| Name | cf11d6b3c18d4c02_d93f411851d7c929.customdestinations-ms |
|---|---|
| Filepath | c:\users\test22\appdata\roaming\microsoft\windows\recent\customdestinations\d93f411851d7c929.customdestinations-ms |
| Size | 7.8KB |
| Processes | 2104 (powershell.exe) |
| Type | data |
| MD5 | f2f5505600e2895c007b3ff3cfe3d4aa |
| SHA1 | f0235a3c8056872d55eeef803d1bc33bac37a753 |
| SHA256 | cf11d6b3c18d4c02466b670bcb0394ac49382e6a87ad58d2561f2660922b586c |
| CRC32 | 9AF5ED3C |
| ssdeep | 96:EtuCojGCPDXBqvsqvJCwoJtuCojGCPDXBqvsEHyqvJCworc7HwxGlUVul:Etu6XoJtu6bHnorXxY |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 4b034bbde8127e48_tmp9A85.tmp |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\tmp9A85.tmp |
| Size | 1.5KB |
| Processes | 2792 (vbc.exe) |
| Type | XML 1.0 document, ASCII text |
| MD5 | 3991ed1ddbae062d13fe0e316d8c9d70 |
| SHA1 | 974952733f1227e6a5afcf8239238297947eec23 |
| SHA256 | 4b034bbde8127e48257fafaf596c68fd699ffb458748db768a4218d5d9de2ffe |
| CRC32 | 48E744D5 |
| ssdeep | 24:2di4+S2qhH/1ny1mEUnrKMhEMOFGpwOzNgU3ODOiIQRvh7hwrgXuNtAxvn:cgefAYrFdOFzOzN33ODOiDdKrsuTQv |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 25cc548fb378b68f_logs.dat |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\remcos\logs.dat |
| Size | 144.0B |
| Processes | 2424 (vbc.exe) |
| Type | data |
| MD5 | 843ce9918a23a7c80184e39fa06d42b4 |
| SHA1 | cba23ff0bd5c16662eb5141a03d5a9867d07d4b8 |
| SHA256 | 25cc548fb378b68ffd62803ac58c3dfe50cb42cc2ab6d3a283add754f2c1a6c6 |
| CRC32 | D6050DE3 |
| ssdeep | 3:rnlYcfOlTlNNfpfQ55JWRal2Jl+7R0DAlBG45klovDl6v:PGrNNB65YcIeeDAlOWAv |
| Yara | None matched |
| VirusTotal | Search for analysis |