Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
11.13 04:11
hello.exe
11.13 03:11
espsemhvcioff.exe
11.13 02:11
Geek_se.exe
11.13 02:11
cred64.dll
11.13 02:11
svhost.exe
11.13 02:11
nb.exe
11.13 02:11
svcyr.exe
11.13 02:11
Ghost_1.5.11.5.exe
11.13 02:11
PowderGpl.exe
11.13 02:11
goodlabel%E6%89%93%E5%...

Latest News
11.14 05:11
Iranian threat group t...
11.14 05:11
Palo Alto Networks sec...
11.14 05:11
Agencies push for digi...
11.14 05:11
Statt Wechsel auf Wind...
11.14 05:11
KI-Übersetzer für Meet...
11.14 05:11
ChatGPT knackt Rekord:...
11.14 05:11
Amazon stellt 40.000 K...
11.14 05:11
[Control systems] Siem...
11.14 05:11
OpenAI Nears Launch of...
11.14 04:11
Execs identify AI-driv...

Dropped Files | ZeroBOX

Name	e681900aeb771e57__cffi.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\onefile_184_133579914379531250\zstandard\_cffi.pyd
Size	640.0KB
Processes	184 (amady.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`4327027d7cb61f547e22c4f668eb7bf7`
SHA1	`22f413d03a90d04d571526687e43eb255f427435`
SHA256	`e681900aeb771e57bc063e44b303293e11df32f1b1fecdcbc00574c00e75626c`
CRC32	`4B811EBD`
ssdeep	`12288:Xs/doJlY/OBzRSxUlcUmNNuNkOFIj+fWT0hrHPPoX1yZcG7:mAuOBzRSxUlvFIj+fWIPPM1yZcg`
Yara	IsPE64 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	61c7a532e108f678__raw_ctr.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\onefile_184_133579914379531250\Crypto\Cipher\_raw_ctr.pyd
Size	14.5KB
Processes	184 (amady.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`c6b20332b4814799e643badffd8df2cd`
SHA1	`e7da1c1f09f6ec9a84af0ab0616afea55a58e984`
SHA256	`61c7a532e108f67874ef2e17244358df19158f6142680f5b21032ba4889ac5d8`
CRC32	`FA0BDECA`
ssdeep	`192:j0J1gSHxKkwv0i8XSi3Sm57NEEE/qexUEtDrdkrRcqgUF6+6vEX:jM01si8XSi3SACqe7tDeDgUUjvE`
Yara	IsPE64 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	790a11aa270523c2_md.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\onefile_184_133579914379531250\charset_normalizer\md.pyd
Size	10.5KB
Processes	184 (amady.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`723ec2e1404ae1047c3ef860b9840c29`
SHA1	`8fc869b92863fb6d2758019dd01edbef2a9a100a`
SHA256	`790a11aa270523c2efa6021ce4f994c3c5a67e8eaaaf02074d5308420b68bd94`
CRC32	`28AFF068`
ssdeep	`96:KG+p72HzA5iJGhU2Y0hQMsQJCUCLsZEA4elh3XQMtCFliHUWQcX6g8cim1qeSju1:A2HzzU2bRYoeLHkcqgvimoe`
Yara	IsPE64 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	591589dadc659d1a__ssl.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\onefile_184_133579914379531250\_ssl.pyd
Size	172.8KB
Processes	184 (amady.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`e5b1a076e9828985ea8ea07d22c6abd0`
SHA1	`2a2827938a490cd847ea4e67e945deb4eef8cbb1`
SHA256	`591589dadc659d1ad4856d16cd25dc8e57eaa085bf68eb2929f8f93aba69db1b`
CRC32	`ABDF6663`
ssdeep	`3072:UZIQQj5DC1z/39/2uX36XjRylB9d43Olh59YL48PMrN/WgAlNiVtIbC7N7d:rj5mRPxb36Xj44TLiVn`
Yara	IsPE64 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	05fe080eab7fc535_libcrypto-3.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\onefile_184_133579914379531250\libcrypto-3.dll
Size	5.0MB
Processes	184 (amady.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`e547cf6d296a88f5b1c352c116df7c0c`
SHA1	`cafa14e0367f7c13ad140fd556f10f320a039783`
SHA256	`05fe080eab7fc535c51e10c1bd76a2f3e6217f9c91a25034774588881c3f99de`
CRC32	`1E11E1B2`
ssdeep	`98304:n3+pefu6fSar+SJ8aqfPomg1CPwDvt3uFlDCE:3G+u6fb+SJ8aqfwmg1CPwDvt3uFlDCE`
Yara	IsPE64 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	8f3d92de840abb5a__ghash_portable.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\onefile_184_133579914379531250\Crypto\Hash\_ghash_portable.pyd
Size	13.0KB
Processes	184 (amady.exe) 1236 (explorer.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`c4cc05d3132fdfb05089f42364fc74d2`
SHA1	`da7a1ae5d93839577bbd25952a1672c831bc4f29`
SHA256	`8f3d92de840abb5a46015a8ff618ff411c73009cbaa448ac268a5c619cf84721`
CRC32	`CF626361`
ssdeep	`192:AF/1nb2mhQtks0iiNqdF4mtPjD02A5APYcqgYvEL2x:62f6fFA/4GjDFcgYvEL2x`
Yara	IsPE64 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	663f1087c2ed664c__lzma.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\onefile_184_133579914379531250\_lzma.pyd
Size	155.8KB
Processes	184 (amady.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`3273720ddf2c5b75b072a1fb13476751`
SHA1	`5fe0a4f98e471eb801a57b8c987f0feb1781ca8b`
SHA256	`663f1087c2ed664c5995a3ffa64546d2e33a0fce8a9121b48cc7c056b74a2948`
CRC32	`138C816D`
ssdeep	`3072:OJlBQV6AniiMeSznf09mNogMKNA/ZttIbZ1bW/9:OJlozifF8YOgbihtL`
Yara	IsPE64 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	b990efbda8a50c49_backend_c.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\onefile_184_133579914379531250\zstandard\backend_c.pyd
Size	512.5KB
Processes	184 (amady.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`dc08f04c9e03452764b4e228fc38c60b`
SHA1	`317bcc3f9c81e2fc81c86d5a24c59269a77e3824`
SHA256	`b990efbda8a50c49cd7fde5894f3c8f3715cb850f8cc4c10bc03fd92e310260f`
CRC32	`E118DD3B`
ssdeep	`12288:LhqzrH09USNNSNkUvpMnAp5Oqwj/k6OsoOfu/PYS/O51Y/H:LhqzrH0evpMnApu86OsynYUPv`
Yara	IsPE64 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	f28ac3e3ad02f9e1_unicodedata.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\onefile_184_133579914379531250\unicodedata.pyd
Size	1.1MB
Processes	184 (amady.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`5cc36a5de45a2c16035ade016b4348eb`
SHA1	`35b159110e284b83b7065d2cff0b5ef4ccfa7bf1`
SHA256	`f28ac3e3ad02f9e1d8b22df15fa30b2190b080261a9adc6855248548cd870d20`
CRC32	`3D783CD8`
ssdeep	`12288:iYPYbfjwR6nb8onRiPDjRrO5184EPYPx++ZiLKGZ5KXyVH4eDq97:iaYbM90IDJcjEwPgPOG6Xyd46q97`
Yara	IsPE64 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	b1bab0e04ac60d1e__scrypt.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\onefile_184_133579914379531250\Crypto\Protocol\_scrypt.pyd
Size	12.0KB
Processes	184 (amady.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`ba46602b59fcf8b01abb135f1534d618`
SHA1	`eff5608e05639a17b08dca5f9317e138bef347b5`
SHA256	`b1bab0e04ac60d1e7917621b03a8c72d1ed1f0251334e9fa12a8a1ac1f516529`
CRC32	`02B29FE3`
ssdeep	`192:nkCfXASTMeAk4OepIXcADp/X6RcqgO5vE:ZJMcPepIXcAD563gO5vE`
Yara	IsPE64 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	964b89a4d7a7d4c0_amady.exe Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\onefile_184_133579914379531250\amady.exe
Size	14.1MB
Processes	184 (amady.exe)
Type	PE32+ executable (console) x86-64, for MS Windows
MD5	`c7719270d0e6cf4e65ec4c827acece06`
SHA1	`4a4a357051adb5d60813bc79bc61c250262ff841`
SHA256	`964b89a4d7a7d4c081c3aedf7befc05626c8eb0715f2177465e9623ba3d2242a`
CRC32	`103D7232`
ssdeep	`98304:/aZ60e9b5OP+GtGK1AGTW5RE2HDw4DHtY8e+FLF4zRL3ASRmx3Sz7jD6kcD6EMJ2:yYa7oaY/MCDSwz`
Yara	IsPE64 - (no description) Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature ftp_command - ftp command wget_command - wget command RedLine_Stealer_b_Zero - RedLine stealer UPX_Zero - UPX packed file Generic_Malware_Zero - Generic Malware OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	e5b6e58d6da8db36__ghash_clmul.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\onefile_184_133579914379531250\Crypto\Hash\_ghash_clmul.pyd
Size	12.5KB
Processes	184 (amady.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`c89becc2becd40934fe78fcc0d74d941`
SHA1	`d04680df546e2d8a86f60f022544db181f409c50`
SHA256	`e5b6e58d6da8db36b0673539f0c65c80b071a925d2246c42c54e9fcdd8ca08e3`
CRC32	`85EE6387`
ssdeep	`192:DzFRF/1nb2mhQtk4axusjfkgZhoYDQgRjcqgQvEty:DzFd2f64axnTTz5D1gQvEty`
Yara	IsPE64 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	7a347ca8fef6e29f_cacert.pem Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\onefile_184_133579914379531250\certifi\cacert.pem
Size	285.7KB
Processes	184 (amady.exe)
Type	ASCII text
MD5	`d3e74c9d33719c8ab162baa4ae743b27`
SHA1	`ee32f2ccd4bc56ca68441a02bf33e32dc6205c2b`
SHA256	`7a347ca8fef6e29f82b6e4785355a6635c17fa755e0940f65f15aa8fc7bd7f92`
CRC32	`EE238F75`
ssdeep	`6144:QW1x/M8fRR1jplkXURrVADwYCuCigT/Q5MSRqNb7d8iu5NF:QWb/TRJLWURrI55MWavdF0D`
Yara	None matched
VirusTotal	Search for analysis

Name	c181f30332f87fee__SHA384.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\onefile_184_133579914379531250\Crypto\Hash\_SHA384.pyd
Size	26.5KB
Processes	184 (amady.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`59ba0e05be85f48688316ee4936421ea`
SHA1	`1198893f5916e42143c0b0f85872338e4be2da06`
SHA256	`c181f30332f87feecbf930538e5bdbca09089a2833e8a088c3b9f3304b864968`
CRC32	`FCADD5DD`
ssdeep	`384:xFDL3RqE3MjjQ95UnLa+1WT1aA7qHofg5JptfISH2mDDXfgjVx2:jDLh98jjRe+1WT1aAeIfMzxH2mDDIj`
Yara	IsPE64 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	920350a7c24c4633_python3.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\onefile_184_133579914379531250\python3.dll
Size	65.8KB
Processes	184 (amady.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`35da4143951c5354262a28dee569b7b2`
SHA1	`b07cb6b28c08c012eecb9fd7d74040163cdf4e0e`
SHA256	`920350a7c24c46339754e38d0db34ab558e891da0b3a389d5230a0d379bee802`
CRC32	`13C227C7`
ssdeep	`768:iw/EsYpkVgBaz57kcDA7QKFmpz7cnzH/ks/KF61xubwmB1Cf//yhC74JFmpktJSv:F/5k8cnzeJfRIbL0D7SyZxEL`
Yara	IsPE64 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file
VirusTotal	Search for analysis

Name	9524d1dadcd2f2b0__raw_aes.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\onefile_184_133579914379531250\Crypto\Cipher\_raw_aes.pyd
Size	35.5KB
Processes	184 (amady.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`f751792df10cdeed391d361e82daf596`
SHA1	`3440738af3c88a4255506b55a673398838b4ceac`
SHA256	`9524d1dadcd2f2b0190c1b8ede8e5199706f3d6c19d3fb005809ed4febf3e8b5`
CRC32	`35D8A6CF`
ssdeep	`384:Dz2P+7nYpPMedFDlDchrVX1mEVmT9ZgkoD/PKDkGuF0U390QOo8VdbKBWmuCLg46:DzeqWB7YJlmLJ3oD/S4j990th9VCsC`
Yara	IsPE64 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	3dbcb4d0070be355__SHA256.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\onefile_184_133579914379531250\Crypto\Hash\_SHA256.pyd
Size	21.5KB
Processes	184 (amady.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`a442ea85e6f9627501d947be3c48a9dd`
SHA1	`d2dec6e1be3b221e8d4910546ad84fe7c88a524d`
SHA256	`3dbcb4d0070be355e0406e6b6c3e4ce58647f06e8650e1ab056e1d538b52b3d3`
CRC32	`8A85E5F9`
ssdeep	`384:51jwGPJHLxzcY1EEerju9LcTZ6RO3RouLKtcyDNIegjxo:rjwyJOYToZwOLuzDNI7j`
Yara	IsPE64 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	3d9893aa79efd13d_md__mypyc.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\onefile_184_133579914379531250\charset_normalizer\md__mypyc.pyd
Size	116.5KB
Processes	184 (amady.exe) 1236 (explorer.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`9ea8098d31adb0f9d928759bdca39819`
SHA1	`e309c85c1c8e6ce049eea1f39bee654b9f98d7c5`
SHA256	`3d9893aa79efd13d81fcd614e9ef5fb6aad90569beeded5112de5ed5ac3cf753`
CRC32	`BDED210E`
ssdeep	`1536:OzgMw0g+m/+rxC9Jtd960WsCyqPD1/bZMlDML48Be9zGTVmZRJIRbvB:OsTH+VC9Jtd9VdCr7fMp/8yGTVmzmZ`
Yara	IsPE64 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	605c86145b3018a5__raw_eksblowfish.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\onefile_184_133579914379531250\Crypto\Cipher\_raw_eksblowfish.pyd
Size	21.5KB
Processes	184 (amady.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`76f88d89643b0e622263af676a65a8b4`
SHA1	`93a365060e98890e06d5c2d61efbad12f5d02e06`
SHA256	`605c86145b3018a5e751c6d61fd0f85cf4a9ebf2ad1f3009a4e68cf9f1a63e49`
CRC32	`3069EE58`
ssdeep	`384:IUv5cRUtPQtjLJiKMjNrDF6pJgLa0Mp8Q90gYP2lXCM:BKR8I+K0lDFQgLa17zU`
Yara	IsPE64 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	4d292623516f65c8_vcruntime140.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\onefile_184_133579914379531250\vcruntime140.dll
Size	116.4KB
Processes	184 (amady.exe)
Type	PE32+ executable (DLL) (console) x86-64, for MS Windows
MD5	`be8dbe2dc77ebe7f88f910c61aec691a`
SHA1	`a19f08bb2b1c1de5bb61daf9f2304531321e0e40`
SHA256	`4d292623516f65c80482081e62d5dadb759dc16e851de5db24c3cbb57b87db83`
CRC32	`CCAF35C5`
ssdeep	`1536:+qvQ1Dj2DkX7OcujarvmdlYNABCmgrP4ddbkZIecbWcFML/UXzlghzdMFw84hzk:+qvQ1D2CreiABCmgYecbWVLUD6h+b4ho`
Yara	IsPE64 - (no description) Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsDLL - (no description) Win32_Trojan_Gen_1_0904B0_Zero - Win32 Trojan Emotet UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	3e0d07bbf93e0748__raw_ecb.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\onefile_184_133579914379531250\Crypto\Cipher\_raw_ecb.pyd
Size	10.5KB
Processes	184 (amady.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`fee13d4fb947835dbb62aca7eaff44ef`
SHA1	`7cc088ab68f90c563d1fe22d5e3c3f9e414efc04`
SHA256	`3e0d07bbf93e0748b42b1c2550f48f0d81597486038c22548224584ae178a543`
CRC32	`0F5C09DE`
ssdeep	`96:R0qVVdJvbrqTu6ZdpvY0IluLfcC75JiCKs89EpmFWLOXDwo2Pj15XkcX6gbW6z:DVddiT7pgTctEEI4qXDo11kcqgbW6`
Yara	IsPE64 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	faa41385d0db8d4e__raw_cfb.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\onefile_184_133579914379531250\Crypto\Cipher\_raw_cfb.pyd
Size	13.5KB
Processes	184 (amady.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`43bbe5d04460bd5847000804234321a6`
SHA1	`3cae8c4982bbd73af26eb8c6413671425828dbb7`
SHA256	`faa41385d0db8d4ee2ee74ee540bc879cf2e884bee87655ff3c89c8c517eed45`
CRC32	`22F63318`
ssdeep	`192:NRgPX8lvI+KnwSDTPUDEhKWPXcqgzQkvEd:2og9rUD9mpgzQkvE`
Yara	IsPE64 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	c9f4c5ffcdd4f881__raw_ofb.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\onefile_184_133579914379531250\Crypto\Cipher\_raw_ofb.pyd
Size	12.0KB
Processes	184 (amady.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`4d9182783ef19411ebd9f1f864a2ef2f`
SHA1	`ddc9f878b88e7b51b5f68a3f99a0857e362b0361`
SHA256	`c9f4c5ffcdd4f8814f8c07ce532a164ab699ae8cde737df02d6ecd7b5dd52dbd`
CRC32	`E607BCED`
ssdeep	`192:0F/1nb2mhQtkgU7L9D037tfcqgYvEJPb:u2f6L9DSJxgYvEJj`
Yara	IsPE64 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	8f9ede5044643413__socket.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\onefile_184_133579914379531250\_socket.pyd
Size	77.8KB
Processes	184 (amady.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`485d998a2de412206f04fa028fe6ba90`
SHA1	`286e29d4f91a46171ba1e3c8229e6de94b499f1d`
SHA256	`8f9ede5044643413c3b072cd31a565956498ca07cdd17fb6a04483d388fdad76`
CRC32	`92929461`
ssdeep	`1536:sEbflgPFXTcf3uj79/s+S+pzpp+iTFVf7JRIbLw87Sy8Ckxt:smG1U3uj79/sT+pzH+YFVTJRIbLw8eCg`
Yara	IsPE64 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	0828cad4d742d978__cpuid_c.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\onefile_184_133579914379531250\Crypto\Util\_cpuid_c.pyd
Size	10.0KB
Processes	184 (amady.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`4d9c33ae53b38a9494b6fbfa3491149e`
SHA1	`1a069e277b7e90a3ab0dcdee1fe244632c9c3be4`
SHA256	`0828cad4d742d97888d3dfce59e82369317847651bba0f166023cb8aca790b2b`
CRC32	`D4ED5DAD`
ssdeep	`96:MJVVdJvbrqTu6ZdpvY0IluLfcC75JiCKs89EVAElIijKDQGrbMZYJWJcX6gbW6s:CVddiT7pgTctEEaEDKDlMCWJcqgbW6`
Yara	IsPE64 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	11dd1b49f70db236__raw_cbc.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\onefile_184_133579914379531250\Crypto\Cipher\_raw_cbc.pyd
Size	12.0KB
Processes	184 (amady.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`20708935fdd89b3eddeea27d4d0ea52a`
SHA1	`85a9fe2c7c5d97fd02b47327e431d88a1dc865f7`
SHA256	`11dd1b49f70db23617e84e08e709d4a9c86759d911a24ebddfb91c414cc7f375`
CRC32	`CFA17009`
ssdeep	`192:0F/1nb2mhQtkr+juOxKbDbnHcqgYvEkrK:u2f6iuOsbDtgYvEmK`
Yara	IsPE64 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	fb06ac13f8b444c3_select.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\onefile_184_133579914379531250\select.pyd
Size	29.8KB
Processes	184 (amady.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`e07ae2f7f28305b81adfd256716ae8c6`
SHA1	`9222cd34c14a116e7b9b70a82f72fc523ef2b2f6`
SHA256	`fb06ac13f8b444c3f7ae5d2af15710a4e60a126c3c61a1f1e1683f05f685626c`
CRC32	`C1FF0B34`
ssdeep	`768:jeUeWEHqTG+RIbQGC5YiSyvkki+AMxkEGu:jeUeWEKTG+RIbQGg7Sy/rxyu`
Yara	IsPE64 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	fc296145ae46a11c__BLAKE2s.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\onefile_184_133579914379531250\Crypto\Hash\_BLAKE2s.pyd
Size	14.0KB
Processes	184 (amady.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`9d28433ea8ffbfe0c2870feda025f519`
SHA1	`4cc5cf74114d67934d346bb39ca76f01f7acc3e2`
SHA256	`fc296145ae46a11c472f99c5be317e77c840c2430fbb955ce3f913408a046284`
CRC32	`C0D42F3D`
ssdeep	`192:hF/1nb2mhQt7fSOp/CJPvADQHKtxSOvbcqgEvcM+:N2fNKOZWPIDnxVlgEvL`
Yara	IsPE64 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	a428372185b72c90__keccak.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\onefile_184_133579914379531250\Crypto\Hash\_keccak.pyd
Size	16.0KB
Processes	184 (amady.exe) 1236 (explorer.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`1e201df4b4c8a8cd9da1514c6c21d1c4`
SHA1	`3dc8a9c20313af189a3ffa51a2eaa1599586e1b2`
SHA256	`a428372185b72c90be61ac45224133c4af6ae6682c590b9a3968a757c0abd6b4`
CRC32	`0B687D7C`
ssdeep	`192:XTRgffnRaNfBj9xih1LPK73jm6AXiN4rSRIh42gDhgvrjcqgCieT3WQ:XafgNpj9cHW3jqXeBRamDOZgCieT`
Yara	IsPE64 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	a927548abea335e6__SHA1.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\onefile_184_133579914379531250\Crypto\Hash\_SHA1.pyd
Size	19.0KB
Processes	184 (amady.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`ab0bcb36419ea87d827e770a080364f6`
SHA1	`6d398f48338fb017aacd00ae188606eb9e99e830`
SHA256	`a927548abea335e6bcb4a9ee0a949749c9e4aa8f8aad481cf63e3ac99b25a725`
CRC32	`498FC6D1`
ssdeep	`384:qPHNP3MjevhSY/8EBbVxcJ0ihTLdFDuPHgj+kf4D:sPcKvr/jUJ0sbDGAj+t`
Yara	IsPE64 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	2e9fbcd8f7fdc13a_libssl-3.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\onefile_184_133579914379531250\libssl-3.dll
Size	768.8KB
Processes	184 (amady.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`19a2aba25456181d5fb572d88ac0e73e`
SHA1	`656ca8cdfc9c3a6379536e2027e93408851483db`
SHA256	`2e9fbcd8f7fdc13a5179533239811456554f2b3aa2fb10e1b17be0df81c79006`
CRC32	`D3E02F9F`
ssdeep	`12288:ytPc2nnGoNg4kSHoxX09yO5EavUFe9Xb12:y9jnnpTHoxXUsFe9XbM`
Yara	IsPE64 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	23bdd07b84d2dbcb__decimal.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\onefile_184_133579914379531250\_decimal.pyd
Size	247.8KB
Processes	184 (amady.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`e4e032221aca4033f9d730f19dc3b21a`
SHA1	`584a3b4bc26a323ce268a64aad90c746731f9a48`
SHA256	`23bdd07b84d2dbcb077624d6dcbfc66ab13a9ef5f9eebe31dc0ffece21b9e50c`
CRC32	`639CA9EC`
ssdeep	`6144:F4aNJPKHCXqKEyKOxVpclJeMvfrZNxKl9qWM53pLW1A+6teJCxc:O2JyHCXqKIMpgeMnr5K4lRxc`
Yara	IsPE64 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	ff950af2dad14037_sqlite3.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\onefile_184_133579914379531250\sqlite3.dll
Size	1.4MB
Processes	184 (amady.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`346f6150977371cdc424ec9275a9b47c`
SHA1	`986096738808eb6ed364c4ac5b3500b5b35bec10`
SHA256	`ff950af2dad140377a55da6f3c242327ced0cf498db50e028abe1ed023f19b90`
CRC32	`A18C94D7`
ssdeep	`24576:zTqtyGkxOc+wv05tP5kf82Hr/74YPF5o/P/gnAracr7/24UcypY7w0vpZUFJ++E:Sk0jwv4tP5kf8ar/74EF2/An4acrVUcl`
Yara	IsPE64 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file Generic_Malware_Zero - Generic Malware OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	eff52743773eb550_libffi-8.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\onefile_184_133579914379531250\libffi-8.dll
Size	38.8KB
Processes	184 (amady.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`0f8e4992ca92baaf54cc0b43aaccce21`
SHA1	`c7300975df267b1d6adcbac0ac93fd7b1ab49bd2`
SHA256	`eff52743773eb550fcc6ce3efc37c85724502233b6b002a35496d828bd7b280a`
CRC32	`84E3AA71`
ssdeep	`768:NiQfxQemQJNrPN+moyijAc5YiSyvkIPxWEqG:dfxIQvPkmoyijP7SytPxF`
Yara	IsPE64 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	70d90ddf87a96086__strxor.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\onefile_184_133579914379531250\Crypto\Util\_strxor.pyd
Size	10.0KB
Processes	184 (amady.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`8f4313755f65509357e281744941bd36`
SHA1	`2aaf3f89e56ec6731b2a5fa40a2fe69b751eafc0`
SHA256	`70d90ddf87a9608699be6bbedf89ad469632fd0adc20a69da07618596d443639`
CRC32	`216986C0`
ssdeep	`96:6ZVVdJvbrqTu6ZdpvY0IluLfcC75JiCKs89EMz3DHWMoG4BcX6gbW6O:IVddiT7pgTctEEO3DLoHcqgbW6`
Yara	IsPE64 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	1f4288a098da3aac__raw_aesni.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\onefile_184_133579914379531250\Crypto\Cipher\_raw_aesni.pyd
Size	15.5KB
Processes	184 (amady.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`bbea5ffae18bf0b5679d5c5bcd762d5a`
SHA1	`d7c2721795113370377a1c60e5cef393473f0cc5`
SHA256	`1f4288a098da3aac2add54e83c8c9f2041ec895263f20576417a92e1e5b421c1`
CRC32	`8B78B6C0`
ssdeep	`192:wJBjJHEkEPYi3Xd+dc26E4++yuqAyXW9wifD4jqccqgwYUMvEW:ikRwi3wO26Ef+yuIm9PfD7wgwYUMvE`
Yara	IsPE64 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	ac3b144d7d7c8ee3__queue.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\onefile_184_133579914379531250\_queue.pyd
Size	31.8KB
Processes	184 (amady.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`284fbc1b32f0282fc968045b922a4ee2`
SHA1	`7ccea7a48084f2c8463ba30ddae8af771538ae82`
SHA256	`ac3b144d7d7c8ee39f29d8749c5a35c4314b5365198821605c883fd11807e766`
CRC32	`452CFAB2`
ssdeep	`768:c+yFY6rbXmxU1RIbQU+5YiSyvzZAMxkEC:c+wJbXWU1RIbQU07SyLBxu`
Yara	IsPE64 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	55defcd528207d40__SHA512.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\onefile_184_133579914379531250\Crypto\Hash\_SHA512.pyd
Size	26.5KB
Processes	184 (amady.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`8194d160fb215498a59f850dc5c9964c`
SHA1	`d255e8ccbce663ee5cfd3e1c35548d93bfbbfcc0`
SHA256	`55defcd528207d4006d54b656fd4798977bd1aae6103d4d082a11e0eb6900b08`
CRC32	`AF24D75E`
ssdeep	`384:tFYLXRqEnMgj969GUnLa+1WT1aA7qHofg5JptfIS320DXwElrgjhig:PYLB9Mgj0e+1WT1aAeIfMzx320DXD+j`
Yara	IsPE64 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	1be51ef2b5acbe49__bz2.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\onefile_184_133579914379531250\_bz2.pyd
Size	82.8KB
Processes	184 (amady.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`37eace4b806b32f829de08db3803b707`
SHA1	`8a4e2bb2d04685856d1de95b00f3ffc6ea1e76b9`
SHA256	`1be51ef2b5acbe490217aa1ff12618d24b95df6136c6844714b9ca997b4c7f9b`
CRC32	`27CB684B`
ssdeep	`1536:xqgz7lGeu595+NHRGYWlnswz108Lh3uwtIbCVW7Syqx7T:AgzxAbl3nLhJtIbCVW8T`
Yara	IsPE64 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	e3b0c44298fc1c14_.keep_dir.txt Empty file or file not found
Filepath	C:\Users\test22\AppData\Local\Temp\onefile_184_133579914379531250\Crypto\Util\.keep_dir.txt
Size	0.0B
Type	empty
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
CRC32	`00000000`
ssdeep	`3::`
Yara	None matched
VirusTotal	Search for analysis

Name	3d43869a4507ed8e__ctypes.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\onefile_184_133579914379531250\_ctypes.pyd
Size	121.8KB
Processes	184 (amady.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`a25cdcf630c024047a47a53728dc87cd`
SHA1	`8555ae488e0226a272fd7db9f9bdbb7853e61a21`
SHA256	`3d43869a4507ed8ece285ae85782d83bb16328cf636170acb895c227ebb142ac`
CRC32	`ACFB3690`
ssdeep	`3072:bZMeF788mzTWJMNufLI2qV6phIzRIbLPMV:bmeGWWNufLI2ichyZ`
Yara	IsPE64 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	25771e53cfecb546__SHA224.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\onefile_184_133579914379531250\Crypto\Hash\_SHA224.pyd
Size	21.5KB
Processes	184 (amady.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`c8fe3ff9c116db211361fbb3ea092d33`
SHA1	`180253462dd59c5132fbccc8428dea1980720d26`
SHA256	`25771e53cfecb5462c0d4f05f7cae6a513a6843db2d798d6937e39ba4b260765`
CRC32	`154D63A4`
ssdeep	`384:y1jwGPJHLvzcY1EEerju9LcTZ6RO3RouLKtcyDNOcwgjxo:QjwyJUYToZwOLuzDNB1j`
Yara	IsPE64 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	2835e0f24fb13ef0_python311.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\onefile_184_133579914379531250\python311.dll
Size	5.5MB
Processes	184 (amady.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`d06da79bfd21bb355dc3e20e17d3776c`
SHA1	`610712e77f80d2507ffe85129bfeb1ff72fa38bf`
SHA256	`2835e0f24fb13ef019608b13817f3acf8735fbc5f786d00501c4a151226bdff1`
CRC32	`E335E745`
ssdeep	`49152:7KUvq5S8qfFIbGoSieBCZjze3eWVWhQNkGDiUWmtAoaOvi26g2je7wkUB3AO1Fp6:7KUvq1quUqjTPGzuvihAs2oH9M8I9URf`
Yara	IsPE64 - (no description) Malicious_Library_Zero - Malicious_Library PE_Header_Zero - PE File Signature IsDLL - (no description) anti_vm_detect - Possibly employs anti-virtualization techniques UPX_Zero - UPX packed file Generic_Malware_Zero - Generic Malware OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	4aa5e9ce7a76b301__raw_ocb.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\onefile_184_133579914379531250\Crypto\Cipher\_raw_ocb.pyd
Size	17.5KB
Processes	184 (amady.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`d48bffa1af800f6969cfb356d3f75aa6`
SHA1	`2a0d8968d74ebc879a17045efe86c7fb5c54aee6`
SHA256	`4aa5e9ce7a76b301766d3ecbb06d2e42c2f09d0743605a91bf83069fefe3a4de`
CRC32	`70D4664E`
ssdeep	`384:7PHNP3Mj7Be/yB/6sB3yxcb+IMcOYqQViCBD8bg6Vf4A:hPcnB8KSsB34cb+bcOYpMCBDX`
Yara	IsPE64 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	2ad55e11bddb5b65__hashlib.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\onefile_184_133579914379531250\_hashlib.pyd
Size	63.8KB
Processes	184 (amady.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`ba682dfcdd600a4bb43a51a0d696a64c`
SHA1	`df85ad909e9641f8fcaa0f8f5622c88d904e9e20`
SHA256	`2ad55e11bddb5b65cdf6e9e126d82a3b64551f7ad9d4cbf74a1058fd7e5993bd`
CRC32	`A11E17F0`
ssdeep	`1536:0WuY1lTorKnYzF9G0pLOjWNBgFIbOIp7Sy0Vxu:tuYc9GIOjiBgFIbOIpqC`
Yara	IsPE64 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	4fc70cb9280e4148__MD5.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\onefile_184_133579914379531250\Crypto\Hash\_MD5.pyd
Size	15.0KB
Processes	184 (amady.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`34ebb5d4a90b5a39c5e1d87f61ae96cb`
SHA1	`25ee80cc1e647209f658aeba5841f11f86f23c4e`
SHA256	`4fc70cb9280e414855da2c7e0573096404031987c24cf60822854eaa3757c593`
CRC32	`93709002`
ssdeep	`192:hZ9WXA7M93g8U7soSchhiLdjM5J6ECTGmDZkRsP0rcqgjPrvE:8Q0gH7zSccA5J6ECTGmDua89gjPrvE`
Yara	IsPE64 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	238cdb6b8fb611db__raw_des3.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\onefile_184_133579914379531250\Crypto\Cipher\_raw_des3.pyd
Size	57.0KB
Processes	184 (amady.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`6c3e976ab9f47825a5bd9f73e8dba74e`
SHA1	`4c6eb447fe8f195cf7f4b594ce7eaf928f52b23a`
SHA256	`238cdb6b8fb611db4626e6d202e125e2c174c8f73ae8a3273b45a0fc18dea70c`
CRC32	`EA1FD5A0`
ssdeep	`384:9jUqho9weF5/eHkRnYcZiGKdZHDL7idErZjZYXGg:9RCneH//id42`
Yara	IsPE64 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	d077e236b709b524__sqlite3.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\onefile_184_133579914379531250\_sqlite3.pyd
Size	117.3KB
Processes	184 (amady.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`8c9f7beeeeb75816cc0c1f8474023029`
SHA1	`96a49c164bdfce7a0d90d87074e0c9b5f8077610`
SHA256	`d077e236b709b5242d62ce4923feddbfcc719ec26612ed474ed3b25ee290d0ac`
CRC32	`AFBE8BD0`
ssdeep	`3072:w2nLU/Nk3qkD0ii3CLl147ZvV9NdrRvdO5ylAuCoVMJtcMYqsJFIbOQ5e:XLU/NgqkVD5ZJtOP`
Yara	IsPE64 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis

Name	15257e96d1ca8480__Salsa20.pyd Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\onefile_184_133579914379531250\Crypto\Cipher\_Salsa20.pyd
Size	13.0KB
Processes	184 (amady.exe)
Type	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
MD5	`371776a7e26baeb3f75c93a8364c9ae0`
SHA1	`bf60b2177171ba1c6b4351e6178529d4b082bda9`
SHA256	`15257e96d1ca8480b8cb98f4c79b6e365fe38a1ba9638fc8c9ab7ffea79c4762`
CRC32	`3DB1838F`
ssdeep	`96:JF3TgNlF/1Nt5aSd4+1ijg0NLfFNJSCqsstXHTeH5ht47qMbxbfDqbwYH/kcX6gT:WF/1nb2mhQtkXHTeZ87VDqrMcqgYvEp`
Yara	IsPE64 - (no description) PE_Header_Zero - PE File Signature IsDLL - (no description) UPX_Zero - UPX packed file OS_Processor_Check_Zero - OS Processor Check
VirusTotal	Search for analysis