| Name | 87dc96c88dfbb963_dtas.dat |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\remcos\dtas.dat |
| Size | 260.0B |
| Processes | 2516 (IE_NET.exe) |
| Type | data |
| MD5 | 2da4d012edc2a662d93cd41991730cf2 |
| SHA1 | 89ebbc47fc5c795047bdbb893b0a98a512c17803 |
| SHA256 | 87dc96c88dfbb963532f548314edd02fb7c9e28928ea98bcb6aa931b37a2ca4f |
| CRC32 | C5AADE0A |
| ssdeep | 6:KltlTfg5YcIeeDAlOWA4dbJWEogltmgXl1oV:KlzQec0WNW+ltZI |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | a51eb251f696457a_qgkou |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\qgkou |
| Size | 435.0B |
| Processes | 2780 (IE_NET.exe) 2516 (IE_NET.exe) |
| Type | ASCII text, with CRLF line terminators |
| MD5 | 453a6b7949477c770a13cfa7e6bcbb6f |
| SHA1 | 387ae697aff4261e610c8a47182c430b4f5e4d5a |
| SHA256 | a51eb251f696457a0ea5efa1291069f2857a5209a1434b42b1c31959fb015564 |
| CRC32 | 4BB1D58F |
| ssdeep | 6:QAXvqKwHNx7hzIRMCADAwzRZvSAmY/SPIFvBnDWncnDWAwb:Qqwz5UMCADzRAGaetyngyAwb |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | b3d510ef04275ca8_glfwuvjapkidcazdwllamnuyibmowejrb |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\glfwuvjapkidcazdwllamnuyibmowejrb |
| Size | 2.0B |
| Processes | 2988 (IE_NET.exe) 2516 (IE_NET.exe) |
| Type | Little-endian UTF-16 Unicode text, with no line terminators |
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| CRC32 | 88F83096 |
| ssdeep | 3:Qn:Qn |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name |
e3b0c44298fc1c14_mwjexwoocoekq
Empty file or file not found
|
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\mwjexwoocoekq |
| Size | 0.0B |
| Type | empty |
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| CRC32 | 00000000 |
| ssdeep | 3:: |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | a9b1dc8eaa5fcd00_d93f411851d7c929.customdestinations-ms |
|---|---|
| Filepath | c:\users\test22\appdata\roaming\microsoft\windows\recent\customdestinations\d93f411851d7c929.customdestinations-ms |
| Size | 7.8KB |
| Processes | 1368 (powershell.exe) |
| Type | data |
| MD5 | c1d8708bab1e838a2deda26d58bb8d42 |
| SHA1 | 95d39e75a804752961c139bb6c0b67f84f685035 |
| SHA256 | a9b1dc8eaa5fcd0034694cf9742ae915a5932142a1477c3ab6fada45d98750b2 |
| CRC32 | E71AF2A2 |
| ssdeep | 96:QtuC6GCPDXBqvsqvJCwoFtuC6GCPDXBqvsEHyqvJCworFS7HwxWlUVul:QtbXoFtbbHnor/xo |
| Yara |
|
| VirusTotal | Search for analysis |