| Name | a9220271c0eb79e5_d93f411851d7c929.customdestinations-ms |
|---|---|
| Filepath | c:\users\test22\appdata\roaming\microsoft\windows\recent\customdestinations\d93f411851d7c929.customdestinations-ms |
| Size | 7.8KB |
| Processes | 2536 (powershell.exe) |
| Type | data |
| MD5 | b0c9ff441742f3847ea27da9dee7f2cd |
| SHA1 | c42a1eb32ba953a0ce5d8635caabf71b5b281495 |
| SHA256 | a9220271c0eb79e5750e0d0e62058ecac560e09cdf9e82ef61aeeabada5d48a4 |
| CRC32 | 0BBCAB1A |
| ssdeep | 96:RutuCOGCPDXBqvsqvJCwo+utuCOGCPDXBqvsEHyqvJCworSP7Hwxf2lUVul:UtvXoxtvbHnorrxQ |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | a16bc85001a2ddab_148gxyic.txt |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\Microsoft\Windows\Cookies\148GXYIC.txt |
| Size | 93.0B |
| Processes | 3020 (mshta.exe) |
| Type | ASCII text |
| MD5 | 091d3dc768b07f2298c7f754df8cdd90 |
| SHA1 | be7ed416f05deb4c7c2682d31cf980621ffa6bde |
| SHA256 | a16bc85001a2ddab55c3eca47df2a15170467b2a3b0259c6b6851684e6c6e77f |
| CRC32 | CE2242D9 |
| ssdeep | 3:jvVFQGTViVchj+EyZQ2alVhLWdxLsy:ZaGTViVFnX4hLWd5F |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 7990e703ae060c24_error[1] |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\error[1] |
| Size | 3.2KB |
| Processes | 3020 (mshta.exe) |
| Type | HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators |
| MD5 | 16aa7c3bebf9c1b84c9ee07666e3207f |
| SHA1 | bf0afa2f8066eb7ee98216d70a160a6b58ec4aa1 |
| SHA256 | 7990e703ae060c241eba6257d963af2ecf9c6f3fbdb57264c1d48dda8171e754 |
| CRC32 | B319CFA5 |
| ssdeep | 96:vKFlZ/kxjqD9zqp36wxVJddFAdd5Ydddopdyddv+dd865FhlleXckVDuca:C0pv+GkduSDl6LRa |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | d06572489f2068dd_qtyiwedhjkabdhsagbdhnsavbd[1].htm |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\qtyiwedhjkabdhsagbdhnsavbd[1].htm |
| Size | 148.0B |
| Processes | 3020 (mshta.exe) |
| Type | HTML document, ASCII text |
| MD5 | d22afd0b13d5d89a89ba537017b0b23f |
| SHA1 | 23cab3cae2fdf9aee97708a40ca9a9d61690c0a7 |
| SHA256 | d06572489f2068ddb24644d564e493bc81c4da5ef272578033a68af1cb98b74b |
| CRC32 | DA7C2588 |
| ssdeep | 3:qVvzLURODccZ/vXbvx9nDy2kO2lKd10JK4KlZUIukjkFSXbKFvNGb:qFzLIeco3XLx92xOwq10E4KlZR1jMSLh |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 3829a5b2ade7cfc4_share_buttons_20_3[1].png |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\share_buttons_20_3[1].png |
| Size | 5.0KB |
| Processes | 3020 (mshta.exe) |
| Type | PNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced |
| MD5 | ad9999106d5f550920b586e8e1704e5a |
| SHA1 | 93fd02c51166402a41f96509cd0ca3fb917877dd |
| SHA256 | 3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3 |
| CRC32 | BD3A79DE |
| ssdeep | 96:fQF0nYNa08BXqtmthO92OamTM5TuqeKJbLcbIsZNB52O2LK:fQoYkLBpc92OamT0TeKxLCIsvB52OCK |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 8feaeabc34342446_og1-1[1].htm |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\og1-1[1].htm |
| Size | 31.5KB |
| Processes | 3020 (mshta.exe) |
| Type | HTML document, ASCII text, with very long lines |
| MD5 | 0f41820986333d27198258a02927fc1c |
| SHA1 | 71754b0fc73c8e310bd4625daa8c8f4d437c2a68 |
| SHA256 | 8feaeabc3434244645533b9b7af7183527990e1bd1ab07d779dabaeaf9712e95 |
| CRC32 | 1CFF5D6A |
| ssdeep | 768:pA3eyHHvPWdc4oGM4/x6M6/MJjMoQPFXQ3rs2Qd:pA3LHH2dc4/M4J6M6/MJjMoQPm3rk |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 0ddcb2989d08cd8b_1667664774-css_bundle_v2[1].css |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\1667664774-css_bundle_v2[1].css |
| Size | 35.3KB |
| Processes | 3020 (mshta.exe) |
| Type | ASCII text, with very long lines |
| MD5 | aa5c1b425cec7a0f2b5028c26136edd2 |
| SHA1 | 08381db3f43bad8dec74662655e3ea17726cf394 |
| SHA256 | 0ddcb2989d08cd8b086dad54dcef131ac0b36fa5bcc8a69a41c0313ef514858f |
| CRC32 | 59F3DAB9 |
| ssdeep | 384:B0OhFvg3AwN6VysImDyPWquJMpx/SCYW0h8+Rl9yaZwuJ86YKSQCNL/J69nKg939:B0Oh+/N6nIm6IvW0trVJwxgngRdFr2 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | ca9848e6006cfec8_icon18_edit_allbkg[1].gif |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BYECVYBT\icon18_edit_allbkg[1].gif |
| Size | 162.0B |
| Processes | 3020 (mshta.exe) |
| Type | GIF image data, version 89a, 18 x 18 |
| MD5 | c991641178ff05adf0d004298b5eafa9 |
| SHA1 | d8f6ce8ecd92b86d49849360f6b81ceb10b4c941 |
| SHA256 | ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b |
| CRC32 | 542232D5 |
| ssdeep | 3:CUS9n21IZClSWEj5QQxlEGsSZpZcYES9XfLvlcDdcpFXn:HS9nSIUlSlNQQjEGsSJcYEowdcrX |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 77bbf7198131f779_186635561-comment_from_post_iframe[1].js |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\186635561-comment_from_post_iframe[1].js |
| Size | 16.9KB |
| Processes | 3020 (mshta.exe) |
| Type | ASCII text, with very long lines |
| MD5 | d082e360dc8156b2287b5f9f59ee738a |
| SHA1 | 4d2998859be8b8e34f5cef329e7f2a071d65f8ef |
| SHA256 | 77bbf7198131f779d4b0f1a60286ec9fe66e113a03be25e97b3ddac6b0480a59 |
| CRC32 | F956328C |
| ssdeep | 384:l4wNRCRFZpSgsG3L6TlEp9fJaVzgER22esjnJ:KL3SgZ5oFJ |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 745ee8325d077833_963277127-widgets[1].js |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\963277127-widgets[1].js |
| Size | 153.6KB |
| Processes | 3020 (mshta.exe) |
| Type | ASCII text, with very long lines |
| MD5 | 55e0bf6e90d256d7eedd444e94339d09 |
| SHA1 | 3d64f8edb0194ad995e2b873c30fd3ccbe7be79e |
| SHA256 | 745ee8325d0778336e2c48e1ad3ff31618ca9dd19114e82e21f3760638866a49 |
| CRC32 | 151BBCD3 |
| ssdeep | 1536:UoroWlnDrFcRnxzpW69M8w8BzRX1chMXiox4885C8nNOt9lkSJsvabMHsIbeJiK0:ZHmGqF17WT509xE1PK4OSjSg |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 0fdcb4746995f0d5_body_gradient_tile_light[1].png |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\body_gradient_tile_light[1].png |
| Size | 95.0B |
| Processes | 3020 (mshta.exe) |
| Type | PNG image data, 10 x 10, 1-bit colormap, non-interlaced |
| MD5 | 3b2a20d5b0ba4ca0c5dd90865ad6b9c4 |
| SHA1 | a90928a16d11d21e112b45b60990a9d7d19cc1d5 |
| SHA256 | 0fdcb4746995f0d5240e5ec11370cb950722a894f3cff4118aa68ccc92010edd |
| CRC32 | B96E65DC |
| ssdeep | 3:yionv//thPlH1kmlS1jmTQ9IyehXhbp:6v/lhPcS5TeIFdhbp |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 380672f7418f917d_403901366-ieretrofit[1].js |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BYECVYBT\403901366-ieretrofit[1].js |
| Size | 26.0KB |
| Processes | 3020 (mshta.exe) |
| Type | ASCII text, with very long lines |
| MD5 | d9c2977027243c55d7c30a91a772a1f5 |
| SHA1 | 04e6c365f6f30ecf2a3c806584289e5dcaae7136 |
| SHA256 | 380672f7418f917d947a24fa2b9cf586ed35030e35696af2f913d1e37ed9cac9 |
| CRC32 | BA1785E0 |
| ssdeep | 384:12aOYTYDWsss8m/LFB9qxCXhHotj3TfL5VMyXufjWFNPvy7e601DeP+eF4MegkQO:12M1H7kqZvy7etojF4Vgj4Dlagz |
| Yara | None matched |
| VirusTotal | Search for analysis |