| Name | bb9181b3935b8681_tmpFC8A.tmp |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\tmpFC8A.tmp |
| Size | 1.3KB |
| Processes | 1644 (XDF.exe) |
| Type | XML 1.0 document, ASCII text, with CRLF line terminators |
| MD5 | be81f72fa4dbc827132836ee2af92c96 |
| SHA1 | fe5ded04ab4932dea6cf414e9e4428f43da70d03 |
| SHA256 | bb9181b3935b8681a71b578f8166883e61380de6181df82d05f14829323fbf0f |
| CRC32 | 7AA438E3 |
| ssdeep | 24:2dH4+S/4oL600QlMhEMjn5pwjVLUYODOLG9RJh7h8gK0Rb5xtn:cbk4oL600QydbQxIYODOLedq3Sb5j |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | e1c12088f192fc5e_task.dat |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\017BD04F-B3BF-45B6-8167-9E8F41FF87BF\task.dat |
| Size | 42.0B |
| Processes | 1644 (XDF.exe) |
| Type | ASCII text, with no line terminators |
| MD5 | f312cc26f184fc680ee9a018bb4f3619 |
| SHA1 | b1d7177f70f7346d003134f71856abb3ccfbf0c0 |
| SHA256 | e1c12088f192fc5e1b194092c4d0ef307e3982db5d95056f741c9a2c6da0a2f4 |
| CRC32 | 34050F52 |
| ssdeep | 3:oNmWxpcL4E2J5xAId:oNmQpcLJ23fd |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | f8098a6290118f29_settings.bin |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\017BD04F-B3BF-45B6-8167-9E8F41FF87BF\settings.bin |
| Size | 40.0B |
| Processes | 1644 (XDF.exe) |
| Type | data |
| MD5 | 4e5e92e2369688041cc82ef9650eded2 |
| SHA1 | 15e44f2f3194ee232b44e9684163b6f66472c862 |
| SHA256 | f8098a6290118f2944b9e7c842bd014377d45844379f863b00d54515a8a64b48 |
| CRC32 | C6B6460B |
| ssdeep | 3:9bzY6oRDT6P2bfVn1:RzWDT621 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 5e37b5069faae9b5_run.dat |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\017BD04F-B3BF-45B6-8167-9E8F41FF87BF\run.dat |
| Size | 8.0B |
| Processes | 1644 (XDF.exe) |
| Type | Non-ISO extended-ASCII text, with no line terminators, with escape sequences |
| MD5 | e6ad74ea79c91c621b1e6e0dd94abbc9 |
| SHA1 | 6e8770911d631f671a1d1b1487daa695e309a3df |
| SHA256 | 5e37b5069faae9b5b291c5e2de56c35627a46ab76f9b6bbd070f17e484629dd5 |
| CRC32 | 1A1AA5CC |
| ssdeep | 3:i+M8t:ic |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | e9de6fc042fff6ba_tmpFB31.tmp |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\tmpFB31.tmp |
| Size | 1.3KB |
| Processes | 1644 (XDF.exe) |
| Type | XML 1.0 document, ASCII text, with CRLF line terminators |
| MD5 | 10fa8e3492f57f6fec2936a3c0ae94f8 |
| SHA1 | 623dfe27d5c61b87b191cc022ff66511eb654dfb |
| SHA256 | e9de6fc042fff6bae6bf7e4ded9a437612bf935123cf886c9785a971d9dae048 |
| CRC32 | D35F08BD |
| ssdeep | 24:2dH4+S/4oL600QlMhEMjn5pwjVLUYODOLG9RJh7h8gK0Zhxtn:cbk4oL600QydbQxIYODOLedq3Yhj |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 3d58f22d51d8ce1a_storage.dat |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\017BD04F-B3BF-45B6-8167-9E8F41FF87BF\storage.dat |
| Size | 406.1KB |
| Processes | 1644 (XDF.exe) |
| Type | data |
| MD5 | 7c8188ebe984b268f8d117e801a50e9b |
| SHA1 | 7eba6533a875bd16cefb5152c917eedb6ee422d3 |
| SHA256 | 3d58f22d51d8ce1a005224f5e5baa28f103dedc33bc00ae5a2f222d84c7a582b |
| CRC32 | 7EA8DA4C |
| ssdeep | 12288:OF30dVaG4159TdyDOjxR624CXV2JCxJS88n3:c32aL9TdyDSv4m4kS3 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | a773767d5714808b_catalog.dat |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\017BD04F-B3BF-45B6-8167-9E8F41FF87BF\catalog.dat |
| Size | 232.0B |
| Processes | 1644 (XDF.exe) |
| Type | data |
| MD5 | 678166f4cb8e67fed18f334ab43a6b9f |
| SHA1 | 2aa698be0d8bdd534749b315856d962a3325f6c9 |
| SHA256 | a773767d5714808bd7d8e1b5f496659682e5c0f5d01d012f49affe5f280591a4 |
| CRC32 | C335D7EB |
| ssdeep | 6:X4LDAnybgCFcps0OaNGElBf3xGwy0bQMLZqdrKvn1gfjuWQd:X4LEnybgCF0NG2fw6ExK1g6Ld |
| Yara | None matched |
| VirusTotal | Search for analysis |