| Name | cde19c153c7163d9_help1[1] |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BYECVYBT\help1[1] |
| Size | 383.0B |
| Processes | 1896 (pcpedemo.exe) |
| Type | GIF image data, version 89a, 106 x 22 |
| MD5 | 47bcbe8dc0f90aeb95aa76a2acd82ad3 |
| SHA1 | 30021dd6b5e51d2954a59ee98e5211a0a0223c3d |
| SHA256 | cde19c153c7163d9030c19a090c0509287716edcda5c2320a74deb33ef57899d |
| CRC32 | B59DFB3D |
| ssdeep | 6:jwz9jix86VuSFxf9pituiAmD+2Vu0Offv7a497gHaITeGcm8e2ZpGglA+UtBrMr:jtJu2WAmD+yPO3LBIqGcm8TIA50mr |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 6393a4ca875870f8_blank_page[1] |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\blank_page[1] |
| Size | 218.0B |
| Processes | 1896 (pcpedemo.exe) |
| Type | HTML document, ASCII text, with CRLF line terminators |
| MD5 | bef3709bacf0e22ad48bf08526d4b2cd |
| SHA1 | 43910d9f21f9830cc68d40d8cc5e975dea5b95c3 |
| SHA256 | 6393a4ca875870f8b296d41c1a02a477a47e8c30a671c858df981cac0768c1a0 |
| CRC32 | 53F39F98 |
| ssdeep | 6:WaYiT4xdRErUJR0k0IaV2svyBogWk0gyMeqbouUxb:FheBfFe2svyJ0gyMeqzUh |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 763aae91b7a5f4bb_help0[1] |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\help0[1] |
| Size | 526.0B |
| Processes | 1896 (pcpedemo.exe) |
| Type | GIF image data, version 89a, 106 x 22 |
| MD5 | 78f8cd0beef735dab08df0379cd1d054 |
| SHA1 | 00183a5ee54a28f66c6efa69fa629dd90bc2c140 |
| SHA256 | 763aae91b7a5f4bb3fb9cfd8dce31b5557e310248e21eb4ce27708a7391ee361 |
| CRC32 | 25714E81 |
| ssdeep | 12:8hGR9d86qYScn0jd3q36j+/2sB28D8SJDLPWPthcKV:8hs/AYt0jdg/2sA8DLDLP0thhV |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | ac1395a3c8cdf2b3_monitor2[1] |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\monitor2[1] |
| Size | 1.6KB |
| Processes | 1896 (pcpedemo.exe) |
| Type | GIF image data, version 89a, 106 x 22 |
| MD5 | dfe2dade3162c805f80c4ffd60530edf |
| SHA1 | a95127001a8a4810cdf72292c8ba611208afd4ce |
| SHA256 | ac1395a3c8cdf2b30e65ff0eec352851967b30c4bb9409f08ca70180d184eb97 |
| CRC32 | A22145FE |
| ssdeep | 24:/YCye0cEF/DPmiUIIZyp9Wr/c63LOjrPrY+9lqvf7:R2jF/DPmiUGy/c63LOjDrZlK7 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 45d9804611b5dbb3_help2[1] |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\help2[1] |
| Size | 1.1KB |
| Processes | 1896 (pcpedemo.exe) |
| Type | GIF image data, version 89a, 106 x 22 |
| MD5 | 2a16cf6886c7b492d6e4c23bd0617ebb |
| SHA1 | b0233a35db80f5fa4ffc2992e116e36fadc734f3 |
| SHA256 | 45d9804611b5dbb3eebf797ff8cb3dd0d1e7bbfdb1c039a4f4a2abb12dd11fcd |
| CRC32 | 3925C171 |
| ssdeep | 12:qjpGrzOwgyOes02IkJB2lEfmbVauIkJIseDu1kNkLc6:NzVJkb2lkmpT6seDu1kNkY6 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 895b4b872eb3af73_apc_logo[1] |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTDTA402\apc_logo[1] |
| Size | 1.4KB |
| Processes | 1896 (pcpedemo.exe) |
| Type | GIF image data, version 89a, 76 x 20 |
| MD5 | 61f9062ca057a9465ee1511165471e7d |
| SHA1 | db1fc7fb4aea43d4387c1a604987c7b3174278d4 |
| SHA256 | 895b4b872eb3af738a351ff6e5ad36f889b21ad5fb0421143b4b9c75aa7d27f0 |
| CRC32 | DDB75DCC |
| ssdeep | 24:eebmYdy/E2Q9KJtOOcguKPqMI7a6ZUYEf4az7MMG8/:eebJdd18J5c9KyM+ZJEn1z/ |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | a54242bfeb228a76_apc pcpe for 98.chm |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\9f4108b9e5\APC PCPE for 98.chm |
| Size | 76.9KB |
| Processes | 2220 (pcpedemo.exe) |
| Type | MS Windows HtmlHelp Data |
| MD5 | 0d32440b55c0d544c72b200ecc124c45 |
| SHA1 | b5817a3bc855485f0b16184b09e8c0eca9ddc3f3 |
| SHA256 | a54242bfeb228a764cbfb4863dcca6010334e32605fe5b2062c1bc030b2d5396 |
| CRC32 | 94AFF0BB |
| ssdeep | 1536:BZ3N680wXLHYVtyWKCvjcD8Z4Wd810sko6JMXeDpv2ByPRT1zj7z:Ld5tXMZDs92skbS4iuzj7z |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | fedd75faded300c1_config1[1] |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\config1[1] |
| Size | 1.3KB |
| Processes | 1896 (pcpedemo.exe) |
| Type | GIF image data, version 89a, 106 x 22 |
| MD5 | 713c84d7c28110d711390df57115b36a |
| SHA1 | 00615d63bbd735577a16e9c254cef73c6696db38 |
| SHA256 | fedd75faded300c1c806c593b82c6de5617859d6c0e695db6acd76320d97e1d4 |
| CRC32 | 45DA39E6 |
| ssdeep | 12:3RZiVpxHnm7/lCIFtbs4St1K0kOebfa4myI9qzXereBzvu0If:HiLxHm7/sIFtoHKvOebX9I9cuIi0o |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 1b6da7c272b34727_killkeys[2] |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BYECVYBT\killkeys[2] |
| Size | 106.0B |
| Processes | 1896 (pcpedemo.exe) |
| Type | ASCII text, with CRLF line terminators |
| MD5 | 79e42a50648bf97b57e35c0723fa70b8 |
| SHA1 | dce925c5964b1bec1e39d41e8e2e2295fcbd1bc0 |
| SHA256 | 1b6da7c272b34727c508e91669a128e720f2ff3af4a98b2ca59bc5730b299e81 |
| CRC32 | 35FE5ADA |
| ssdeep | 3:TMQDkKo9LGETJQHKMSnlLOAK1eysnlLXpXkJQAi5fLy:AQk99yETZnl6AKUPl1UeAi5Dy |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | d2a4131eea8af429_index[1] |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\index[1] |
| Size | 516.0B |
| Processes | 1896 (pcpedemo.exe) |
| Type | HTML document, ASCII text, with CRLF line terminators |
| MD5 | d5520767074b7de18d59d62f501285e9 |
| SHA1 | 03b33e3c5c23da448bec465c7676dc4568caa49f |
| SHA256 | d2a4131eea8af429f1365df022b323dabdaf38578175ae02a1ead3e6ab551905 |
| CRC32 | D0A6A4D9 |
| ssdeep | 12:zievBHMvya90gJ1EwHkhB7J0+VJ42gCkiChAIxa642CG:RvxMvyaNJSwHkm+VzgEChrGG |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | fd3f5c019f04e227_info_button[1] |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTDTA402\info_button[1] |
| Size | 995.0B |
| Processes | 1896 (pcpedemo.exe) |
| Type | GIF image data, version 89a, 14 x 14 |
| MD5 | 22d00a63ab30ceb02828a6cd2fdc001b |
| SHA1 | 9f3b09ee2f26e47b82aca7c7acdd04c159db9420 |
| SHA256 | fd3f5c019f04e227c72f97ff63f21f45011055ddfa25800b153f2a9bc8aefe67 |
| CRC32 | B70DD725 |
| ssdeep | 12:x+byXG9j9qa/iqI2eX3Oc5ufYUysNkmm+tHxZXyRdCNSD9We:IGG9j9nifX3OIudysVJXTiv |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | df37a6de9b8a4b3f_config2[1] |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTDTA402\config2[1] |
| Size | 1.3KB |
| Processes | 1896 (pcpedemo.exe) |
| Type | GIF image data, version 89a, 106 x 22 |
| MD5 | d87c01ae1fe6cb91f16212bf324111b4 |
| SHA1 | 9ac9aa99e4321ce3855eea9c1cda1f18d9d62d1d |
| SHA256 | df37a6de9b8a4b3f3144d5eb8eaa7de07b72f53b6b55c9f2beadf45e6508dc6e |
| CRC32 | 98746EBA |
| ssdeep | 24:Jm7+oYOfPisU0vQBlodyOA/7pn0PQnWXs:1oRU0IB//90PQn2s |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 0ed99404f2763a71_help_about[1] |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\help_about[1] |
| Size | 2.5KB |
| Processes | 1896 (pcpedemo.exe) |
| Type | HTML document, ASCII text, with CRLF line terminators |
| MD5 | 85d325d33c3e4b9eab5ce4245685b4bf |
| SHA1 | 762265c553224734cc666975864e1879e07257e8 |
| SHA256 | 0ed99404f2763a71693b39badfd20898de8e9f2e5dc63809d4b35f74c497adb1 |
| CRC32 | 44EF44D3 |
| ssdeep | 48:tqdNpLYK3QWNHBIaVul703Vul7BQVulsAqllic15VmQ1Xzag4t1HFG//ruKIbtZ:tONN33Quugu0uoQc15VmQ1DR81HFG//K |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | a39f84d23d5adee3_monitor1[1] |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTDTA402\monitor1[1] |
| Size | 670.0B |
| Processes | 1896 (pcpedemo.exe) |
| Type | GIF image data, version 89a, 106 x 22 |
| MD5 | 56eb5c982df1c17714075338714da840 |
| SHA1 | abdecb1afcbb3ffc44eedd9c2c633cef762c34c0 |
| SHA256 | a39f84d23d5adee35f677aca4990383258c92058f84e643af1155aa3e78247d0 |
| CRC32 | C8C47449 |
| ssdeep | 12:j2GdWAmD+UL1ulM0TfMuYIySMZ4JdZ61BTn3LzbttRBGsi:5dxmDLL1uyfuYI5zZ6PT7/m |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | c6a648f6f5fd4f4d_toolbar[1] |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTDTA402\toolbar[1] |
| Size | 3.8KB |
| Processes | 1896 (pcpedemo.exe) |
| Type | HTML document, ASCII text, with CRLF line terminators |
| MD5 | 423b98b869dfd5754c96b658c0f919a2 |
| SHA1 | 902392e40de6c285da0df915e4d259e82de699d4 |
| SHA256 | c6a648f6f5fd4f4dd92e17f6d533b566c0e1896d04ce01cc8fca2f5bcefa4025 |
| CRC32 | 1D357375 |
| ssdeep | 48:tqjpF7zr2Np2a2G1123eWilvwMiyepSbnUU+t22DPFsJRPsAEX62OXFsJRPsA7Xu:tA/44YeU+tlFsJRkT62qFsJRkU6ge |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | dc1401a350be020c_styles[1] |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\styles[1] |
| Size | 1.4KB |
| Processes | 1896 (pcpedemo.exe) |
| Type | ASCII text, with CRLF line terminators |
| MD5 | 5f9362b57aca3509438c86e0ad7428b1 |
| SHA1 | 596ff30e55493ce0a3e454b755ba1c0873055450 |
| SHA256 | dc1401a350be020cf0a8771b25c1a3132593884b8e8a54821b16165f81cb443d |
| CRC32 | 632182BE |
| ssdeep | 24:MdFtL+w3XR8LYAxvK8zRyhvfHR8DhviR8DhvrTzR8LY1R8LYrbFR82Fq/lRtYFR8:kXL+OaLRZz01HaDkaDFTzaLIaL6FaAq3 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | a73a12a2cee051ca_monitor0[1] |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\monitor0[1] |
| Size | 837.0B |
| Processes | 1896 (pcpedemo.exe) |
| Type | GIF image data, version 89a, 106 x 22 |
| MD5 | e9812402a17481b6f5fbfafb3702eceb |
| SHA1 | 4ec47b47dfae14a341e33400ef5e86fcef8aa7e8 |
| SHA256 | a73a12a2cee051ca17dead26789ccf2ef5ac9d70268c605383aa23c8c2574b18 |
| CRC32 | B2A14843 |
| ssdeep | 12:W+xqY86qYSDzWitrjieYpbwk2RHq+3sJ+J+L8roUdguJ/Uh7yxGZn7wp:W+fAYEWUmeYwv4rJ+AorDdLkyxGNwp |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 95ffd34cbb834b89_config0[1] |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BYECVYBT\config0[1] |
| Size | 738.0B |
| Processes | 1896 (pcpedemo.exe) |
| Type | GIF image data, version 89a, 106 x 22 |
| MD5 | cef82a9941ed634f4cd46150e3c68344 |
| SHA1 | 894da64702954d7702db5aef14ce4564c17a41cb |
| SHA256 | 95ffd34cbb834b89ce0d8dcccb9b493e1bbe05d1332ff66d691bcf0f6c4044a6 |
| CRC32 | 36EC6BB3 |
| ssdeep | 12:SWnR86qYyevPfoeIyJIiCDIHoWDpjvcOgTfO9eIYdXl:SWRAYVgCmiCxWdDgjcY5l |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | bd11a4a4e8b65905_pcpedemo.exe |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\9f4108b9e5\pcpedemo.exe |
| Size | 952.0KB |
| Processes | 2220 (pcpedemo.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | 0a49f039e184e75ee555db77539d63cc |
| SHA1 | bb52f51cea4abe3d1446f8ca144d7921b69ec3b2 |
| SHA256 | bd11a4a4e8b65905aea001e72b04af08e384e30e3f9d5363aa9473dac9f196e3 |
| CRC32 | C8C1AB0E |
| ssdeep | 6144:yRRFlPfVaGLEss603qS3e8Ynu337UFlod/KIJ1NCoWHuUFcEa3TDNZGNPtxOH6yd:ZGrs603NVYu3LUFlod/EoWHuN3DMqk |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | bdd5050f61f4d912_apc pcpe for xp.chm |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\9f4108b9e5\APC PCPE for XP.chm |
| Size | 70.8KB |
| Processes | 2220 (pcpedemo.exe) |
| Type | MS Windows HtmlHelp Data |
| MD5 | f278559b63f4149ab7c5c733e7af6c38 |
| SHA1 | 782ef780bfca52e57f276e4a982198f2fae0222d |
| SHA256 | bdd5050f61f4d912843bc1da70c5a2d1c8bc5b825b219d2fd8433b0f9ebdcb5b |
| CRC32 | 4D683764 |
| ssdeep | 1536:QAfOW0H4HNfJKyzP0Cqi73y4C2R5RqUzzx0Ik6UluhH1Gt7dM1Hyj:3jtfJKatqi73zJRT1zdrk6UluhwZM8 |
| Yara | None matched |
| VirusTotal | Search for analysis |