| Name | 93bbc11cb7be14c5_tmp7D1A.tmp |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\tmp7D1A.tmp |
| Size | 1.5KB |
| Processes | 1792 (purchase order_2022.exe) |
| Type | XML 1.0 document, ASCII text |
| MD5 | d26a8dbcd6d3d6dbc64c6d6f9eaed71f |
| SHA1 | 0a59b0022f09733e3b9db6319e3f49f7bf428c74 |
| SHA256 | 93bbc11cb7be14c5ab3b0ec5321bc4ab94609347ccc19d643cb393e2116501ba |
| CRC32 | 8796EFEF |
| ssdeep | 24:2di4+S2qhH/1ny1mEUnrKMhEMOFGpwOzNgU3ODOiIQRvh7hwrgXuNt2xvn:cgefAYrFdOFzOzN33ODOiDdKrsuT6v |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 043b6ec54651c475_d93f411851d7c929.customdestinations-ms |
|---|---|
| Filepath | c:\users\test22\appdata\roaming\microsoft\windows\recent\customdestinations\d93f411851d7c929.customdestinations-ms |
| Size | 7.8KB |
| Processes | 2688 (powershell.exe) |
| Type | data |
| MD5 | a0fc8d4a2cf5a30130abeb6712fc7885 |
| SHA1 | b403b5b84863e5a3177175138c83ffb567b40e79 |
| SHA256 | 043b6ec54651c475994d2865254b1b30862a2f3bd32593661c043fd2f48f9c7e |
| CRC32 | 449D5C65 |
| ssdeep | 96:ktuC+GCPDXBqvsqvJCwo5tuC+GCPDXBqvsEHyqvJCwor07HwxWlUVul:ktvXo5tvbHnorvxo |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 6549e1aedcec4825_logs.dat |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\remcos\logs.dat |
| Size | 144.0B |
| Processes | 2876 (purchase order_2022.exe) |
| Type | data |
| MD5 | 2fab6e124af72cc5c573a31237d07bc2 |
| SHA1 | a44b6cdba558e80d4efaf2e8da6a915e0e627f78 |
| SHA256 | 6549e1aedcec48253fe4851f9beda79617781ae62bf64b40acc9da276b0705e6 |
| CRC32 | 7B9D8D09 |
| ssdeep | 3:rnlsNlfVlRlOfi5JWRal2Jl+7R0DAlBG45klovDl6v:aNlHp5YcIeeDAlOWAv |
| Yara | None matched |
| VirusTotal | Search for analysis |