| Name | 06005b8af43378f6_temp.folder.lnk |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\HNC\Office\Recent\Temp.folder.lnk |
| Size | 823.0B |
| Processes | 2556 (Hwp.exe) |
| Type | MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Directory, ctime=Wed Jan 31 20:32:29 2018, mtime=Sun Mar 24 21:45:05 2024, atime=Sun Mar 24 21:45:05 2024, length=65536, window=hide |
| MD5 | 73aaf63fb60a943b5d0a199f271427c5 |
| SHA1 | 7a72261795e1a664e2da3fd4b7c369064ce275ff |
| SHA256 | 06005b8af43378f6c91a9a2ca8243bf1941835512143e1fa681244d85032638a |
| CRC32 | 6CDDDF6B |
| ssdeep | 12:8pIsh64cZCrR8EvSWMlR+/02v8izCCOLMa1Swua4t2YLEPKzlX8yZ:8p5sERdglR6vzNRak6Pyd |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 9a82dc795495d138_hncapp.exe |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\HncApp.exe |
| Size | 24.0KB |
| Processes | 2556 (Hwp.exe) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows |
| MD5 | 7ea20f770570e6cb47d41abc73418d04 |
| SHA1 | b1763d66c2d31f32188288e4f94bbd9e652cf0e5 |
| SHA256 | 9a82dc795495d1383e67dca5605a9ebaf6a6c5810519fbc59214428895ee181e |
| CRC32 | 78569E90 |
| ssdeep | 384:cEP/1GNC8navUdsq4oPRganzhQ0j374D+/u9NExS/:uEmavpqRBnzPJ/kG |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 76296ca80ceb9d2d_sharefont.ini |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\HNC\User\Common\80\Fonts\ShareFont.ini |
| Size | 183.0B |
| Processes | 2556 (Hwp.exe) |
| Type | ASCII text, with CRLF line terminators |
| MD5 | 34766d17d04c24aaa62124eae6b5bac4 |
| SHA1 | 984e092e32fe8f7bd340a7799541c2600d96a4fb |
| SHA256 | 76296ca80ceb9d2db0b4ed08ba1b060c92a75805d71978c30dd33b87bd698b6e |
| CRC32 | E0E924A3 |
| ssdeep | 3:5xxovKdVo6LR5nE9Aj4I5tLGoW+QRX7AMWRUrNmWxpcL4EaKC5YoH1KLDTjEcKl0:5RVogR5nEk55GoW+QWMWRKNmQpcLJaZg |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 0771b95c54006093_normal80.hwt |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\HNC\User\Shared80\HwpTemplate\Doc\ENU\Normal80.hwt |
| Size | 14.5KB |
| Processes | 2556 (Hwp.exe) |
| Type | Hangul (Korean) Word Processor File 5.x |
| MD5 | bfe569dbee47f5bb41f91e83de5b6c40 |
| SHA1 | 299509b6c808074026d938884f5ff01914c28aa1 |
| SHA256 | 0771b95c540060936dd22571145e86141021dfc869b78f1eeef86fde228463c9 |
| CRC32 | AD69E2DD |
| ssdeep | 96:Hr6MSQ0gWep/GtbBKYDoylxrvKLNYSjKQMgWSpEtbBKYDoylxrj:Hr6MSdepgBomxUpjKlSpaBomx3 |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 8928b9c8b4e2a7ce_emb00000a0035a4.jpg |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Hnc\BinData\EMB00000a0035a4.jpg |
| Size | 124.6KB |
| Processes | 2556 (Hwp.exe) |
| Type | JPEG image data, JFIF standard 1.02, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1181x591, frames 3 |
| MD5 | 1dd7e51efa1d25ada4cd92d11a6aa60b |
| SHA1 | 0b44e7bb25a937213a4be5e1018a27b4b1b58589 |
| SHA256 | 8928b9c8b4e2a7ceabcf2ae3206c0253516fed5a6d1fe711a93b8ec6cac517cb |
| CRC32 | 299C7194 |
| ssdeep | 3072:nBfzyUcbdWwGLVBGOs7KD4RTeFhlsqRV4HaXXC0:BrebdNqV0F7KD4RTeHtRVOGT |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 2f3cda506ac2cc6a_03e297f4a0ac3f262ca8ae50f9e14db8bb33e6840f1f30acd576826c0800b24e.lnk |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\HNC\Office\Recent\03e297f4a0ac3f262ca8ae50f9e14db8bb33e6840f1f30acd576826c0800b24e.lnk |
| Size | 1.2KB |
| Processes | 2556 (Hwp.exe) |
| Type | MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Mon Sep 26 19:48:00 2022, mtime=Mon Sep 26 19:48:00 2022, atime=Mon Sep 26 19:48:00 2022, length=179200, window=hide |
| MD5 | 31613a321e4e9d9e432b30c6b16136c4 |
| SHA1 | 6554aaaa8a16278d356ebe067eaa46c4bed5050c |
| SHA256 | 2f3cda506ac2cc6a31a9a9d388804494b18d2c478ef3713ccff32ed4546086be |
| CRC32 | 49C64B57 |
| ssdeep | 24:8MsERdglR6z/alJn2QhDzNRFJQg2o+Nn2QhT6Pyx:8MsHlR8m2Q1pRFeg2o+N2QMyx |
| Yara |
|
| VirusTotal | Search for analysis |