| Name | 9213200f3d554a94_start.bat |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\IXP000.TMP\start.bat |
| Size | 807.0B |
| Processes | 2620 (start.EXE) |
| Type | ASCII text, with CRLF line terminators |
| MD5 | 3281ff2701a442076932ae9999f65a83 |
| SHA1 | f86392a6b4d33f975a28ba19b395567d4fd99bb3 |
| SHA256 | 9213200f3d554a94491880321e0b74203a7c38cd0acdc5e8d9dbcbc35e80d47d |
| CRC32 | 8C9F901C |
| ssdeep | 24:mO4UOYuXfnOYFgoEEMEMEEEMEMEMEMEME0:mXYumYFgoEEMEMEEEMEMEMEMEME0 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 9d3d13c55b2614c0_590aee7bdd69b59b.customDestinations-ms~RFd29e07.TMP |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-ms~RFd29e07.TMP |
| Size | 7.8KB |
| Processes | 656 (powershell.exe) 2292 (powershell.exe) |
| Type | data |
| MD5 | 3eb6fb80f9dbbc1201de9e762252141b |
| SHA1 | c6d1e6ea5f2fef6f4458695b8ed7586aed429f1c |
| SHA256 | 9d3d13c55b2614c0615acea119139123b2a29f2a0daded7edd5146e4614a78e6 |
| CRC32 | 23B7285A |
| ssdeep | 96:YtuCaGCPDXBqvsqvJCwo9tuCaGCPDXBqvsEHyqvJCwor/tDHXyWlUVul:YtzXo9tzbHnorlTyo |
| Yara |
|
| VirusTotal | Search for analysis |