| Name | 83cab12e1cf072f0_zzspqkzr.url |
|---|---|
| Filepath | C:\Users\test22\zzspqkzR.url |
| Size | 89.0B |
| Processes | 2192 (PI_nr_784_(REV).exe) |
| Type | MS Windows 95 Internet shortcut text (URL=<file:"C:\\Users\\test22\\Rzkqpszz.exe">), ASCII text, with CRLF line terminators |
| MD5 | 7edcdce2db5525482847b56ed0dc9ae1 |
| SHA1 | 89530e4d8f8c64d375204a31493bee5c0d6f9f26 |
| SHA256 | 83cab12e1cf072f061b3bfc726143435569bbc782ba5a6dc7e880639d4c539d3 |
| CRC32 | A12E21B4 |
| ssdeep | 3:HRAbABGQYmTWAX+PzRXpsfL4LvsGKd5nuALov:HRYFVmTWDbRXp+mvsb5nPcv |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 043b6ec54651c475_d93f411851d7c929.customDestinations-ms~RF14ade74.TMP |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d93f411851d7c929.customDestinations-ms~RF14ade74.TMP |
| Size | 7.8KB |
| Processes | 1548 (powershell.exe) 2544 (powershell.exe) |
| Type | data |
| MD5 | a0fc8d4a2cf5a30130abeb6712fc7885 |
| SHA1 | b403b5b84863e5a3177175138c83ffb567b40e79 |
| SHA256 | 043b6ec54651c475994d2865254b1b30862a2f3bd32593661c043fd2f48f9c7e |
| CRC32 | 449D5C65 |
| ssdeep | 96:ktuC+GCPDXBqvsqvJCwo5tuC+GCPDXBqvsEHyqvJCwor07HwxWlUVul:ktvXo5tvbHnorvxo |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 37c59c8398279916_Cdex.bat |
|---|---|
| Filepath | C:\Users\test22\Cdex.bat |
| Size | 155.0B |
| Processes | 2192 (PI_nr_784_(REV).exe) |
| Type | ASCII text, with no line terminators |
| MD5 | 213c60adf1c9ef88dc3c9b2d579959d2 |
| SHA1 | e4d2ad7b22b1a8b5b1f7a702b303c7364b0ee021 |
| SHA256 | 37c59c8398279916cfce45f8c5e3431058248f5e3bef4d9f5c0f44a7d564f82e |
| CRC32 | 42292F53 |
| ssdeep | 3:LjT5LJJFIf9oM3KN6QNb3DM9bWQqA5SkrF2VCceGAFddGeWLCXlRA3+OR:rz81R3KnMMQ75ieGgdEYlRA/R |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 4ef9821678da0713_RzkqpszzO.bat |
|---|---|
| Filepath | C:\Users\test22\RzkqpszzO.bat |
| Size | 1.1KB |
| Processes | 2192 (PI_nr_784_(REV).exe) |
| Type | ASCII text |
| MD5 | df48c09f243ebcc8a165f77a1c2bf889 |
| SHA1 | 455f7db0adcc2a58d006f1630fb0bd55cd868c07 |
| SHA256 | 4ef9821678da07138c19405387f3fb95e409fbd461c7b8d847c05075facd63ca |
| CRC32 | 7D93DD43 |
| ssdeep | 24:oWRjvXo4P3TWMVxf9PjxVN5yV1vYFp85XwdtzgQprH83GTwIxIF:oWZvoaTWMVxpjxdyz48hwf8Qx83GTwsi |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 9b161acc782bfb64_Rzkqpszzt.bat |
|---|---|
| Filepath | C:\Users\test22\Rzkqpszzt.bat |
| Size | 47.0B |
| Processes | 2192 (PI_nr_784_(REV).exe) |
| Type | ASCII text, with no line terminators |
| MD5 | 6c63cab99a49555fbf1a6e748e2b32fc |
| SHA1 | df71a75a31e27784201b239f85c72833985fe7d2 |
| SHA256 | 9b161acc782bfb644e2a4a5eaf281abd7ee7bfd8e9ceeaf099841b04ae12bb05 |
| CRC32 | B934320D |
| ssdeep | 3:LjTnmWxpWMYfX/6OR:rnmQpWMyvrR |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | f1b2f662800122be_null |
|---|---|
| Filepath | C:\Users\test22\Null |
| Size | 3.0B |
| Processes | 2192 (PI_nr_784_(REV).exe) |
| Type | ASCII text, with CRLF line terminators |
| MD5 | a5ea0ad9260b1550a14cc58d2c39b03d |
| SHA1 | f0aedf295071ed34ab8c6a7692223d22b6a19841 |
| SHA256 | f1b2f662800122bed0ff255693df89c4487fbdcf453d3524a42d4ec20c3d9c04 |
| CRC32 | 8F93C1E6 |
| ssdeep | 3:p:p |
| Yara | None matched |
| VirusTotal | Search for analysis |