| Name | 4bbb88af530693eb_catalog.dat |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\017BD04F-B3BF-45B6-8167-9E8F41FF87BF\catalog.dat |
| Size | 248.0B |
| Processes | 2412 (WIRE TRANSFER.exe) |
| Type | data |
| MD5 | 061e700fe27d852034a5a44bf5985ccf |
| SHA1 | 15b072de6d6fdd92ae36f074345fa41985833e8d |
| SHA256 | 4bbb88af530693eb4a710b0591d4baf585837242c5690f5a821bf2fc9cc587cd |
| CRC32 | EC5D4D1C |
| ssdeep | 6:X4LDAnybgCFcpJSQwP4d7r3l3TmKEt5mT1DhFtMhXvvHOxHB3GDq:X4LEnybgCFCtvd7bl3ThE4T19FtMhXvs |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | ea1eebb382f346cf_tmp9C5A.tmp |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\tmp9C5A.tmp |
| Size | 1.3KB |
| Processes | 2412 (WIRE TRANSFER.exe) |
| Type | XML 1.0 document, ASCII text, with CRLF line terminators |
| MD5 | 05e5d723d0a6c88d85d251d8f4d07c9e |
| SHA1 | 82362b067a4f23622d968173c5d2d9f1ccf97d15 |
| SHA256 | ea1eebb382f346cf50fb993cb43a37dc9b4181ebea66d7282cce8fbd185aa06e |
| CRC32 | DFBD0279 |
| ssdeep | 24:2dH4+S/4oL600QlMhEMjn5pwjVLUYODOLG9RJh7h8gK0Z6wxtn:cbk4oL600QydbQxIYODOLedq3Yrj |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 111a7c86732db221_task.dat |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\017BD04F-B3BF-45B6-8167-9E8F41FF87BF\task.dat |
| Size | 52.0B |
| Processes | 2412 (WIRE TRANSFER.exe) |
| Type | ASCII text, with no line terminators |
| MD5 | 777499ae558a98d6c841b952931fe535 |
| SHA1 | 450a9241868da8afa660e43c05c8bbb425400bf5 |
| SHA256 | 111a7c86732db221c5d2d748e1bb14bfe74f6dc50bf6a9c495cb14b63ae577f3 |
| CRC32 | B9361B3B |
| ssdeep | 3:oNmWxpcL4E2J5xAIMLcN:oNmQpcLJ23fik |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | a21f48673b8dbe7d_uqlodbvher.exe |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\uqLodbvHeR.exe |
| Size | 965.0KB |
| Processes | 2476 (WIRE TRANSFER.exe) |
| Type | PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows |
| MD5 | 3d6ede6db43836cf8a5304f7e9f3a1cd |
| SHA1 | 30d2b12de4e60751028a551c84480863be1c2b57 |
| SHA256 | a21f48673b8dbe7da46bee32e5669915feee12f09e10829aea3fba9aaab99be1 |
| CRC32 | 81F3A558 |
| ssdeep | 24576:DNA9vakYJIlKpteOxkC6mzdCTBRxqM0Q:pcak0ppvH6I+Bzv |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 13a241353dc4627d_storage.dat |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\017BD04F-B3BF-45B6-8167-9E8F41FF87BF\storage.dat |
| Size | 406.8KB |
| Processes | 2412 (WIRE TRANSFER.exe) |
| Type | data |
| MD5 | e9f2801ed77ec373583ea2554cc3672b |
| SHA1 | acdc53462fb84d7661549d4e7c2c85e7af7c052f |
| SHA256 | 13a241353dc4627d34bc7e8374706d8123a70eda7a98ddec7f0b46ce8b71f9b0 |
| CRC32 | B0B4E6DA |
| ssdeep | 12288:8hZuaXreEfKQ8u3i24t+d+eePEL/Hdc7xcUFT1LGo:4ZuGrf/pyVt+dLe8CcU3r |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | f8098a6290118f29_settings.bin |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\017BD04F-B3BF-45B6-8167-9E8F41FF87BF\settings.bin |
| Size | 40.0B |
| Processes | 2412 (WIRE TRANSFER.exe) |
| Type | data |
| MD5 | 4e5e92e2369688041cc82ef9650eded2 |
| SHA1 | 15e44f2f3194ee232b44e9684163b6f66472c862 |
| SHA256 | f8098a6290118f2944b9e7c842bd014377d45844379f863b00d54515a8a64b48 |
| CRC32 | C6B6460B |
| ssdeep | 3:9bzY6oRDT6P2bfVn1:RzWDT621 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | bb9181b3935b8681_tmp9D26.tmp |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\tmp9D26.tmp |
| Size | 1.3KB |
| Processes | 2412 (WIRE TRANSFER.exe) |
| Type | XML 1.0 document, ASCII text, with CRLF line terminators |
| MD5 | be81f72fa4dbc827132836ee2af92c96 |
| SHA1 | fe5ded04ab4932dea6cf414e9e4428f43da70d03 |
| SHA256 | bb9181b3935b8681a71b578f8166883e61380de6181df82d05f14829323fbf0f |
| CRC32 | 7AA438E3 |
| ssdeep | 24:2dH4+S/4oL600QlMhEMjn5pwjVLUYODOLG9RJh7h8gK0Rb5xtn:cbk4oL600QydbQxIYODOLedq3Sb5j |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 0024bda2f446aa4f_run.dat |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\017BD04F-B3BF-45B6-8167-9E8F41FF87BF\run.dat |
| Size | 8.0B |
| Processes | 2412 (WIRE TRANSFER.exe) |
| Type | Non-ISO extended-ASCII text, with no line terminators |
| MD5 | e6490789faa10fecf61d42f038e0528c |
| SHA1 | a05fb2ff87a0c998204b50fb59398e35162a5480 |
| SHA256 | 0024bda2f446aa4f2b7373715c805df401ee3dd00c7d2d7e5e0aa6531f050b64 |
| CRC32 | 8C79389D |
| ssdeep | 3:HKG:qG |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | ee6835381ddf9958_tmp9891.tmp |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\tmp9891.tmp |
| Size | 1.6KB |
| Processes | 2476 (WIRE TRANSFER.exe) |
| Type | XML 1.0 document, ASCII text, with CRLF line terminators |
| MD5 | 5c2ef74a348ccf8d64fdc9f514788493 |
| SHA1 | 1c6f37bb2713ec164a4d1d64bf88a1f1bd6dd90e |
| SHA256 | ee6835381ddf9958e6bbbd05828f2e65ef6dfdf302842edcdd533cb004502ac0 |
| CRC32 | 97D68C17 |
| ssdeep | 24:2dH4+SEqCH/7IlNMFQ/rlMhEMjnGpwjpIgUYODOLD9RJh7h8gKBAXtn:cbhf7IlNQQ/rydbz9I3YODOLNdq3y9 |
| Yara | None matched |
| VirusTotal | Search for analysis |