| Name | a9220271c0eb79e5_d93f411851d7c929.customdestinations-ms |
|---|---|
| Filepath | c:\users\test22\appdata\roaming\microsoft\windows\recent\customdestinations\d93f411851d7c929.customdestinations-ms |
| Size | 7.8KB |
| Processes | 2832 (powershell.exe) |
| Type | data |
| MD5 | b0c9ff441742f3847ea27da9dee7f2cd |
| SHA1 | c42a1eb32ba953a0ce5d8635caabf71b5b281495 |
| SHA256 | a9220271c0eb79e5750e0d0e62058ecac560e09cdf9e82ef61aeeabada5d48a4 |
| CRC32 | 0BBCAB1A |
| ssdeep | 96:RutuCOGCPDXBqvsqvJCwo+utuCOGCPDXBqvsEHyqvJCworSP7Hwxf2lUVul:UtvXoxtvbHnorrxQ |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 5a7caad39badd484_null |
|---|---|
| Filepath | C:\Users\Public\Null |
| Size | 4.0B |
| Processes | 2344 (rc.exe) |
| Type | ASCII text, with CRLF line terminators |
| MD5 | 056960930e28db14eaa54f2a494f8625 |
| SHA1 | 1550d1d630f292833cc5b4f251923b5a27b99be0 |
| SHA256 | 5a7caad39badd4848563fe7402f185c7e1ff0a8416b2dbce8fef86137b2d79c3 |
| CRC32 | 16D063A3 |
| ssdeep | 3:Eovn:Eov |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 37c59c8398279916_Cdex.bat |
|---|---|
| Filepath | C:\Users\Public\Cdex.bat |
| Size | 155.0B |
| Processes | 2344 (rc.exe) |
| Type | ASCII text, with no line terminators |
| MD5 | 213c60adf1c9ef88dc3c9b2d579959d2 |
| SHA1 | e4d2ad7b22b1a8b5b1f7a702b303c7364b0ee021 |
| SHA256 | 37c59c8398279916cfce45f8c5e3431058248f5e3bef4d9f5c0f44a7d564f82e |
| CRC32 | 42292F53 |
| ssdeep | 3:LjT5LJJFIf9oM3KN6QNb3DM9bWQqA5SkrF2VCceGAFddGeWLCXlRA3+OR:rz81R3KnMMQ75ieGgdEYlRA/R |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 4b21b81f23b8823c_wscxmxw.url |
|---|---|
| Filepath | C:\Users\Public\wscxmxW.url |
| Size | 88.0B |
| Processes | 2344 (rc.exe) |
| Type | MS Windows 95 Internet shortcut text (URL=<file:"C:\\Users\\Public\\Wxmxcsw.exe">), ASCII text, with CRLF line terminators |
| MD5 | 17ff6ad4ad5c4c7a76c2e193729a284d |
| SHA1 | 9e4e036edfe5cbdc69fda1cafb1a29cdfd8eb989 |
| SHA256 | 4b21b81f23b8823c984ce17521743482259d4f9de7ef6a5ded65a00c2f47d9dd |
| CRC32 | 7E961E42 |
| ssdeep | 3:HRAbABGQYmTWAX+rSF55O2bsGKd6Vyorv:HRYFVmTWDyHbsb/orv |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 1efea0b8c8150730_Wxmxcswt.bat |
|---|---|
| Filepath | C:\Users\Public\Wxmxcswt.bat |
| Size | 46.0B |
| Processes | 2344 (rc.exe) |
| Type | ASCII text, with no line terminators |
| MD5 | 233ceaf59200466c1ae9fb635b240bd7 |
| SHA1 | 6c412a109e50bf438ebb82b53d954a6e46d9c3e6 |
| SHA256 | 1efea0b8c81507302b9775602482a6acdb38bfe34826e30fae172d8d88a23355 |
| CRC32 | 5DC8BE03 |
| ssdeep | 3:LjTnaHF5yRuH+6OR:rnaH4hrR |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 4ef9821678da0713_WxmxcswO.bat |
|---|---|
| Filepath | C:\Users\Public\WxmxcswO.bat |
| Size | 1.1KB |
| Processes | 2344 (rc.exe) |
| Type | ASCII text |
| MD5 | df48c09f243ebcc8a165f77a1c2bf889 |
| SHA1 | 455f7db0adcc2a58d006f1630fb0bd55cd868c07 |
| SHA256 | 4ef9821678da07138c19405387f3fb95e409fbd461c7b8d847c05075facd63ca |
| CRC32 | 7D93DD43 |
| ssdeep | 24:oWRjvXo4P3TWMVxf9PjxVN5yV1vYFp85XwdtzgQprH83GTwIxIF:oWZvoaTWMVxpjxdyz48hwf8Qx83GTwsi |
| Yara | None matched |
| VirusTotal | Search for analysis |