625.2KB |
| Type | data |
| MD5 | 68e1490fdc2af0fc3c5e8ad37db6d53a |
| SHA1 | 93a4a61f5703069393623bc4e89d1fe36023af3c |
| SHA256 | cde468f4deeca2b2040a03d9b62840c1b524e311ad240b906980f2810693d2cd |
| CRC32 | C0D062E5 |
| ssdeep | 12288:1WSE1iMAghMcFabgqQ5MMFOoIO7K+BifDmJyOusrE1qyyJj9DKnTNUzhTYpM:1RE1tfhMekgvMYOo97K+5sOusrECdKJQ |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 9e6e4772050998a5_readme.txt |
|---|---|
| Filepath | C:\Users\test22\Desktop\readme.txt |
| Size | 10.0B |
| Type | ASCII text, with no line terminators |
| MD5 | eb6b6c90251ab33cee784713c451e6d8 |
| SHA1 | 451685e9efac4a6dc1fee73ec53ffb6b2c4c38b5 |
| SHA256 | 9e6e4772050998a5c0dc3c61acf3dab0a7e594566171fa5746d6b62f9598efb6 |
| CRC32 | 22598B08 |
| ssdeep | 3:IS:7 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | b18f9a899844d82f_desktop.ini |
|---|---|
| Filepath | C:\Users\Public\Documents\desktop.ini |
| Size | 278.0B |
| Type | Little-endian UTF-16 Unicode text, with CRLF, CR line terminators |
| MD5 | ec659b643b3dc5a57dafa797bbc83871 |
| SHA1 | 1279184f609ae3d548d88ae02a586e341baa590e |
| SHA256 | b18f9a899844d82f60ff3a1ab7fc9efc4a7297d78c04bcda65362b7bce2c02a8 |
| CRC32 | 89209A69 |
| ssdeep | 6:QyqRsioTA5wmHOlRaQmZWGokJqAMhAlCBgDAlLwkAl2FlRaQmZWGokJISlr:QZsiL5wmHOlDmo0qmCBgclLwr2FlDmoY |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | b5a21156abd7ed5f_lock.desktop.ini |
|---|---|
| Filepath | C:\Users\Public\Documents\Lock.desktop.ini |
| Size | 280.0B |
| Processes | 2972 (KarLocker_exe.exe) |
| Type | data |
| MD5 | ed32321288e596a743e12080885bd804 |
| SHA1 | bb98925e7c07132b23bb32b11978b6bda0b11bf5 |
| SHA256 | b5a21156abd7ed5f0c2b1a0a4ac458ca832e401707ed97361967d46e240045bc |
| CRC32 | E0A40CAB |
| ssdeep | 6:x/unJ6ZESn4iPU+HID8/KOv9Cwd2oqbAeifTeWBUhUxcx:x/YcZ74iPoQKG9CwdS+eWehuA |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 25e6ceecdbf5de7a_lock.desktop.ini |
|---|---|
| Filepath | C:\Users\Public\Pictures\Lock.desktop.ini |
| Size | 384.0B |
| Processes | 2972 (KarLocker_exe.exe) |
| Type | data |
| MD5 | ab6923299c092b4c0f3fcfbbe65b1621 |
| SHA1 | 72261916cc9544c36b6f9c50bd3c1ba12d1f058d |
| SHA256 | 25e6ceecdbf5de7a584bb272da67f20ddb8fba4f068a7b15ea05eab2bb60bd0f |
| CRC32 | 34359601 |
| ssdeep | 6:x/unJ6ZESn4iPU+HID8/KOv9Cwd+Iy+DTybApfQ4a94tu7fu7Kesza865InVVdwA:x/YcZ74iPoQKG9Cwd+IPTcAp4P9p7fuo |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 20d40f372763c252_lock.readme.bmp |
|---|---|
| Filepath | C:\Users\test22\Pictures\Lock.readme.bmp |
| Size | 16.0B |
| Processes | 2972 (KarLocker_exe.exe) |
| Type | data |
| MD5 | bca1bbb55d6391869c2626afb794aacd |
| SHA1 | c1dc52455ccff25f732788ed054822bac5867816 |
| SHA256 | 20d40f372763c252c44f2a345e2683822735d579f97b9317cced7edd4c7f6053 |
| CRC32 | 9D63EBFD |
| ssdeep | 3:+MZJ:nZJ |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 4f8f0104d4797dc0_lock.gxefffgqwhrjd.rtf |
|---|---|
| Filepath | C:\Users\test22\Documents\Lock.gxeffFGQwhrjD.rtf |
| Size | 954.0KB |
| Processes | 2972 (KarLocker_exe.exe) |
| Type | data |
| MD5 | 0fa0b44c811e42e6398db51a448e3ad2 |
| SHA1 | 133948bf0adf307fa47433f57e30d5a72ec949fb |
| SHA256 | 4f8f0104d4797dc00904e41f236e913d3f7a62211e12651c1a6d54a4b8c1c71f |
| CRC32 | 822E07DD |
| ssdeep | 24576:DP0xpuxcMmnzwUIQioWlcTcbILIwmitf313bLT1NY3FH:z0GxcMlhHlcAjM9l3b14H |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 5d346b9d4d9a9905_lock.hnlbnmqcuidk.docm |
|---|---|
| Filepath | C:\Users\test22\Documents\Lock.HnLBNMQcuiDk.docm |
| Size | 375.6KB |
| Processes | 2972 (KarLocker_exe.exe) |
| Type | data |
| MD5 | e23eeacb6842999a163548aa9d264c3e |
| SHA1 | c6882cd9bb3090a12d4defd51fdf5de31500d3cf |
| SHA256 | 5d346b9d4d9a99058d8e3035a54f2354cb7ee6d31ae591044281454755a3fc5b |
| CRC32 | 98220A2A |
| ssdeep | 6144:nk3WEbdfYyksEzXAQqPnlunzUCOTmz7PiclPvvfkg1NDpva58jHRCdHE/Ole9sH/:nk5x8jlqNrmzriWvvfkgrpvpCdk/OQGf |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 83a13e77e9490b26_lock.iconcache.db |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Lock.IconCache.db |
| Size | 2.6MB |
| Processes | 2972 (KarLocker_exe.exe) |
| Type | data |
| MD5 | cc967da055006239e67a3440992e74d9 |
| SHA1 | c1f521e05e0d5314f5472dff3f53dd697ca63f43 |
| SHA256 | 83a13e77e9490b265bf4e5938f661dda619116f5be3e4d80abd2207d6a1cf119 |
| CRC32 | 8273670C |
| ssdeep | 49152:deV41pwB06cu613eLnKzhwZ751RuCuR742GN4dQYwKQ67s9G:y/0+5LnKzuPy7rGN2778G |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | ac90ab92b8c81303_mHOldbtpjtgW.pptx |
|---|---|
| Filepath | C:\Users\test22\Documents\mHOldbtpjtgW.pptx |
| Size | 459.7KB |
| Type | data |
| MD5 | 32697da1907666e28b84ef8a927c701b |
| SHA1 | 601f8a1e59fb6b4ac481f3acd234d1416f6dc4da |
| SHA256 | ac90ab92b8c813037670fc8ca780fb2e1cc013f28ee574699e0401daab14fa6e |
| CRC32 | BB9E122D |
| ssdeep | 12288:MpE1sZwxHGI+1Y+k4CGumJ+/Cx3wc+Tr/QCHY6xzmgFRjyFuM3F2:MpEDHGS+DCWJfhHQr/JY+CCyFvF2 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 4acabf712361cecc_sByekmDWYN.docm |
|---|---|
| Filepath | C:\Users\test22\Documents\sByekmDWYN.docm |
| Size | 687.0KB |
| Type | data |
| MD5 | b02d99e427bcbb0cde5927694a35dc61 |
| SHA1 | dbd860832b102d5c0ecadfd652d04595236225d9 |
| SHA256 | 4acabf712361ceccfa30cfe858d8641751f3357b552438fcb4ed7b7e5466738a |
| CRC32 | D679D58F |
| ssdeep | 3:: |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 4272e28a107a92fa_lock.cxmlmlmlmjidcp.doc |
|---|---|
| Filepath | C:\Users\test22\Documents\Lock.cXMLMLMlMJidCP.doc |
| Size | 975.8KB |
| Processes | 2972 (KarLocker_exe.exe) |
| Type | data |
| MD5 | 79e72923cc286f3b611cde98c7ea7cca |
| SHA1 | 719ceaa747464d4abb431f94656bb965cbcc191c |
| SHA256 | 4272e28a107a92fa00f05f3cb4fbb9d7571f9ac7ec20466f94020489c1ea7c35 |
| CRC32 | 26E1F80D |
| ssdeep | 24576:DP0xpuxcMmnzwUIQioWlcTcbILIwmitf313bLT1NY3FbP:z0GxcMlhHlcAjM9l3b14bP |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | c177f89a164c96d2_lock.tzflndanbfcgvti.docm |
|---|---|
| Filepath | C:\Users\test22\Documents\Lock.tZFlnDanbFCgvTi.docm |
| Size | 354.1KB |
| Processes | 2972 (KarLocker_exe.exe) |
| Type | data |
| MD5 | f664cfb5a9c8c80b8f706d3431942d56 |
| SHA1 | d7aac963035b288d39da1fdff4287baba908d9f4 |
| SHA256 | c177f89a164c96d2040fd1c18aa7ee989b3c3d4cc1cbc9a6549ff6cd3e63f91d |
| CRC32 | C80CD83C |
| ssdeep | 6144:mYXxzbhlYfgVxX2drqHrdcBnp7+TPqBZZUb/gxUSU+3S73mdQqknG6wfUEhF6iR7:zlYfigsP8kTgxC+3STy8jwNhJ7 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 60c7e6d52ad532b6_wROAvotNOWsR.ppt |
|---|---|
| Filepath | C:\Users\test22\Documents\wROAvotNOWsR.ppt |
| Size | 676.7KB |
| Type | data |
| MD5 | 035ab896bab91732bb0fe213a1aa18cf |
| SHA1 | 1bdd05621ea4da09003543ee5ad1862eda31ca0e |
| SHA256 | 60c7e6d52ad532b6a3c037036e1fccaf162e93dfa4b600693c5e611e7804baa8 |
| CRC32 | B9A670DB |
| ssdeep | 12288:nlf5gIfO4RoKERjI3EbnK0EDBmX1Q4twcYLomoriEMKB4SxZQ7BoaHeD3:lRdgKyjpKZD9pc7mtKB44ZQFo13 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | b287b639f6edd612_desktop.ini |
|---|---|
| Filepath | C:\Users\test22\Videos\desktop.ini |
| Size | 504.0B |
| Type | Little-endian UTF-16 Unicode text, with CRLF, CR line terminators |
| MD5 | 50a956778107a4272aae83c86ece77cb |
| SHA1 | 10bce7ea45077c0baab055e0602eef787dba735e |
| SHA256 | b287b639f6edd612f414caf000c12ba0555adb3a2643230cbdd5af4053284978 |
| CRC32 | 7085E7FE |
| ssdeep | 12:QZsiL5wmHOlDmo0qmclDmo0qmJclLwr2FlDmo0IWVvklrgl2FlDmo0qjKArn:QCGwv4o0o4o0mlLwiF4o090UsF4o01Ar |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 24922db2148ca3d3_FAaWoqRZplEQFsGvV.docm |
|---|---|
| Filepath | C:\Users\test22\Documents\FAaWoqRZplEQFsGvV.docm |
| Size | 273.3KB |
| Type | data |
| MD5 | 19b0656634435462e896fef744aa57e7 |
| SHA1 | 95ffda562ba8403f95a4a9c62835998f25098aee |
| SHA256 | 24922db2148ca3d3dd35d6b7d6faeeba2d560637007c80833cb31e7b3aedd2e8 |
| CRC32 | 4B19E78A |
| ssdeep | 6144:MhnRaQKsSbHY9fFFd4nIjAnBbP9mUcsOrxQLPGhVX1:MYQKsSbH49AIMndP9mUcsOrUAF |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 5a90adba4072835d_lock.mholdbtpjtgw.pptx |
|---|---|
| Filepath | C:\Users\test22\Documents\Lock.mHOldbtpjtgW.pptx |
| Size | 459.7KB |
| Processes | 2972 (KarLocker_exe.exe) |
| Type | data |
| MD5 | 1dd63d6721fcb7c8f88aceb509d32770 |
| SHA1 | 15ed056fe539a87079e683a2e647617671ba97c7 |
| SHA256 | 5a90adba4072835d92192369383199158839769680d005caa093341d21406f7c |
| CRC32 | 5411B651 |
| ssdeep | 12288:jWeLmA48qbaKVOg6oa56Vy7VjR40m0QR1Y6EHtC0eViiU4H/N/RREVc:jRmAxOaKVOgIr7V9410Qo4VikH/N3b |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | dda9c91e01699200_lock.sbyekmdwyn.docm |
|---|---|
| Filepath | C:\Users\test22\Documents\Lock.sByekmDWYN.docm |
| Size | 687.0KB |
| Processes | 2972 (KarLocker_exe.exe) |
| Type | data |
| MD5 | f94a2816635d9682db328b7aa54ea90b |
| SHA1 | 5841799ffd5880f246ed6a0028fefc23e1aff01f |
| SHA256 | dda9c91e01699200f26ddcd22ba82017617b4ba179ca87344e1f64d4685ec621 |
| CRC32 | 24CC8740 |
| ssdeep | 12288:jISTJd0xpuxcMe3Rflzwbg1Nd0vQi4lWOzne/cTcnbI6+RIrEz6itDLJ9Az0I6:DP0xpuxcMmnzwUIQioWlcTcbILIwmitL |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | f4e9482a4cce6383_lock.onyeiyahxng.docx |
|---|---|
| Filepath | C:\Users\test22\Documents\Lock.ONyeiyAHXnG.docx |
| Size | 898.8KB |
| Processes | 2972 (KarLocker_exe.exe) |
| Type | data |
| MD5 | d5c81156dfa698daafb642f0d003655d |
| SHA1 | 9b82be683992602dfe77b98f38f80ddebc1984ce |
| SHA256 | f4e9482a4cce6383fcbf0b464a35d1642d907572cda58e0d832b92ac9b59cf14 |
| CRC32 | 402D0381 |
| ssdeep | 24576:DP0xpuxcMmnzwUIQioWlcTcbILIwmitf313bLT1NYg:z0GxcMlhHlcAjM9l3b1z |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 3c3ba892c0aa7695_LLpBgBfEvgEiJ.txt |
|---|---|
| Filepath | C:\Users\test22\Documents\LLpBgBfEvgEiJ.txt |
| Size | 282.6KB |
| Type | data |
| MD5 | 5e9d2f7d96c0457b4b9a957cfe5efbce |
| SHA1 | 5d38e0c435e2a87e92bfeec3fa53051cf807e8b0 |
| SHA256 | 3c3ba892c0aa7695149222882692e73c76b5a464b2c7ca81bcabdda5ea5e1ec0 |
| CRC32 | B707014B |
| ssdeep | 6144:IcGx9/gVTA5Ij6H7fyOows4ARvqZ6QlXZq/OghPg:IcgeWIj6H7qOfs4ARvqZ6+pcP9g |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 41a386bf7c153fa0_IconCache.db |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\IconCache.db |
| Size | 2.6MB |
| Type | data |
| MD5 | 3b7c215fd85d87494c13dd7f80170491 |
| SHA1 | 480fa77755998fd0faaad580e1659d6fc174595b |
| SHA256 | 41a386bf7c153fa03d6fba9e1db4f8fb370ea7283e0fa9f7520fedef1e9a32a6 |
| CRC32 | 60469859 |
| ssdeep | 49152:6b9zuUoeoA7cE7chS7cplHGe7cLQ7casJ:S9zuUoeolYf |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | ec76a4d11c43d80a_lock.xtgoutelmxzuthf.rtf |
|---|---|
| Filepath | C:\Users\test22\Documents\Lock.xTgoutelmxZUthF.rtf |
| Size | 542.0KB |
| Processes | 2972 (KarLocker_exe.exe) |
| Type | data |
| MD5 | d05519af7eff2c4711dd649de9a654a0 |
| SHA1 | 940433948ebb76e1a2fc3cb0ce3aa417203a6f49 |
| SHA256 | ec76a4d11c43d80af38f2e0c778bc28f03b6219150fb92ee4be0eebca856f1e1 |
| CRC32 | 06FF7988 |
| ssdeep | 12288:ZvBbBhjC0UBr5M6ZS0Q7sCEj+I4chfEgHAUZEy:nbL9UBlVt+sfj+cf+ML |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | e65d49a789f8c930_lock.zymqviojrv.rtf |
|---|---|
| Filepath | C:\Users\test22\Documents\Lock.ZyMQVIOJRV.rtf |
| Size | 256.9KB |
| Processes | 2972 (KarLocker_exe.exe) |
| Type | data |
| MD5 | 983e14b17e94b6b0dd995f370557ecd2 |
| SHA1 | 4381c3673586e12f4aa5a8f65359aa96d4ce4055 |
| SHA256 | e65d49a789f8c93000b09bef653c7588460719d6165ad2bad5b84b4614bce33d |
| CRC32 | 8BD7D7C7 |
| ssdeep | 6144:jNKOySTZDYm9jIxVHuXscHcMfW3Rfc8nb+A1wG/NOiam56I:jISTJd0xpuxcMe3RflzwbgT |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | cb4e93277081095b_lock.desktop.ini |
|---|---|
| Filepath | C:\Users\test22\Pictures\Lock.desktop.ini |
| Size | 512.0B |
| Processes | 2972 (KarLocker_exe.exe) |
| Type | data |
| MD5 | 82d46e91be16a17eb99f24cac1768f01 |
| SHA1 | d1cd482829c5e89d764a36af5db3b23535b0d8f0 |
| SHA256 | cb4e93277081095bdbd95f8bd745a80700689bc25483259ae9d970a2c72f076e |
| CRC32 | 835B809B |
| ssdeep | 12:x/YcZ74iPoQKG9CuF/+Pih/a63DCoDSr3xGFUZ4ppWpo4:xwA71FCi4iVn32oDskFUZQpW64 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name |
e3b0c44298fc1c14_8x8x8
Empty file or file not found
|
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\8x8x8 |
| Size | 0.0B |
| Processes | 2972 (KarLocker_exe.exe) |
| Type | empty |
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| CRC32 | 00000000 |
| ssdeep | 3:: |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 34ae08d15c34e017_lock.desktop.ini |
|---|---|
| Filepath | C:\Users\test22\Music\Lock.desktop.ini |
| Size | 512.0B |
| Processes | 2972 (KarLocker_exe.exe) |
| Type | data |
| MD5 | 3e5d2582a5d0c915afef6c8cafa343d1 |
| SHA1 | 7062928a2ec000838f78dce8c48693a1859471e1 |
| SHA256 | 34ae08d15c34e017facda7c39f7b5f9e8cc891b160072b908969a1a2523772aa |
| CRC32 | 3740F620 |
| ssdeep | 12:x/YcZ74iPoQKG9CHlw5Ok9LIDNV86xqSx95b+1ywId21p4sE0e11:xwA71FCdk9LIU4x3b4bId2Y4er |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | d1f1ece2a703aae4_aut6460.tmp |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\aut6460.tmp |
| Size | 120.0KB |
| Processes | 2972 (KarLocker_exe.exe) |
| Type | JPEG image data, JFIF standard 1.01, resolution (DPI), density 119x119, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 910x451, frames 3 |
| MD5 | ad4cf3dded4cad6b2355ec4a8664ba3e |
| SHA1 | cdb0d7671ad45774a536c70b2dbfc7484e1c4536 |
| SHA256 | d1f1ece2a703aae4a8540a5c7db841e2de82a5727c9a8bdc1b344314d5f51e8a |
| CRC32 | 2D2988DD |
| ssdeep | 3072:Yul4/4tHv2LFelNK4MpiftjKDRnA5qEt1HIav:LPta4MHDRhEFv |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 2962d403e3bbd3a4_GDIPFONTCACHEV1.DAT |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\GDIPFONTCACHEV1.DAT |
| Size | 160.5KB |
| Type | DOS executable (COM) |
| MD5 | 81185aa9a1837668dac16e6386385a31 |
| SHA1 | fa41c24556972addbf93bd45656e3d72f1c64220 |
| SHA256 | 2962d403e3bbd3a4930daa617ebbd344606e1ce46163c224bb8e904afa777252 |
| CRC32 | 2FDEEA75 |
| ssdeep | 1536:ScRIm+w9PHgTzz+NYxfvWXDDeTKvnMea9b5c7grbU0LW+dVsO4S5WKS1HCtImNjG:FIvRtcDeSNNwlev |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 88e65aa69858b179_CJgZNzWBCXYHnBkZq.txt |
|---|---|
| Filepath | C:\Users\test22\Documents\CJgZNzWBCXYHnBkZq.txt |
| Size | 31.3KB |
| Type | data |
| MD5 | 78af5f2f35746bdaa5499e29daca737d |
| SHA1 | 7ac488b31b66b81fcd7711453acc6efede1aaf32 |
| SHA256 | 88e65aa69858b179558b77e4542670d29399e83fb04dd4f207cbe9ca8ddf3d13 |
| CRC32 | 71A2CC37 |
| ssdeep | 768:2zA1C82+UYugHPAH/Ug2+I7TcJTvfFAzl6vj+vFepKb:2MCaUYhIUgus9vdAzl6vjOb |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | ebfc24fef868e258_lock.yjnghhacfd.docx |
|---|---|
| Filepath | C:\Users\test22\Documents\Lock.YjNGHHaCFd.docx |
| Size | 57.2KB |
| Processes | 2972 (KarLocker_exe.exe) |
| Type | data |
| MD5 | 5c51c34bcd5f78b4f86525f326781b78 |
| SHA1 | 38228ce66c6d23cd6be0155aa58f41e442e5a898 |
| SHA256 | ebfc24fef868e258d39598f3fb37dbe55095359abfe88e120770e64a27fa66a7 |
| CRC32 | 9EED9E80 |
| ssdeep | 1536:AJisWDpYl073Mp9NQG22cKrKswKKRlB+fIo7ugKX3Pe:AHW1YlV9NQtuK2pKHPe |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | f16ed6f7ff049e79_ONyeiyAHXnG.docx |
|---|---|
| Filepath | C:\Users\test22\Documents\ONyeiyAHXnG.docx |
| Size | 898.8KB |
| Type | data |
| MD5 | 1c3a0afd5428ea2b1e11aeea596d2dbc |
| SHA1 | e41928731b20b7420e6f1cceaaec451e400cac43 |
| SHA256 | f16ed6f7ff049e79be0a98206dfad09ccf349ae89161d16b17de023e43db177f |
| CRC32 | CA3EE9A8 |
| ssdeep | 3:: |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | b3936f9c0cf4d01d_lock.qaxytxewuxzprzy.rtf |
|---|---|
| Filepath | C:\Users\test22\Documents\Lock.QAXyTXeWuxZprZY.rtf |
| Size | 678.2KB |
| Processes | 2972 (KarLocker_exe.exe) |
| Type | data |
| MD5 | 2a0342778e53e105c4e08c52ade56e08 |
| SHA1 | fee0923043313cd28236e82ff64c7a1453592e9f |
| SHA256 | b3936f9c0cf4d01d42560f92137b6df71de4f02aab4736219f3136e10c509844 |
| CRC32 | A5D09016 |
| ssdeep | 12288:xK5TfTbEzCxDrLjdqurZM+fclFzShQzgDMI8+RdDBbWOfRhxNnGbQETSR7GhvV9y:x2Tfs2DrtLZLU3cQcDdBbBfhNnuQETW3 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 12c78c9260e3a063_cXMLMLMlMJidCP.doc |
|---|---|
| Filepath | C:\Users\test22\Documents\cXMLMLMlMJidCP.doc |
| Size | 975.8KB |
| Type | data |
| MD5 | cbd0b8b7f8282d062ec9d05ca4c1e662 |
| SHA1 | 065d880f19ac4cd67504037614eaee8f4059cb15 |
| SHA256 | 12c78c9260e3a063b73d0e1b782f249ea8fa75e8c7541c589d67449ef8828428 |
| CRC32 | 16A9FB54 |
| ssdeep | 3:: |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 88856962cef670c0_desktop.ini |
|---|---|
| Filepath | C:\Users\test22\Pictures\desktop.ini |
| Size | 504.0B |
| Type | Little-endian UTF-16 Unicode text, with CRLF, CR line terminators |
| MD5 | 29eae335b77f438e05594d86a6ca22ff |
| SHA1 | d62ccc830c249de6b6532381b4c16a5f17f95d89 |
| SHA256 | 88856962cef670c087eda4e07d8f78465beeabb6143b96bd90f884a80af925b4 |
| CRC32 | 8449C5DA |
| ssdeep | 12:QZsiL5wmHOlDmo0qmalDmo0qmN4clLwr2FlDmo0IWFSklrgl2FlDmo0qjKA1:QCGwv4o0u4o0RhlLwiF4o0HUsF4o01A1 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | f27a09b5738c3fd6_lock.cjgznzwbcxyhnbkzq.txt |
|---|---|
| Filepath | C:\Users\test22\Documents\Lock.CJgZNzWBCXYHnBkZq.txt |
| Size | 31.3KB |
| Processes | 2972 (KarLocker_exe.exe) |
| Type | data |
| MD5 | 075bafe7f7313407667b68031fb7554b |
| SHA1 | f19c16a767b52f4fe6d7054cc50914ba8af42e75 |
| SHA256 | f27a09b5738c3fd6cd3b20c9f50fe379d2c12d0b0a47188cea0ab7af716000f4 |
| CRC32 | C2056378 |
| ssdeep | 768:BcSBA7iC7UPFXe1yPaYtprRuRhikXDe81dOQzTPwesP08LEhcw:BcSBA7ifUyPaYY1tdOQYes08L4cw |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 7308554b335639b8_lock.xtuxcpducngbi.rtf |
|---|---|
| Filepath | C:\Users\test22\Documents\Lock.xTuXcPDuCnGBi.rtf |
| Size | 475.8KB |
| Processes | 2972 (KarLocker_exe.exe) |
| Type | data |
| MD5 | 6c170b8416324cd77ae778b9a103ef44 |
| SHA1 | 3725fb84d58034e023e5c93e1b9b3425ad320390 |
| SHA256 | 7308554b335639b81e64077334cdaed1c2de65ad6aa968428e76f27a0044602c |
| CRC32 | 025D32A8 |
| ssdeep | 12288:2YXWw5Fl4yVcTITsTcGfR/bLbfgBsGdw4vHuxEdkUR5y4/G1jjHo:2Y35AyVxzGf5bPfgBsQw4vH/dkOY4+3o |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 7ff02fe5fdd24624_lock.desktop.ini |
|---|---|
| Filepath | C:\Users\Public\Videos\Lock.desktop.ini |
| Size | 384.0B |
| Processes | 2972 (KarLocker_exe.exe) |
| Type | data |
| MD5 | 1266a4ab23e5f2bb48db47c0ad3a391c |
| SHA1 | 8a3c979136b0432c9291d5dbe25cf5a9c1bc043b |
| SHA256 | 7ff02fe5fdd24624fb413f493ecb593606663dac00382a7a0e12303bd45a7ae9 |
| CRC32 | 318D4630 |
| ssdeep | 6:x/unJ6ZESn4iPU+HID8/KOv9CwdRgZ/6xDhyPlrt45UxnDmOY+FfzFqrQxhNeEof:x/YcZ74iPoQKG9CwdRgZ/qDhyAaiCzFs |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | d719c6796022f1e7_desktop.ini |
|---|---|
| Filepath | C:\Users\Public\Videos\desktop.ini |
| Size | 380.0B |
| Type | Little-endian UTF-16 Unicode text, with CRLF, CR line terminators |
| MD5 | 582bd0facb013808c1c4804d894cd9fd |
| SHA1 | 110a526a7a56b6df5bfc547b33cb852e590bb893 |
| SHA256 | d719c6796022f1e7c94a3208b6a488191e83c135067b6640dc5f7fcb872604e8 |
| CRC32 | C5EA89AF |
| ssdeep | 6:QyqRsioTA5wmHOlRaQmZWGokJqAMhAlCc0FfOlRaQmZWGokJqAMhAl0gDAlLwkAr:QZsiL5wmHOlDmo0qmCclDmo0qmJclLwl |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 30fb6cb48d4689a0_lock.desktop.ini |
|---|---|
| Filepath | C:\Users\test22\Desktop\Lock.desktop.ini |
| Size | 288.0B |
| Processes | 2972 (KarLocker_exe.exe) |
| Type | data |
| MD5 | ba41cfaa9aff58c3b40c7ac73b4d1cd4 |
| SHA1 | 691f19d9330522a47b16c832c6d6b51a3a2efc72 |
| SHA256 | 30fb6cb48d4689a02731dedf82483a58738ba4131e4be90b2a44bd1ab9fd6a0a |
| CRC32 | 5577362E |
| ssdeep | 6:x/unJ6ZESn4iPU+HID8/KOv9C1pO+Q6M/N7P0lXXoU+IHn:x/YcZ74iPoQKG9CDO+eF7P0lXXoFyn |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | fe90f7a07020c7cf_lock.jsgirplhspm.txt |
|---|---|
| Filepath | C:\Users\test22\Documents\Lock.jsGIrPlHsPM.txt |
| Size | 152.3KB |
| Processes | 2972 (KarLocker_exe.exe) |
| Type | data |
| MD5 | 6e252f4203183db0712bddf7dd2ea7e6 |
| SHA1 | b570c87056ae0f0da98c9c9eab7a8e030849b799 |
| SHA256 | fe90f7a07020c7cf486807b53b5fd44a69c44b6549906e20b7458ae5537a16a3 |
| CRC32 | 5DAA25CE |
| ssdeep | 3072:sn20X4CysXduW/ifvM/n+jOyX/i520Mrqor3/3U62RbMNaAso:IX4CysXduyi4oa52LfLfUpR4NaE |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 846d4c1e42e107e6_lock.jdhejjbwhuxqp.doc |
|---|---|
| Filepath | C:\Users\test22\Documents\Lock.JDHeJjBWHuxqp.doc |
| Size | 230.1KB |
| Processes | 2972 (KarLocker_exe.exe) |
| Type | data |
| MD5 | e73b4f006957fef2d8debaefc0d41aba |
| SHA1 | 181b7cab57b34346b3050154e6274bc159f31699 |
| SHA256 | 846d4c1e42e107e6e623726aa986c0b5fcec7450ec528041ef2439aeb045614c |
| CRC32 | 7DAAA78F |
| ssdeep | 6144:6409yJUqFxNmca8qhUoSz+zUpmlrYZEpq7BY1Vv:JBTQS0UoSSzUje/v |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 1613dfca627df925_jsGIrPlHsPM.txt |
|---|---|
| Filepath | C:\Users\test22\Documents\jsGIrPlHsPM.txt |
| Size | 152.3KB |
| Type | data |
| MD5 | 678f200bbdcbd766738c556fc32a58d8 |
| SHA1 | d04d2b7feb4ae5217b2e506b7029d2932a1b897d |
| SHA256 | 1613dfca627df92567ddad65992d171f58ce44f6606f6ce6a72b0d0d17641912 |
| CRC32 | D85EC086 |
| ssdeep | 3072:TUzncZdDUeK0wBA1fwBwwLjbI3czjlpIpLdxgQ5SGP8RSn5DD+ZhTCn69ABgd:gwT8IRQlipLzSFcnFDiFSA |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 892b1a7d5f022759_QAXyTXeWuxZprZY.rtf |
|---|---|
| Filepath | C:\Users\test22\Documents\QAXyTXeWuxZprZY.rtf |
| Size | 678.2KB |
| Type | data |
| MD5 | ea1492ef0406e545a2e2581829163d45 |
| SHA1 | 02a498220bcdea29f1ef9010caa9c2a219ff7b48 |
| SHA256 | 892b1a7d5f02275906d80346f3dbf8f192a08d5dfdb337bf45c428ab8e8b92ff |
| CRC32 | DDDAA1F1 |
| ssdeep | 12288:rEGawY9BhBkdwjHq+osdil+PgylFdmpsMRLyZEIKliwMbsgfExgjfNrgLHSCQAP:rwZ9BPkdwjHq+4l7CFd2ATwM52gDJPCn |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | bbf951bf64b10186_lock.faawoqrzpleqfsgvv.docm |
|---|---|
| Filepath | C:\Users\test22\Documents\Lock.FAaWoqRZplEQFsGvV.docm |
| Size | 273.3KB |
| Processes | 2972 (KarLocker_exe.exe) |
| Type | data |
| MD5 | 3100f30dec2ab63381e37b253c1040c5 |
| SHA1 | 4d1d06d6b3501f63571f2a78067a3cd371c53ca2 |
| SHA256 | bbf951bf64b1018614442d072b7dadc76da317b24a9ac4881659a54d62c20d70 |
| CRC32 | F010CEC2 |
| ssdeep | 6144:ajpN4qSapKYCwrBfKa/tUID5YVaqiA1xN2lHwjDNYdqH:aj0qSaTrBf/nt43TN2pcDyda |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | f7a73ab6af16f6f7_ATwjKHHgPIXqpQbCw.doc |
|---|---|
| Filepath | C:\Users\test22\Documents\ATwjKHHgPIXqpQbCw.doc |
| Size | 885.7KB |
| Type | data |
| MD5 | cab9ead02dd73038c3b38e6e1e809629 |
| SHA1 | 89d84eb971b789dc922880ce0b5b805cfeddeac8 |
| SHA256 | f7a73ab6af16f6f760f6a5b1a82669c41736f85c537bb2134370738272d51b3a |
| CRC32 | 9BFEB3BD |
| ssdeep | 3:: |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 59908b471631a426_xTgoutelmxZUthF.rtf |
|---|---|
| Filepath | C:\Users\test22\Documents\xTgoutelmxZUthF.rtf |
| Size | 542.0KB |
| Type | data |
| MD5 | 2d80b016e7bfa57c26c056f8e9b8a453 |
| SHA1 | 3f9fe4cfdde345d293337af485492612f99c7dc4 |
| SHA256 | 59908b471631a4262ba147f7f133618343630a64b3e49a11123616b3c7f62bf9 |
| CRC32 | DEDF1EE4 |
| ssdeep | 12288:WEgsC9TgENOtvYiObhpRH6L7pxv1HzylgtAUCWcT76K5:A98EQtsbjRHQpPHzy2tHuSm |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 20d95e2088d0956a_WmXfDlmbAt.doc |
|---|---|
| Filepath | C:\Users\test22\Documents\WmXfDlmbAt.doc |
| Size | 341.2KB |
| Type | data |
| MD5 | c4fe0231a62ac1a333491872bae8a596 |
| SHA1 | 6d6c9e16945247efc5d7440fa2d3fd6d50d586b2 |
| SHA256 | 20d95e2088d0956af485f33b94fd4ba158bb966b20b418a46f21abea25d384ef |
| CRC32 | 8B32DD6E |
| ssdeep | 6144:+ZQVO2O3G8ta1by2rpvlUb8E1ESV0YAROya86FSJxPgxHGS2vv6kHQsK7:wQcT3Lib95l08KEqLTFSAxHGvCmE |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 5178ef5ea99c241e_xTuXcPDuCnGBi.rtf |
|---|---|
| Filepath | C:\Users\test22\Documents\xTuXcPDuCnGBi.rtf |
| Size | 475.7KB |
| Type | data |
| MD5 | a9717c54a7835e8136380588cfc4fe74 |
| SHA1 | 61f1405f3bef086420acc12e83606093b745beb0 |
| SHA256 | 5178ef5ea99c241eddd41968e6c0667701698eaf1e9c08288d95f700ba283825 |
| CRC32 | 3304B536 |
| ssdeep | 12288:Ba3BOx0K8WlL8TPHpPk2inQlbn052f7cmwKVNzPUYpp:ERavUPHpHFleWV7P |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 991ae7757d6736ea_lock.vbalutnoxj.pptx |
|---|---|
| Filepath | C:\Users\test22\Documents\Lock.vBALutNOxj.pptx |
| Size | 566.4KB |
| Processes | 2972 (KarLocker_exe.exe) |
| Type | data |
| MD5 | 52bc8f95e705434d006901aab0635b4b |
| SHA1 | da4c8048bec928ca0487005f91e4d736d1008c2a |
| SHA256 | 991ae7757d6736ead113c8075a8bb4c5d6fb34f3a929e77de76f0fec4dc1b85b |
| CRC32 | 6D221595 |
| ssdeep | 12288:bG7bevhdhDPuEtsM1P0wmtDRQDSRIHRpL5/aJAkHrWcXF7laTBk:Eevhdhz+MlOtDRQDSR2RZ5XOqTBk |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | d92f67299af5defe_tZFlnDanbFCgvTi.docm |
|---|---|
| Filepath | C:\Users\test22\Documents\tZFlnDanbFCgvTi.docm |
| Size | 354.1KB |
| Type | data |
| MD5 | a9b586ea90416e496a84470ff5bc9093 |
| SHA1 | a939bfd145b6829794435b9517fe8383ffce22bc |
| SHA256 | d92f67299af5defe77ece3470b3e381fb87d634d12f1f6433f06c10f903dcdf2 |
| CRC32 | E77DC3BA |
| ssdeep | 6144:x79HFykY6jTCBlU1pNwsRVL7UQruSYGj5C7+11g8qAoK/FwtM0z:xNFykYsTOA+sD7UuLdUC7g31K/Fwtp |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 3fe5843287851d2a_NXaoSxjTqzdYG.txt |
|---|---|
| Filepath | C:\Users\test22\Documents\NXaoSxjTqzdYG.txt |
| Size | 139.7KB |
| Type | data |
| MD5 | 1cc70576a7ddf05430fc1014a44327c4 |
| SHA1 | 4c484bc97b2912b0674719ccca2ad520dc86fbfd |
| SHA256 | 3fe5843287851d2a78b3471e26eefb66a2c63482a4671fed9374efb39c1617ef |
| CRC32 | BBD7B6B9 |
| ssdeep | 3072:SxQ+z97QsYasfxoV6gAebVHzI4rlq4zcEw40MqdCg:S4sYWUgjHzv44oMqYg |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 9970af5131097a72_lock.oejfvnykezi.docx |
|---|---|
| Filepath | C:\Users\test22\Documents\Lock.OejfVnyKEZi.docx |
| Size | 404.0KB |
| Processes | 2972 (KarLocker_exe.exe) |
| Type | data |
| MD5 | 0c6ab7a12999411233c5c6550ba4872f |
| SHA1 | b4021e0421c357295153712bfb4e034560ab8a16 |
| SHA256 | 9970af5131097a72849070e2332840370ae70ca8a91cd8103d8331b751b4abf6 |
| CRC32 | A85BB56E |
| ssdeep | 12288:Uoh9WK48Gj217vtxj5Z/ekJy6hWsfw1jLraHaJ:bK8G61z7l9y6xOLOHk |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | fd9dba29f3437367_axTZwDBeUngqBG.ppt |
|---|---|
| Filepath | C:\Users\test22\Documents\axTZwDBeUngqBG.ppt |
| Size | 719.0KB |
| Type | data |
| MD5 | eead7f5ba817ef1bf3ddf2841fbaf712 |
| SHA1 | 875444f709752d044faf59f9047fd0d1a6b7c122 |
| SHA256 | fd9dba29f3437367714b33b4b24ae5e08aad0916ebdf89e60835a1495b7adf3a |
| CRC32 | 06B711A2 |
| ssdeep | 12288:/pIfkitS75ryVglWqQOuw+rPRazvIi4IjxdI9X/9MHb3gBGamLvelSLW2g3:B07s75rCg8OyrPRaDIuj0X/928G1g4fc |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 3f631819ab958122_lock.resmon.resmoncfg |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Lock.resmon.resmoncfg |
| Size | 24.0B |
| Processes | 2972 (KarLocker_exe.exe) |
| Type | data |
| MD5 | 0b920c12bf9d915f3241dcc770cf502e |
| SHA1 | f82004c6e19e606ba7ce5604d61bffe687bbd927 |
| SHA256 | 3f631819ab958122daa16626dbc1d83eadbc846f830dfc5a46d03576aa9ee51a |
| CRC32 | 4B5003BE |
| ssdeep | 3:WkNd+2UCR:WkKhY |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 568269850dbb3f5f_resmon.resmoncfg |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\resmon.resmoncfg |
| Size | 17.0B |
| Type | ASCII text |
| MD5 | 407aab8c27cf7081eece071c90a65b83 |
| SHA1 | d9ec9f9d3768fb1c3646284d77f519f74ee6b8cc |
| SHA256 | 568269850dbb3f5f52e0e38e3c0b29be06c70c58fe425b39746f5ccefdd668a4 |
| CRC32 | F14CBB7A |
| ssdeep | 3:cTIMfLn:8ICLn |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 5af558e5b0e89718_lock.atwjkhhgpixqpqbcw.doc |
|---|---|
| Filepath | C:\Users\test22\Documents\Lock.ATwjKHHgPIXqpQbCw.doc |
| Size | 885.7KB |
| Processes | 2972 (KarLocker_exe.exe) |
| Type | data |
| MD5 | 914b324261b24d0c76c5c131549ba6ce |
| SHA1 | d23638feacf1807cdaca233d788811a1c24423e5 |
| SHA256 | 5af558e5b0e89718e4d6eecd809811951e5eca5541a5e550db8c18cec6454c28 |
| CRC32 | E16ACBBC |
| ssdeep | 24576:DP0xpuxcMmnzwUIQioWlcTcbILIwmitf313bLT1NB:z0GxcMlhHlcAjM9l3b1b |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 29de7888e189635c_lock.wroavotnowsr.ppt |
|---|---|
| Filepath | C:\Users\test22\Documents\Lock.wROAvotNOWsR.ppt |
| Size | 676.7KB |
| Processes | 2972 (KarLocker_exe.exe) |
| Type | data |
| MD5 | 7b840cb95794df005e6e120470d4ab0e |
| SHA1 | d5dc5b81717f1aad08a42fa513f20702cabb60c3 |
| SHA256 | 29de7888e189635cd171e7c3649e4c9c81be9894c0cb51bbc9637e64edb8a294 |
| CRC32 | 9511F63D |
| ssdeep | 12288:AMK/C/lK7NfvnhmhebxWqNsIifTcRj2YX25dSdVa+NTzBuOdX8nAGZHw1a:NKq/qBUhebsqNsIIo5W6o+ZV5CA6HR |
| Yara | None matched |
| VirusTotal | Search for analysis |