| Name | 9d3d13c55b2614c0_590aee7bdd69b59b.customdestinations-ms |
|---|---|
| Filepath | c:\users\test22\appdata\roaming\microsoft\windows\recent\customdestinations\590aee7bdd69b59b.customdestinations-ms |
| Size | 7.8KB |
| Processes | 2220 (powershell.exe) |
| Type | data |
| MD5 | 3eb6fb80f9dbbc1201de9e762252141b |
| SHA1 | c6d1e6ea5f2fef6f4458695b8ed7586aed429f1c |
| SHA256 | 9d3d13c55b2614c0615acea119139123b2a29f2a0daded7edd5146e4614a78e6 |
| CRC32 | 23B7285A |
| ssdeep | 96:YtuCaGCPDXBqvsqvJCwo9tuCaGCPDXBqvsEHyqvJCwor/tDHXyWlUVul:YtzXo9tzbHnorlTyo |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 049d229c448e844e_alosh.ps1 |
|---|---|
| Filepath | C:\Users\Public\alosh.ps1 |
| Size | 12.5KB |
| Processes | 2220 (powershell.exe) |
| Type | ASCII text, with CRLF line terminators |
| MD5 | 199afc572f448386b8a72f872b64778c |
| SHA1 | 012a4e164be0c2b67a58b149e8a4ae48b929e323 |
| SHA256 | 049d229c448e844e1e6d7e30478d986f549c05471764db32ee349f494c3e1314 |
| CRC32 | 79EE6F64 |
| ssdeep | 384:PyM1vXMlK1iMT758EMd43++2MfbMHMMnMjM+:/1xc43Lh |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 2cd213ed0e598078_run.ps1 |
|---|---|
| Filepath | C:\Users\Public\run.ps1 |
| Size | 195.0B |
| Processes | 2220 (powershell.exe) |
| Type | ASCII text, with CRLF line terminators |
| MD5 | fef1a993f600613409e67eabc0727671 |
| SHA1 | 6157598147aff6aff2f90c6a9a08bdf7c4b5beed |
| SHA256 | 2cd213ed0e5980782fdc93a067c94d02cf3e5761df4709f6ba48ef2d3bffb39b |
| CRC32 | 57D221BC |
| ssdeep | 6:Cf6A8vyUdkwc1+EWlFgIKNBW7aHPWyAofaqJ2pS3y:/TLktkEqgIKqAAZ6d3y |
| Yara | None matched |
| VirusTotal | Search for analysis |