| Name | a9220271c0eb79e5_d93f411851d7c929.customdestinations-ms |
|---|---|
| Filepath | c:\users\test22\appdata\roaming\microsoft\windows\recent\customdestinations\d93f411851d7c929.customdestinations-ms |
| Size | 7.8KB |
| Processes | 2828 (powershell.exe) |
| Type | data |
| MD5 | b0c9ff441742f3847ea27da9dee7f2cd |
| SHA1 | c42a1eb32ba953a0ce5d8635caabf71b5b281495 |
| SHA256 | a9220271c0eb79e5750e0d0e62058ecac560e09cdf9e82ef61aeeabada5d48a4 |
| CRC32 | 0BBCAB1A |
| ssdeep | 96:RutuCOGCPDXBqvsqvJCwo+utuCOGCPDXBqvsEHyqvJCworSP7Hwxf2lUVul:UtvXoxtvbHnorrxQ |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | ceb9a6e680bb23a6_Oywnaspt.bat |
|---|---|
| Filepath | C:\Users\Public\Libraries\Oywnaspt.bat |
| Size | 56.0B |
| Processes | 2352 (vbc.exe) |
| Type | ASCII text, with no line terminators |
| MD5 | 68f4ee08691dd0fe4c51a11f0baebb9f |
| SHA1 | 73e4897364778851c7479e03429747ed008808c2 |
| SHA256 | ceb9a6e680bb23a6757432e3bd4d1375f59d9c20edd8db7a9b956c5baca5d71e |
| CRC32 | C240C19D |
| ssdeep | 3:LjTnaHF5pBMMjh6OR:rnaH1B/9rR |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 8290cbe88a5ac67b_null |
|---|---|
| Filepath | C:\Users\Public\Libraries\Null |
| Size | 4.0B |
| Processes | 2352 (vbc.exe) |
| Type | ASCII text, with CRLF line terminators |
| MD5 | e3bcb29c771746c03a237523632a1924 |
| SHA1 | 15928370eb05f854a39309b75f836803dacfd7b9 |
| SHA256 | 8290cbe88a5ac67ba0ea3cb3ba689a9339c85b2989c25bd4d21fc3626d7f5d94 |
| CRC32 | 678DC3C8 |
| ssdeep | 3:xvn:pn |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 37c59c8398279916_Cdex.bat |
|---|---|
| Filepath | C:\Users\Public\Libraries\Cdex.bat |
| Size | 155.0B |
| Processes | 2352 (vbc.exe) |
| Type | ASCII text, with no line terminators |
| MD5 | 213c60adf1c9ef88dc3c9b2d579959d2 |
| SHA1 | e4d2ad7b22b1a8b5b1f7a702b303c7364b0ee021 |
| SHA256 | 37c59c8398279916cfce45f8c5e3431058248f5e3bef4d9f5c0f44a7d564f82e |
| CRC32 | 42292F53 |
| ssdeep | 3:LjT5LJJFIf9oM3KN6QNb3DM9bWQqA5SkrF2VCceGAFddGeWLCXlRA3+OR:rz81R3KnMMQ75ieGgdEYlRA/R |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 4ef9821678da0713_OywnaspO.bat |
|---|---|
| Filepath | C:\Users\Public\Libraries\OywnaspO.bat |
| Size | 1.1KB |
| Processes | 2352 (vbc.exe) |
| Type | ASCII text |
| MD5 | df48c09f243ebcc8a165f77a1c2bf889 |
| SHA1 | 455f7db0adcc2a58d006f1630fb0bd55cd868c07 |
| SHA256 | 4ef9821678da07138c19405387f3fb95e409fbd461c7b8d847c05075facd63ca |
| CRC32 | 7D93DD43 |
| ssdeep | 24:oWRjvXo4P3TWMVxf9PjxVN5yV1vYFp85XwdtzgQprH83GTwIxIF:oWZvoaTWMVxpjxdyz48hwf8Qx83GTwsi |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | d24298889be5b50f_psanwyo.url |
|---|---|
| Filepath | C:\Users\Public\Libraries\psanwyO.url |
| Size | 99.0B |
| Processes | 2352 (vbc.exe) |
| Type | MS Windows 95 Internet shortcut text (URL=<file:"C:\\Users\\Public\\Libraries\\Oywnasp.exe">), ASCII text, with CRLF line terminators |
| MD5 | 0d168526349d673ab4c1fc1f603734a8 |
| SHA1 | 88283a73b774112eff8af994d63f086c8518fee3 |
| SHA256 | d24298889be5b50f6bcedeb2154bb812a985aeaf19690c720c2693835af26d57 |
| CRC32 | E00030F2 |
| ssdeep | 3:HRAbABGQYmTWAX+rSF55i0XMcaiysGKd+Uo0Pdyn:HRYFVmTWDyzesbrbU |
| Yara | None matched |
| VirusTotal | Search for analysis |