| Name | cf11d6b3c18d4c02_d93f411851d7c929.customDestinations-ms~RF1778c90.TMP |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d93f411851d7c929.customDestinations-ms~RF1778c90.TMP |
| Size | 7.8KB |
| Processes | 1472 (powershell.exe) 3036 (powershell.exe) |
| Type | data |
| MD5 | f2f5505600e2895c007b3ff3cfe3d4aa |
| SHA1 | f0235a3c8056872d55eeef803d1bc33bac37a753 |
| SHA256 | cf11d6b3c18d4c02466b670bcb0394ac49382e6a87ad58d2561f2660922b586c |
| CRC32 | 9AF5ED3C |
| ssdeep | 96:EtuCojGCPDXBqvsqvJCwoJtuCojGCPDXBqvsEHyqvJCworc7HwxGlUVul:Etu6XoJtu6bHnorXxY |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 7649b8ad9f152357_tmp5335.tmp |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\tmp5335.tmp |
| Size | 1.6KB |
| Processes | 1016 (wintask.exe) |
| Type | XML 1.0 document, ASCII text, with CRLF line terminators |
| MD5 | 0945338dbbde23a39f8e3b070414e6e3 |
| SHA1 | 73f7c5aa0ed2b91d6a38c2c268163dc5e508f36b |
| SHA256 | 7649b8ad9f152357da7d74cca106f0cfbc756e05a3304f0406b7a4ba0119c901 |
| CRC32 | CA9A80BC |
| ssdeep | 24:2dH4+SEqCH/7IlNMFQ/rlMhEMjnGpwjpIgUYODOLD9RJh7h8gKB2tn:cbhf7IlNQQ/rydbz9I3YODOLNdq3W |
| Yara | None matched |
| VirusTotal | Search for analysis |