| Name | e727209c6a2cd5a9_task.dat |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\017BD04F-B3BF-45B6-8167-9E8F41FF87BF\task.dat |
| Size | 42.0B |
| Processes | 2744 (XKL.exe) |
| Type | ASCII text, with no line terminators |
| MD5 | 9e9f94a6c5550c079a187ec59c6ee922 |
| SHA1 | 56515f2bc2ce6d743a2e9d5d09c36bfe9810ee6c |
| SHA256 | e727209c6a2cd5a967a97174c0ac65182d4163b1f95286cdd468f06be830d578 |
| CRC32 | 8FE3A526 |
| ssdeep | 3:oNmWxpcL4E2J5xAITdA:oNmQpcLJ23fRA |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 28ab04c5c744077f_storage.dat |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\017BD04F-B3BF-45B6-8167-9E8F41FF87BF\storage.dat |
| Size | 406.1KB |
| Processes | 2744 (XKL.exe) |
| Type | data |
| MD5 | 8ff67447d1af5fa75f28c2a1809cf9ac |
| SHA1 | c1d0ccb084dfc5e32df657b3e65b9d1ce268cad1 |
| SHA256 | 28ab04c5c744077f8d8ad20ed4095d977960defe9cdad30f076335c70805c352 |
| CRC32 | 8688C72C |
| ssdeep | 12288:OF30dVaG4159TdyDOjxRqimQHaY4TsiLgkzt5JT:c32aL9TdyDSy3/jLR5x |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | f8098a6290118f29_settings.bin |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\017BD04F-B3BF-45B6-8167-9E8F41FF87BF\settings.bin |
| Size | 40.0B |
| Processes | 2744 (XKL.exe) |
| Type | data |
| MD5 | 4e5e92e2369688041cc82ef9650eded2 |
| SHA1 | 15e44f2f3194ee232b44e9684163b6f66472c862 |
| SHA256 | f8098a6290118f2944b9e7c842bd014377d45844379f863b00d54515a8a64b48 |
| CRC32 | C6B6460B |
| ssdeep | 3:9bzY6oRDT6P2bfVn1:RzWDT621 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | bb9181b3935b8681_tmp5A32.tmp |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\tmp5A32.tmp |
| Size | 1.3KB |
| Processes | 2744 (XKL.exe) |
| Type | XML 1.0 document, ASCII text, with CRLF line terminators |
| MD5 | be81f72fa4dbc827132836ee2af92c96 |
| SHA1 | fe5ded04ab4932dea6cf414e9e4428f43da70d03 |
| SHA256 | bb9181b3935b8681a71b578f8166883e61380de6181df82d05f14829323fbf0f |
| CRC32 | 7AA438E3 |
| ssdeep | 24:2dH4+S/4oL600QlMhEMjn5pwjVLUYODOLG9RJh7h8gK0Rb5xtn:cbk4oL600QydbQxIYODOLedq3Sb5j |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 801e11b1f9902740_run.dat |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\017BD04F-B3BF-45B6-8167-9E8F41FF87BF\run.dat |
| Size | 8.0B |
| Processes | 2744 (XKL.exe) |
| Type | data |
| MD5 | 4636d9e45c3c09fdfea917fb3948f168 |
| SHA1 | c156cf12363d113e9733610da20029b6e8be197d |
| SHA256 | 801e11b1f99027408c7b64fd5b88306e09d5057f45ea0f5e7b4842350b3616a1 |
| CRC32 | BC0B1066 |
| ssdeep | 3:6tn:6tn |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 186085f58541c5db_tmp587B.tmp |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\tmp587B.tmp |
| Size | 1.3KB |
| Processes | 2744 (XKL.exe) |
| Type | XML 1.0 document, ASCII text, with CRLF line terminators |
| MD5 | 106b5f4052c88b4654422e4b82313332 |
| SHA1 | 613583dd9866869b3f837206dc2b3b3beec85ff3 |
| SHA256 | 186085f58541c5db489b8f2222250beed8417ae8104da0e964bdd07356d56750 |
| CRC32 | 23BE996E |
| ssdeep | 24:2dH4+S/4oL600QlMhEMjn5pwjVLUYODOLG9RJh7h8gK0Z58xtn:cbk4oL600QydbQxIYODOLedq3YGj |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | a773767d5714808b_catalog.dat |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\017BD04F-B3BF-45B6-8167-9E8F41FF87BF\catalog.dat |
| Size | 232.0B |
| Processes | 2744 (XKL.exe) |
| Type | data |
| MD5 | 678166f4cb8e67fed18f334ab43a6b9f |
| SHA1 | 2aa698be0d8bdd534749b315856d962a3325f6c9 |
| SHA256 | a773767d5714808bd7d8e1b5f496659682e5c0f5d01d012f49affe5f280591a4 |
| CRC32 | C335D7EB |
| ssdeep | 6:X4LDAnybgCFcps0OaNGElBf3xGwy0bQMLZqdrKvn1gfjuWQd:X4LEnybgCF0NG2fw6ExK1g6Ld |
| Yara | None matched |
| VirusTotal | Search for analysis |