| Name | 77c7c10b4c860d5d_gpt.ini |
|---|---|
| Filepath | C:\Windows\SysWOW64\GroupPolicy\gpt.ini |
| Size | 11.0B |
| Processes | 2536 (bugai.exe) |
| Type | ASCII text, with CRLF line terminators |
| MD5 | ec3584f3db838942ec3669db02dc908e |
| SHA1 | 8dceb96874d5c6425ebb81bfee587244c89416da |
| SHA256 | 77c7c10b4c860d5ddf4e057e713383e61e9f21bcf0ec4cfbbc16193f2e28f340 |
| CRC32 | E4327249 |
| ssdeep | 3:1EX:10 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 23a6923d702b21b9_CrashpadMetrics.pma |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Google\Chrome\User Data\CrashpadMetrics.pma |
| Size | 1.0MB |
| Type | data |
| MD5 | 337a58cc6d58b4b8b5251bd926853dc9 |
| SHA1 | 9981d026a4e40884c774f544d95a30720aa79e9f |
| SHA256 | 23a6923d702b21b942bf9fc741aa935e74439f5b31434abbe4db15cf2ee7b3d3 |
| CRC32 | EC355634 |
| ssdeep | 24:bqQOMzBS+Mk0/JvWoMeigpDLUBYWC/D/Wo:btO1+M9vWougpD4GWA/Wo |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 2edb10b76900cb13_recoverystore.{aac4cddb-cc55-11ee-948e-94de278c3274}.dat |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{AAC4CDDB-CC55-11EE-948E-94DE278C3274}.dat |
| Size | 4.5KB |
| Processes | 1728 (iexplore.exe) |
| Type | Composite Document File V2 Document, Cannot read section info |
| MD5 | a6a1c0e4687174c08b977253ddbe0cc2 |
| SHA1 | 361b325864d2d6494289cce4e0f8348413f6c3c0 |
| SHA256 | 2edb10b76900cb131f425447b5d42af6ee45e0fe46b7dbd74c48a024b06e3cf5 |
| CRC32 | 49B4840E |
| ssdeep | 12:rlfF2GSrEg5+IaCrI0F7+F2mrEg5+IaCrI0F7ugQNlTqbaxZbU0NlTqbaxZbUR:rq15/1m5/3QNlWURNlWU |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 7ee927529f7108d8_BrowserMetrics-63327DF3-A54.pma |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-63327DF3-A54.pma |
| Size | 8.0MB |
| Type | data |
| MD5 | 2f83a72f095bc42146a77940353d776c |
| SHA1 | 7b525857dbae3b79cce3f836475604f46d60008a |
| SHA256 | 7ee927529f7108d85841c07e1d05bafa82cb7d5a9a0db3ad9cf804c5a7b1632e |
| CRC32 | 1A7C42BC |
| ssdeep | 6144:H9LG+zeL7c/lhRgdTTEDtsHVdUXaHmVGKPFIrgHkjdr:t6bcF |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | c6566d8c066b2881_1QRYYPWQ.txt |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\Microsoft\Windows\Cookies\1QRYYPWQ.txt |
| Size | 129.0B |
| Processes | 1400 (iexplore.exe) |
| Type | ASCII text |
| MD5 | 4cf119358cb52bb31a0f911d663fd375 |
| SHA1 | 185cf415f606d7cd2c7b0b7fa25035eb98771e18 |
| SHA256 | c6566d8c066b288191210192f93301996adc57abdd64bcd55cce67ebf25af3ef |
| CRC32 | 716AA378 |
| ssdeep | 3:LDM8vUaCeqUQV3UYKuGffEvERLKJ3uJcSMMCbUwlgSvWzdc:Lg+lCeCUYKNTx0+SVvZf |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 4993311fc913771a_passwords.txt |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\adoberNjfZiCfxizH\passwords.txt |
| Size | 4.8KB |
| Processes | 2536 (bugai.exe) |
| Type | UTF-8 Unicode text, with CRLF, LF line terminators |
| MD5 | b3e9d0e1b8207aa74cb8812baaf52eae |
| SHA1 | a2dce0fb6b0bbc955a1e72ef3d87cadcc6e3cc6b |
| SHA256 | 4993311fc913771acb526bb5ef73682eda69cd31ac14d25502e7bda578ffa37c |
| CRC32 | FDAE46B8 |
| ssdeep | 48:4MMMMMMMMMMdMMMM1MMMMMMMM1MMMMMMMM1MMMMMMMM1MMMMMMMMMMdMMMMMMMM3:q |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 5417c9867cbb03f6_db44a753-a558-4425-b26d-ccd1fdec8b29.dmp |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\db44a753-a558-4425-b26d-ccd1fdec8b29.dmp |
| Size | 83.7KB |
| Processes | 3856 (firefox.exe) 3688 (firefox.exe) 3824 (firefox.exe) 3124 (chrome.exe) 2900 (chrome.exe) |
| Type | Mini DuMP crash report, 11 streams, Fri Feb 16 04:18:56 2024, 0x820 type |
| MD5 | 84ea9ba6af433a93197db5f375ee1989 |
| SHA1 | bfe73ed0c8c3a49b51b9ebde4afcc9b0d1c46079 |
| SHA256 | 5417c9867cbb03f67569ea2e5b6bb7a62d4e485004c81d44c3fdaafd74a8ab5d |
| CRC32 | FC1E9A3F |
| ssdeep | 384:6MR7+jVlFlly3fxBmy9Dwefq/o/AfyltBydYIs6kSLyxMQofRVV07:TRSjTlKDVDwyh/AA6cx97 |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 1b2d057855959b46_105cab5e-fe13-4add-a906-7d615852a790.dmp |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\105cab5e-fe13-4add-a906-7d615852a790.dmp |
| Size | 86.6KB |
| Processes | 3856 (firefox.exe) 3688 (firefox.exe) 3824 (firefox.exe) |
| Type | Mini DuMP crash report, 11 streams, Fri Feb 16 04:18:54 2024, 0x820 type |
| MD5 | 1d24cd3052a8a832efdc69687c28f8c8 |
| SHA1 | bf66eb5f578f381fe6f1e99f41842bff296d0bc5 |
| SHA256 | 1b2d057855959b468ed8ce7e2c9f9ecbc10bdb2fcae16d06584c572297ef8ce1 |
| CRC32 | B3C4D33F |
| ssdeep | 384:dYSnDP+ly3e86OymyF48G6oSm5b7biI0l6Yf+NDjZgnGatzrS5:dYSDGl786/N48G6oSm53uIQMvZgo5 |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 92bbaf30871bd32d_gpt.ini |
|---|---|
| Filepath | C:\Windows\System32\GroupPolicy\gpt.ini |
| Size | 272.0B |
| Processes | 2536 (bugai.exe) |
| Type | ASCII text, with CRLF line terminators |
| MD5 | 7d7b2946708e5254b8996d3ae964e0a7 |
| SHA1 | 01e350de5cf78dd1ba5e8686fee884ff0f240e95 |
| SHA256 | 92bbaf30871bd32d6fe34a6df757ad8acd375552918a80c45c935091c9df729e |
| CRC32 | 71B0380C |
| ssdeep | 6:1WsMzYHxbnvEcvg+5Rnn3jGoanMzYHxbnPonn3k:1q0Hxbnt4UaM0HxbnX |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 35edc1637118da09_{aac4cddc-cc55-11ee-948e-94de278c3274}.dat |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{AAC4CDDC-CC55-11EE-948E-94DE278C3274}.dat |
| Size | 9.0KB |
| Processes | 1728 (iexplore.exe) |
| Type | Composite Document File V2 Document, Cannot read section info |
| MD5 | 0dfd01714f38a3133763dcfd2b916ede |
| SHA1 | 9c85e05c47cb6e2092e4bd0dadd853c6ad9e4872 |
| SHA256 | 35edc1637118da0989d09311a3ee6ee31c471dc74b30601685990f9536e65b80 |
| CRC32 | 6CB746A5 |
| ssdeep | 192:b3H7DTqt3vDTTcN3HR7DTI3H7DTa3H7DTI3H7DT9A+fU3H7DTs:zTq5TTcTTaTsTaT+hT |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | d165267fbd00a6c8_information.txt |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\adoberNjfZiCfxizH\information.txt |
| Size | 2.8KB |
| Processes | 2536 (bugai.exe) |
| Type | ASCII text, with CRLF, LF line terminators |
| MD5 | fa110f59022255c71b441ae5024ee4cd |
| SHA1 | ac7e2e46fc97b1ae406299cd7417f0e4d7a511a8 |
| SHA256 | d165267fbd00a6c83345fbf43d43bdca777a92b956b1e295db46946836d8b0fc |
| CRC32 | EFC6973A |
| ssdeep | 48:x+wbtaFcnO+YrRTF/SOI04cydMtffVPh3RxoGE+ruTBAT+iaNp+WRhatp++CZGd/:x+qrODZFc1BmtfNP/EpTaoQuatp+9Md/ |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 51e31c0ebeaf2df3_sbqkwyxbcah1ikaombtb.exe |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\heidirNjfZiCfxizH\sbQkWyxbcah1ikaoMbtb.exe |
| Size | 2.9MB |
| Processes | 2536 (bugai.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | 0a37b64351e64205c95fc805f739800f |
| SHA1 | fcffd376a45298974eb1c02fc4c54d91236a0c67 |
| SHA256 | 51e31c0ebeaf2df39f41fa30bc1c7cc2d31ed0688e923a3f8d009a20fe7334fe |
| CRC32 | 2EB4A0BD |
| ssdeep | 49152:yb9pvkMLOozFLoR/e6bsFdrIJusWbVmpcr34sBb3I0OVP0S0AdWQSr:ykM25sroubbg6DBbjjS0Kw |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 16187ff9b5096b21_D87fZN3R3jFeplaces.sqlite |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\heidirNjfZiCfxizH\D87fZN3R3jFeplaces.sqlite |
| Size | 5.0MB |
| Type | SQLite 3.x database, user version 69, last written using SQLite version 3038003 |
| MD5 | 837705c24eaa032145b6f82119af4eea |
| SHA1 | 7d38a13b37105ef0f6c24c585de581949616f32c |
| SHA256 | 16187ff9b5096b217d405d1492c115a096f8d63d72befbf5851e19b61581f857 |
| CRC32 | 8BF87D31 |
| ssdeep | 192:StsqHQnwkYjcoBMc+uK6ik4QtjJz3ig48pp0:StsbwVTBMc+uK6ikPpJz3E8 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 5a3ec8851acd1bb6_CrashpadMetrics.pma |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Google\Chrome\User Data\CrashpadMetrics.pma |
| Size | 1.0MB |
| Type | data |
| MD5 | aea7ffdba870ea9d59d542f890fecc8c |
| SHA1 | 2efe83750eebdfacc148d376cc4edfdf8e5d2ac9 |
| SHA256 | 5a3ec8851acd1bb62d270e9bdca9625da9f34df69ef39608bc2ce3de68960056 |
| CRC32 | CB7B9D10 |
| ssdeep | 12:bHiZXAVMMOKEKSCemJKlkQPdl/JG89Hy3aJ0oMFgigpCbUycIXuYJ05:bwQOMzBS+Mk0/JvWoMeigp1y5eYW |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | a12f70cecb358903_BrowserMetrics-65CEE219-B50.pma |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-65CEE219-B50.pma |
| Size | 8.0MB |
| Type | data |
| MD5 | cd0ad50fdfa835c81764ae2bbba3b5dc |
| SHA1 | 8bcbe4cb5042e31da24bab16fbacd3448d0ca2e0 |
| SHA256 | a12f70cecb35890327dc0d83c1323cb102bfa9855c7a08740096ec6bec86edc0 |
| CRC32 | FBC3580D |
| ssdeep | 192:PWh5KH1LepNiLbkmlsStfjNkokLrNs9PcYoxsA3h:PWhqLyMbneStftkLruEYoa |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 8fc392fc3f1a8abb_rage131mp.tmp |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\rage131MP.tmp |
| Size | 13.0B |
| Processes | 2536 (bugai.exe) 2992 (sbQkWyxbcah1ikaoMbtb.exe) 2300 (6Lfr2_JvDPSQIOljUsEY.exe) |
| Type | ASCII text, with no line terminators |
| MD5 | 593739a39020ca1dea52899b25223e89 |
| SHA1 | bbd0afa0f1aad07d10570fc4a2a701f61ef788b4 |
| SHA256 | 8fc392fc3f1a8abb3260a32b7313e35a81c65201799d11db223b1c21ca24b850 |
| CRC32 | AF29E81A |
| ssdeep | 3:L34Kcn:L4H |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | f09a1da9254c50be_pxsw3osysmisxjvs2lh2.exe |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\heidirNjfZiCfxizH\PXsW3OSySmisXJvS2lh2.exe |
| Size | 1.6MB |
| Processes | 2536 (bugai.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | a3efb2cf929e231090f931e61d96a068 |
| SHA1 | 9c2ad185b053223a8ea7b25e9172a3c32d9f8085 |
| SHA256 | f09a1da9254c50be7d5a6e2fe026757500ea61a08aec53e523d3f068e28d0b4d |
| CRC32 | DC8D5428 |
| ssdeep | 24576:XV+xLXibSH0TVWakVrDOOpPKklgrHCh3/e59a4ekmQ0tjR771ABd0CCw:X4ADEfpPlgr3v/KdjR7pABSCC |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 826172f90aa17ba8_registry.pol |
|---|---|
| Filepath | C:\Windows\System32\GroupPolicy\Machine\Registry.pol |
| Size | 6.2KB |
| Processes | 2536 (bugai.exe) |
| Type | data |
| MD5 | 05c4079110b8f65ec083182e2d870e04 |
| SHA1 | 0b2d16dd8575c6f87c6bd66267cdf8eaba363a11 |
| SHA256 | 826172f90aa17ba887682da7277b444c06513177653d727acbb146a2308af3a7 |
| CRC32 | 8B58FA6A |
| ssdeep | 192:FlRRCDN74hvoD5KL0+fLfYT7CcAzXEP0IhYY4WwDiZ:nRRCDN74hvoDEL0+fLf27CcAzXEP02Y0 |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 4deb8a4d5457b03e_105cab5e-fe13-4add-a906-7d615852a790 |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\Mozilla\Firefox\Crash Reports\events\105cab5e-fe13-4add-a906-7d615852a790 |
| Size | 816.0B |
| Processes | 3856 (firefox.exe) |
| Type | ASCII text, with very long lines |
| MD5 | 3068004fd7e686e7aff76c2a54eec37b |
| SHA1 | 45f64ea2b3dbc17f989f9ed2fdee96c1a6b62caf |
| SHA256 | 4deb8a4d5457b03ef8ce796e92d1d18a70c127f374716c49a3740864532a59fe |
| CRC32 | 7C93F68C |
| ssdeep | 12:8d9SGTvJijyKBS4zQqMuSH9zJiFnpefTjJxpQmVijpQJiFAF8Gn:LQkjyK7v969VYpipQmVijpQJiF68G |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 699a6295a0a9d8a3_lastcrash |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\Mozilla\Firefox\Crash Reports\LastCrash |
| Size | 10.0B |
| Processes | 3856 (firefox.exe) 3688 (firefox.exe) 3824 (firefox.exe) |
| Type | ASCII text, with no line terminators |
| MD5 | 54fb7843ceb19034e2d2c6ab3bfd7f28 |
| SHA1 | 9f838043938f3f1ba289556c2ee205f52591f9f2 |
| SHA256 | 699a6295a0a9d8a3755bbe1cbfa1c74d52b009f7b50a190c5690fceadfc00f9c |
| CRC32 | A4F7BF46 |
| ssdeep | 3:L3f:Lf |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 218f51ee50442775_accounts_google_com[1].htm |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\accounts_google_com[1].htm |
| Size | 311.0B |
| Processes | 1400 (iexplore.exe) |
| Type | gzip compressed data |
| MD5 | 25cdb9465730ab9112852181df21e47a |
| SHA1 | 5c39c2ed239205513a7930c5b585a3614b65841d |
| SHA256 | 218f51ee50442775e7dc75512df01f8fbc4645837dfcfb71bbc9506207b0b79d |
| CRC32 | A9E18DC7 |
| ssdeep | 6:XtXltC/VGTGbeytJPlU8SXCtnx2vPjUe+VZ/tif5YcADh/EpMyztr:XNGGyXUXCtnKPozTixnANEpMo |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 7b6841e5095fc29f_db44a753-a558-4425-b26d-ccd1fdec8b29.extra |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\db44a753-a558-4425-b26d-ccd1fdec8b29.extra |
| Size | 755.0B |
| Processes | 3688 (firefox.exe) |
| Type | ASCII text, with very long lines, with no line terminators |
| MD5 | 12b874016330f46a763111721de71ffa |
| SHA1 | 848b1d81b5a873df42678335d4fb522fdc6b6256 |
| SHA256 | 7b6841e5095fc29fef18355a6305312a2d730d7ae2073ef7308bd6a94e3ea03f |
| CRC32 | 1C9D4AED |
| ssdeep | 12:YNTvJijyKBS4zQqMuSHzGJiFujpk3TjJxpQwujscijpQJin8M/J+n:YRkjyK7v96zKjpkfpQwujscijpQJin8B |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 5ee454eb05fcbbc0_02zdBXl47cvzHistory |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\heidirNjfZiCfxizH\02zdBXl47cvzHistory |
| Size | 120.0KB |
| Type | SQLite 3.x database, last written using SQLite version 3021000 |
| MD5 | 64202674f6acaafa94c3390b0cc720b9 |
| SHA1 | 38c8537feccfaabb095805d290af69272aeb32f1 |
| SHA256 | 5ee454eb05fcbbc0ac1ff5662ba2be1f22688ddb97d3cc357d4da5cff5b5e5e9 |
| CRC32 | 3685166F |
| ssdeep | 48:TGjDU66tTKfxNPp+suktLReRK+NaUvdWSZ00LTL0drQHHp7C5fVcS2+VANUXq6uG:BeJQpWSZ00LTL0QCbc0VANPjwQU+ |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 1cb8342788de1da8_6lfr2_jvdpsqioljusey.exe |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\heidirNjfZiCfxizH\6Lfr2_JvDPSQIOljUsEY.exe |
| Size | 2.2MB |
| Processes | 2536 (bugai.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | 4333e2e4d769199999e8a292a5de20b5 |
| SHA1 | b8ba7c79b8934c82a220276f210c541fd4744aae |
| SHA256 | 1cb8342788de1da8dee3d7cd069ff71aef465699eacde4cdc5fe293285d6285d |
| CRC32 | 48195F1A |
| ssdeep | 49152:bIKHh5eYtg0ApNGo7kywD1zFtlSbjVP9kOdGCsa2AQLb+YCGWiuy2f/7wjm2:bIKB5eqg0mNGPBJzFg9kw+LbrTWnfE |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 93090c2a54a3de14_oro_4wechygkamjslpqm.exe |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\heidirNjfZiCfxizH\orO_4WECHYgkaMJSLpQM.exe |
| Size | 896.5KB |
| Processes | 2536 (bugai.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | e683f3c17ea10e52ae441cf78083dc07 |
| SHA1 | 212a3c08487553975ed8ff339d1600a668bc4c87 |
| SHA256 | 93090c2a54a3de148987306c93e205edd2ad909f48d8a4795075327571d52cc1 |
| CRC32 | 1CBC9F70 |
| ssdeep | 12288:nqDEvFo+yo4DdbbMWu/jrQu4M9lBAlKhQcDGB3cuBNGE6iOrpfe4JdaDgazTG:nqDEvCTbMWu7rQYlBQcBiT6rprG8aHG |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 6bfbfc7d4f2685c2_db44a753-a558-4425-b26d-ccd1fdec8b29 |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\Mozilla\Firefox\Crash Reports\events\db44a753-a558-4425-b26d-ccd1fdec8b29 |
| Size | 816.0B |
| Processes | 3688 (firefox.exe) |
| Type | ASCII text, with very long lines |
| MD5 | 37d5154ee069a7ee48ef1d855f19176b |
| SHA1 | a7b97bfc9f187ee4e29c0d5c6e757dcfcb42c6b9 |
| SHA256 | 6bfbfc7d4f2685c2dc433e01688bd4b210c2adb2f22588095f90e5cb24db4eca |
| CRC32 | D6D37AD5 |
| ssdeep | 12:8dmcTvJijyKBS4zQqMuSHzGJiFujpp4TjJxpQqcijpQJiq8MTsNJ+n:VmkjyK7v96zKjpEpQ1ijpQJiq8MTsb+ |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 512e4e95427a8c66_5lop_S5WM5ERCookies |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\heidirNjfZiCfxizH\5lop_S5WM5ERCookies |
| Size | 36.0KB |
| Type | SQLite 3.x database, last written using SQLite version 3021000 |
| MD5 | f4c540f52d5c08d24a79805eda1d7abf |
| SHA1 | 22be46826df7693f58736adb232ab2da790f2571 |
| SHA256 | 512e4e95427a8c66b2993b27bb23d99cdab2ebd6e9e8937c7f6a39ed8c6a5b94 |
| CRC32 | 95C9FB3A |
| ssdeep | 24:TLmg/5UcJOyTGVZTPaFpEvg3obNmCFk6Uwcc85fB34444z:T5/ecVTgPOpEveoJZFrU1cQB34444z |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | e4944e9820c05c04_560e8fa4-00d7-4f91-9040-d97eef083729.dmp |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\Mozilla\Firefox\Profiles\qxo5wa6x.default-release\minidumps\560e8fa4-00d7-4f91-9040-d97eef083729.dmp |
| Size | 91.0KB |
| Processes | 3824 (firefox.exe) 3688 (firefox.exe) 3856 (firefox.exe) |
| Type | Mini DuMP crash report, 11 streams, Fri Feb 16 04:19:04 2024, 0x820 type |
| MD5 | c3829e36ffefcf8f2ffb5ce5760fc17e |
| SHA1 | fa55150fc3c74e4ed14988d9970f95250df8f9ed |
| SHA256 | e4944e9820c05c04629a62a41640d03059bcc3b49f451b9de9c86203177b9b9f |
| CRC32 | 290A4291 |
| ssdeep | 768:c/KQolo/ODjJC6aTk61vEQfH6RcTkHASkD:cbDqD0k61vE1TU |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 7cb4711b43c1e13b_BrowserMetrics-65CEE20E-8D4.pma |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-65CEE20E-8D4.pma |
| Size | 8.0MB |
| Type | data |
| MD5 | dd1182ff92edd5ce2b77268fc54ad031 |
| SHA1 | d893319bdd490d44f9dcbcd7fcd0fe7d7d7abce3 |
| SHA256 | 7cb4711b43c1e13bbfba847ae27bc6f227a1987fdc3fd356fbb45c988676dfd2 |
| CRC32 | 27ED3F00 |
| ssdeep | 192:1eh5KH1LepNNAfHkkxSkLhdBG83VpV+HPvaQLxRK3RvzJTf66r+tbEfH:1ehqLyePVSkLzBGSKHaWWJb |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 0a3a7c8154bb4531_y2p55ffqeflccz1qkquc.exe |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\heidirNjfZiCfxizH\y2p55fFqEFlCcZ1qkquc.exe |
| Size | 1.1MB |
| Processes | 2536 (bugai.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | 73899f2a03b4420dca9c9aa4349a3bf2 |
| SHA1 | c08901f881990ff2accb1611e213314df65c08a7 |
| SHA256 | 0a3a7c8154bb4531691366c33bd545c23e1404572bba3a8b215e6346e9e78532 |
| CRC32 | 709D477A |
| ssdeep | 24576:7qDEvCTbMWu7rQYlBQcBiT6rprG8aur2+b+HdiJUC:7TvC/MTQYxsWR7aur2+b+HoJU |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 8c399d572fde3620_CrashpadMetrics.pma |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Google\Chrome\User Data\CrashpadMetrics.pma |
| Size | 1.0MB |
| Type | data |
| MD5 | dfc07e11681034b9f9781cc5748df2a7 |
| SHA1 | e698751b41ca98ef30bb0cd090980a98031264e6 |
| SHA256 | 8c399d572fde362069fae03a6d8a23f91cf8b12aaaac3248d4d76050ad519b4c |
| CRC32 | 9F7561AB |
| ssdeep | 24:bwQOMzBS+Mk0/JvWoMeigpDLUBYWGDzbWo15NI9W5:b/O1+M9vWougpD4GWcHWo1mW |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 47e8c741f0a1afc6_vBiy5xYYwazXxYGulhs1Cuo.zip |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\vBiy5xYYwazXxYGulhs1Cuo.zip |
| Size | 1.6KB |
| Processes | 2536 (bugai.exe) |
| Type | Zip archive data, at least v2.0 to extract |
| MD5 | 7931a0326f3585b592b20cde937593a0 |
| SHA1 | 7987a93feec0a95844ebed27c21016adbfea5717 |
| SHA256 | 47e8c741f0a1afc69b6e93c6e5861c4fd0299b0b8edbf74b15d8a360ff5695ec |
| CRC32 | 4DE6091D |
| ssdeep | 48:9yN9O0Bit1EP8+GG2UQarvYXh19n3KJ6Xvw:QhiIE9farvy3KJ5 |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | cd9b834533e77436_560e8fa4-00d7-4f91-9040-d97eef083729 |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\Mozilla\Firefox\Profiles\qxo5wa6x.default-release\crashes\events\560e8fa4-00d7-4f91-9040-d97eef083729 |
| Size | 815.0B |
| Processes | 3824 (firefox.exe) |
| Type | ASCII text, with very long lines |
| MD5 | 45ad46bf483daf08b8a812ef110e5a22 |
| SHA1 | 1e3263bb7b2f0adc388ec80699189c29414ab530 |
| SHA256 | cd9b834533e77436543778ccac6cf5c81c41bf7b889a2a632f29e8e54dbed7ff |
| CRC32 | 79FF7FCD |
| ssdeep | 12:8dvSNTvJijyKBS4zQqMuSHuJiFmHwpTpxTjJxpQnmijpQJi90F8RS+n:TkjyK7v96SmpT/pQnmijpQJiyF8/ |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | d2bd179b34163946_BrowserMetrics-65CEE20E-8D4.pma |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-65CEE20E-8D4.pma |
| Size | 8.0MB |
| Type | data |
| MD5 | 15f278060bdde96cd6158b6b8aa4fe57 |
| SHA1 | ec3fccc453a2046ab483191952458f2c8fdd9f15 |
| SHA256 | d2bd179b3416394667c6f898fa62ae71af55ad68057312114adb064812417de1 |
| CRC32 | 60484D41 |
| ssdeep | 96:bBW3Hu3M05KJF1LelP8sN5MopAd6p3KZshAc2SO2nVASk4Lcrx8v7ULqkzoU:0eh5KH1LepNNAfHmkxSULho |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 0b8607fdf72f3e65_02zdBXl47cvzcookies.sqlite |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\heidirNjfZiCfxizH\02zdBXl47cvzcookies.sqlite |
| Size | 96.0KB |
| Type | SQLite 3.x database, user version 12, last written using SQLite version 3038003 |
| MD5 | d367ddfda80fdcf578726bc3b0bc3e3c |
| SHA1 | 23fcd5e4e0e5e296bee7e5224a8404ecd92cf671 |
| SHA256 | 0b8607fdf72f3e651a2a8b0ac7be171b4cb44909d76bb8d6c47393b8ea3d84a0 |
| CRC32 | 842B3569 |
| ssdeep | 12:DQAwfWk73Fmdmc/OPVJXfPNn43etRRfYR5O8atLqxeYaNcDakMG/lO:DQAwff32mNVpP965Ra8KN0MG/lO |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 1beb05868ce93bcc_IE9CompatViewList[1].xml |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTDTA402\IE9CompatViewList[1].xml |
| Size | 141.8KB |
| Type | XML 1.0 document, ASCII text, with CRLF line terminators |
| MD5 | 9b63e0fb3785ffa49686dd75e303d177 |
| SHA1 | e3992de5a1b8f58a11a52ad71f275ae413927eb4 |
| SHA256 | 1beb05868ce93bcc8fafc46adccdda6d104f3c6f6c6ed454d8a6c0c208d9bd0e |
| CRC32 | F778EDEF |
| ssdeep | 3072:AoSMrEDL1FwhdFFaz6l8vHG+TbFPAzepobjyG7I1K1IB2+Tir8v1IG9aIedyPcFC:dSMrEDL1FwhdFFaz6l8vHG+TbFPAzepR |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 7e932bf8c1ad4d69_105cab5e-fe13-4add-a906-7d615852a790.extra |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\105cab5e-fe13-4add-a906-7d615852a790.extra |
| Size | 755.0B |
| Processes | 3856 (firefox.exe) |
| Type | ASCII text, with very long lines, with no line terminators |
| MD5 | a1d897408d091f696293ded01df9bce4 |
| SHA1 | 887112fb9da4a07e77e30ccd645f4fdb001f9236 |
| SHA256 | 7e932bf8c1ad4d691f6125d78587f7fc202c4232e43b92ac2d22cfcc1ac82574 |
| CRC32 | ED9CBFC5 |
| ssdeep | 12:YNTvJijyKBS4zQqMuSH9zJiFepefTjJxpQz5tdijpQJiL/w8S5en:YRkjyK7v969VxpipQ1tdijpQJik8n |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | dd060177b0bd9b00_nujwlr1e.txt |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\Microsoft\Windows\Cookies\NUJWLR1E.txt |
| Size | 129.0B |
| Processes | 1400 (iexplore.exe) |
| Type | ASCII text |
| MD5 | 35dddda91482f271b18e98a2ca86d893 |
| SHA1 | be1d49be4812ffdd9d8fea51629da8aa2757b79e |
| SHA256 | dd060177b0bd9b00202a2fba3b270dbd8c18e04f4ef950d0ccfece6050351a91 |
| CRC32 | 488D4262 |
| ssdeep | 3:LDM8vUAbsmVWcIFWVfQ/tQKJ3uJcSMMEVnUwlOtdvEdc:Lg+/rGWVWQ0+SVPdqvn |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | bbc59eb43822e646_Ei8DrAmaYu9KLogin Data |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\heidirNjfZiCfxizH\Ei8DrAmaYu9KLogin Data |
| Size | 18.0KB |
| Type | SQLite 3.x database, last written using SQLite version 3021000 |
| MD5 | 53ea322f91d6f0de8448b68583284d22 |
| SHA1 | b6c835867fbf7e432b834f7366eb0407f3eebbfa |
| SHA256 | bbc59eb43822e64660cc4ccbca37d6dc016eaa9b85b2c6f5b40826bb03188b34 |
| CRC32 | CA013001 |
| ssdeep | 24:LLY10KL7G0TMJHUyyJtmCm0XKY6lOKQAE9V8MffD4fOzeCmly6Uwc6ocW:4z+JH3yJUheCVE9V8MX0PFlNU12W |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | a5d9970189b4fdd7_560e8fa4-00d7-4f91-9040-d97eef083729.extra |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\Mozilla\Firefox\Profiles\qxo5wa6x.default-release\minidumps\560e8fa4-00d7-4f91-9040-d97eef083729.extra |
| Size | 754.0B |
| Processes | 3824 (firefox.exe) |
| Type | ASCII text, with very long lines, with no line terminators |
| MD5 | f338c428d7ff366af82c97e6bd986b96 |
| SHA1 | 85e620fcd07a2f336b6ea28b14ece283ee5e3596 |
| SHA256 | a5d9970189b4fdd79eb4d9fe629cc23d3e5cc993a7a8081e607cd9bc3b49c580 |
| CRC32 | CB209574 |
| ssdeep | 12:YNTvJijyKBS4zQqMuSHuJiFmHwpTpxTjJxpQnm+ijpQJice8hn:YRkjyK7v96SmpT/pQnm+ijpQJih8h |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | d37fcb160d37cfdd_settings.dat |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat |
| Size | 40.0B |
| Processes | 2260 (chrome.exe) 2896 (chrome.exe) 1064 (chrome.exe) 3124 (chrome.exe) |
| Type | data |
| MD5 | a3122d4670c51912628b97bdd6fffb80 |
| SHA1 | 45d2e3060e09f46071125d6125983c81ae4970a1 |
| SHA256 | d37fcb160d37cfddefea794094044b7e588d44c4883c72ba0ef1503e5f9c7d59 |
| CRC32 | 77809701 |
| ssdeep | 3:FkXD3WyqUm:+ix |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 8e180d6fdb4c6bbe_BrowserMetrics-65CEE222-428.pma |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-65CEE222-428.pma |
| Size | 8.0MB |
| Type | data |
| MD5 | 4f7d587354b0b1a66cc9708be2409257 |
| SHA1 | 3c4db93b3f593333a3196d874192c9ce298eb3aa |
| SHA256 | 8e180d6fdb4c6bbe01727d65f3516a0d67f2a32cfb6e7dd231af72110b4cd328 |
| CRC32 | 05D9151D |
| ssdeep | 192:0Gh5KH1LepNnlqNakjkLhgCUFPowsQUx8FURvCJTj6jvikPDeH:0GhqLyla9kLhgNfsxoJn |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 9a8ea0e2df7554c5_D87fZN3R3jFeWeb Data |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\heidirNjfZiCfxizH\D87fZN3R3jFeWeb Data |
| Size | 72.0KB |
| Type | SQLite 3.x database, last written using SQLite version 3021000 |
| MD5 | 0539a773e44d21a84fd97fee0dffd4a3 |
| SHA1 | 5904058c20aad54c552edc57826babd36ab61149 |
| SHA256 | 9a8ea0e2df7554c57fb4ee6a8a12782f5a2474a3e4c23dc61e4768631dc4eb9f |
| CRC32 | 964BC0B2 |
| ssdeep | 96:P0CWo3dOOctAYyY9MsH738Hsa/NTIdE8uKIaPdUDFBlrrVY/qBOnx4yWTJereWbY:PXt769TYndTJMb3j0 |
| Yara | None matched |
| VirusTotal | Search for analysis |