| Name | 8b503faa70349270_nest |
|---|---|
| Filepath | C:\Users\Public\nest |
| Size | 9.0B |
| Processes | 656 (cop.exe) |
| Type | ASCII text, with CRLF line terminators |
| MD5 | 55ac1f587447d9ac65613489e0eb04ec |
| SHA1 | 8354647aeaa6679435843db9a5d66b192e141f34 |
| SHA256 | 8b503faa70349270fa6f1d6114d77b96cd3f789e00b13b61f934e58dd00466ad |
| CRC32 | 291996AD |
| ssdeep | 3:NNav:NNk |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 24222300c78180b5_Trast.bat |
|---|---|
| Filepath | C:\Users\Public\Trast.bat |
| Size | 34.0B |
| Processes | 656 (cop.exe) |
| Type | ASCII text, with no line terminators |
| MD5 | 4068c9f69fcd8a171c67f81d4a952a54 |
| SHA1 | 4d2536a8c28cdcc17465e20d6693fb9e8e713b36 |
| SHA256 | 24222300c78180b50ed1f8361ba63cb27316ec994c1c9079708a51b4a1a9d810 |
| CRC32 | 7F4F9BF9 |
| ssdeep | 3:LjTnaHF5wlM:rnaHSM |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 37c59c8398279916_KDECO.bat |
|---|---|
| Filepath | C:\Users\Public\KDECO.bat |
| Size | 155.0B |
| Processes | 656 (cop.exe) |
| Type | ASCII text, with no line terminators |
| MD5 | 213c60adf1c9ef88dc3c9b2d579959d2 |
| SHA1 | e4d2ad7b22b1a8b5b1f7a702b303c7364b0ee021 |
| SHA256 | 37c59c8398279916cfce45f8c5e3431058248f5e3bef4d9f5c0f44a7d564f82e |
| CRC32 | 42292F53 |
| ssdeep | 3:LjT5LJJFIf9oM3KN6QNb3DM9bWQqA5SkrF2VCceGAFddGeWLCXlRA3+OR:rz81R3KnMMQ75ieGgdEYlRA/R |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | b2f660b911a4df18_umhnheg.url |
|---|---|
| Filepath | C:\Users\Public\Libraries\umhnheG.url |
| Size | 96.0B |
| Processes | 656 (cop.exe) |
| Type | MS Windows 95 Internet shortcut text (URL=<file:"C:\\Users\\Public\\Libraries\\Gehnhmu\\Gehnhmu.exe">), ASCII text, with CRLF line terminators |
| MD5 | db558eeb0a2c1985872b991de9d65189 |
| SHA1 | 5d541a1d6aa0a8a8d6b33ebafefa92cc32403112 |
| SHA256 | b2f660b911a4df183102c18acc373f473ff44bce9daca0ae093cb677ee3b755d |
| CRC32 | E7B63899 |
| ssdeep | 3:HRAbABGQYmTWAX+rSF55i0XMBd8oL1SsGKd7ovn:HRYFVmTWDyz+dfEsb7yn |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | f35f2658455a2e40_UKO.bat |
|---|---|
| Filepath | C:\Users\Public\UKO.bat |
| Size | 250.0B |
| Processes | 656 (cop.exe) |
| Type | ASCII text, with CRLF line terminators |
| MD5 | eaf8d967454c3bbddbf2e05a421411f8 |
| SHA1 | 6170880409b24de75c2dc3d56a506fbff7f6622c |
| SHA256 | f35f2658455a2e40f151549a7d6465a836c33fa9109e67623916f889849eac56 |
| CRC32 | 8C4E367F |
| ssdeep | 6:rgnMXd1CQnMXd1COm8hnaHNHIXUnMXd1CoD9c1uOw1H1gOvOBAn:rgamIHIXUaXe1uOeVqy |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | b8b45c11ddd97094_dex.bmp |
|---|---|
| Filepath | C:\Users\Public\DEX.BMP |
| Size | 110.0KB |
| Processes | 656 (cop.exe) |
| Type | PC bitmap, Windows 3.x format, 280 x 134 x 24 |
| MD5 | a46da3eb42ded24dc58b5719fe0e35cd |
| SHA1 | 0acdd8acb3a2695858aacd6d26d0d720f1eb767b |
| SHA256 | b8b45c11ddd97094e48e5c50a17bb31c0c727294dbbf63d85d1b32026a69303b |
| CRC32 | 9EE95A94 |
| ssdeep | 1536:1yejrrrrrrrTyTNP2Q0vvEf2qfXMhOnatbqsK2Nl7QJKM9huYLzUvMCFO1Ge:1xSgEKS2Nl72/c12 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 45aa3957c2986526_nest.bat |
|---|---|
| Filepath | C:\Users\Public\nest.bat |
| Size | 53.0B |
| Processes | 656 (cop.exe) |
| Type | ASCII text, with CRLF line terminators |
| MD5 | 8ada51400b7915de2124baaf75e3414c |
| SHA1 | 1a7b9db12184ab7fd7fce1c383f9670a00adb081 |
| SHA256 | 45aa3957c29865260a78f03eef18ae9aebdbf7bea751ecc88be4a799f2bb46c7 |
| CRC32 | 989CB101 |
| ssdeep | 3:LjT9fnMXdemzCK0vn:rZnMXd1CV |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 1919103af2653b43_old.png |
|---|---|
| Filepath | C:\Users\Public\Old.png |
| Size | 89.5KB |
| Processes | 656 (cop.exe) |
| Type | data |
| MD5 | e55fb56a9b7f0afc6ebe2fe587374e5a |
| SHA1 | 91129ca5df22fd9902c56f1d52dd8231b07b6835 |
| SHA256 | 1919103af2653b43eee38499075bc7f8c31bdf6f610adfeb847ca79dec95be9e |
| CRC32 | 9302C399 |
| ssdeep | 1536:KIO1euMWM0AiuQ3M7Zjq0UwGq8SGi0eMPFvEf2qfVBmPX:L4Iimq0U5hESP |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 4b6fdf9cbea14e56_gehnhmu.exe |
|---|---|
| Filepath | C:\Users\Public\Libraries\Gehnhmu\Gehnhmu.exe |
| Size | 665.0KB |
| Processes | 656 (cop.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | 977a62444517295a0cfeb9e6e6f8e27a |
| SHA1 | 1d65a3f31ee59b9da8e175bf5d09c4e95d596953 |
| SHA256 | 4b6fdf9cbea14e56b10f5e4d5c4c8fbe34de5454ec1b246814a9464e8c81e314 |
| CRC32 | AB4F8704 |
| ssdeep | 12288:iFaS5hDku4BW/vgeURfvtSotoaM9wx+DgbvenAAAAAAAAAAAAAAAJAA:2f/J4BeOXSotolw4Dgb |
| Yara |
|
| VirusTotal | Search for analysis |