| Name | e2f3d548187b5b02_es.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\es.pak |
| Size | 359.5KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | a638e3161bebaf58c501963efc4040ce |
| SHA1 | fb53a4732620555e30e10e40e886ee45fc4d653c |
| SHA256 | e2f3d548187b5b02c3be595927130f097ff29bdeef6c063980c90b298b1023c4 |
| CRC32 | 92259AF1 |
| ssdeep | 6144:N5THPNG+bjCjgfl56ZdbDq6255rq7VAlvYUZ6PZmN:Nd0eTl0jXw55r7lvjzN |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 292c614220770911_app.asar |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\resources\app.asar |
| Size | 38.7MB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | 6eb16db09572fba2788bc17a1cf56691 |
| SHA1 | 4f3e428d143c34c2545b7cebecf0ff7a19086ea4 |
| SHA256 | 292c61422077091194e7fbc6b4e348f78dfac6a4dc2a01075df21c53ccf803ab |
| CRC32 | E334A708 |
| ssdeep | 196608:Fn7zOE/9ndrLXr0C1elE16LihPn7zOE/9nP:F7zDdrLXr0C1elE16y7zDP |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 64ba1afebfd0ca81_Banner.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\plugins\Banner.dll |
| Size | 24.5KB |
| Processes | 3036 (None) |
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
| MD5 | 297e0eb8ac76b69b873c26a8532a6aac |
| SHA1 | b3c2a9d56035b97122bc5c0e2ee1af7fa55e5e19 |
| SHA256 | 64ba1afebfd0ca81d294d6001a358711e8e8992c08e40181050a3d465acb4030 |
| CRC32 | 793897E5 |
| ssdeep | 384:hCDKNyb8E9VF6IYinAM+of7dFFezuTquIYiB7dFmvq/vTmAM+o/8E9VF0Nym:kWEpYinAMxfxFkzPYiBxFmsvTmAMxkE |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 6e2470842ff95bbe_bn.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\bn.pak |
| Size | 765.4KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | fbe7dc2b6bf403cde758eb515b7d4b8a |
| SHA1 | 1c16e86521818928ca96906237540cd8bc384d38 |
| SHA256 | 6e2470842ff95bbe09cead9d1e22c15ee73231448fe6968a8d6f2d74e7c59178 |
| CRC32 | 242B95BE |
| ssdeep | 1536:B1hqJ5Un7LyG9b91iRcdFE+MWIGcx1jilDouMGsW2ufpbMH/4ZnWiXjuTGuzpMQf:B8WJGH+MWhxQL8MzkoBbLN7SG5zwXl9M |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | ec79726c2b75edab_kn.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\kn.pak |
| Size | 854.5KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | 82701d0c0d6f8f6cbed5b5c28a77249e |
| SHA1 | 8a23b895fa71808269bc45d01537d8f2957cf486 |
| SHA256 | ec79726c2b75edab3ae5c8113d2365287dd571e99dc47016cf792cc278d894f0 |
| CRC32 | 52D7492D |
| ssdeep | 6144:RmdWcB8tZEb7iM8GUGW2aj/u74ujnWthXvkcVwVattkmsLHMR0SZwiYRp2gQQYNe:8H+tZS7iMvWs20foz07D5lJUt+dt+P/E |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 9a28e0a4e9ba16a4_nsDialogs.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\plugins\nsDialogs.dll |
| Size | 30.0KB |
| Processes | 3036 (None) |
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
| MD5 | 4fc86cdc469a813b8a176902ec70047d |
| SHA1 | 90e7a6b969a0893fb90ffe1bb54e6db5044a02d9 |
| SHA256 | 9a28e0a4e9ba16a488234880359aff55b2b5dfebac7a86299ee797b072a524fa |
| CRC32 | DC80C2B7 |
| ssdeep | 768:xRapMv/Agk06EpYinAMxfxF/zRUYiBxFCAMxkEHVt:xR2Mv/Agk077HxZJa73yxbX |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | dbbc53126213c325_INetC.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\plugins\INetC.dll |
| Size | 45.5KB |
| Processes | 3036 (None) |
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
| MD5 | a6674d9f6e0c1e30afa8007b9e4f211b |
| SHA1 | 7863fda9b8885a5c7905cc478d2bb75b57ff3e99 |
| SHA256 | dbbc53126213c325d209c242fbb6c097e86906a77f8a98896200492cde19b0b8 |
| CRC32 | FF90AAA9 |
| ssdeep | 768:jAvE90GuY2tO93oLrJRM7Z4EcEpYinAMxfxFzQmYiBxF6nAMxkE0O:cE+GjnmbM717HxZtQm73wxoO |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | c723b3e570e23313_ko.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\ko.pak |
| Size | 361.5KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | f0b51d41b3391117fa8b8cfc4db402b0 |
| SHA1 | 3cc481c6c29be98d3365fe0c4f5572c87b136585 |
| SHA256 | c723b3e570e233138522e790d8dcb93cf22ececc34fd5f943fe6aea75f7ce5de |
| CRC32 | 8DE8C6C6 |
| ssdeep | 6144:PqznpripFgAM6JS1QdnE9ZqZXRZqiq7vqLZ59Gh9kYDrXCt8Oh+sJzXy8XY597v1:yzl07rJWKE8G3XCt8Oh3JzXfI597v98u |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 6d8a01dc7647bc21_favicon[3].png |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\favicon[3].png |
| Size | 237.0B |
| Type | PNG image data, 16 x 16, 4-bit colormap, non-interlaced |
| MD5 | 9fb559a691078558e77d6848202f6541 |
| SHA1 | ea13848d33c2c7f4f4baa39348aeb1dbfad3df31 |
| SHA256 | 6d8a01dc7647bc218d003b58fe04049e24a9359900b7e0cebae76edf85b8b914 |
| CRC32 | FC87942A |
| ssdeep | 6:6v/lhPIF6R/C+u1fXNg1XQ3yslRtNO+cKvAElRApGCp:6v/7b/C1fm1ZslRTvAElR47 |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | c4a2c6a90945868a_en-US.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\en-US.pak |
| Size | 295.9KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | a2ed0e17819c287b824cae5c0ac03af7 |
| SHA1 | 9694627f89cd65fbb511eacc6c785ab045525ff2 |
| SHA256 | c4a2c6a90945868a02ad14b3a994e94b123981d56190bd34cc3cb14f31f2270b |
| CRC32 | CFE67242 |
| ssdeep | 6144:xfvPBH0g+FtIpphRO6osMP9elM7BBfaYM+R9X5GSOmzwS:hpYIHPosM/7BQ+35GSNzwS |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 9be846e54800f73a_fi.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\fi.pak |
| Size | 332.0KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | 85870b393962d69088cb042748f2cfb4 |
| SHA1 | 19bae1d64c54fb863b750836bb90931fffc7622b |
| SHA256 | 9be846e54800f73ab3b65dd9c11669b32706d2c803fa0257303d7d641d8def05 |
| CRC32 | 4291615F |
| ssdeep | 6144:16ggW1ZjIhn5+LN13aOENZa2RCLv5I5jSHdEJ18JWUuNmhyR5X1wW2:1qEjQRZa75I5+HdEJ18JWUuh2 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 97493f94473d7123_HBEDV.KEY |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programdata\av\HBEDV.KEY |
| Size | 1.0KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | b2874e56d064562549b4d07a377ef367 |
| SHA1 | 82d9546363129590bb3a8a5297e3b1b3a26fb10f |
| SHA256 | 97493f94473d712348d98d260972ac8025c4783aea13c16869eb8aa8f90d8830 |
| CRC32 | FCFE144E |
| ssdeep | 24:A6Sd5stMHiG0Te/a/Eh7hRB7s17icNY3gvvSS1nDu/o2wz:fSDsGHixQ7ZvB7sUcCkaOnDuwtz |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 48b9c3f20021f6f2_url_settings.json |
|---|---|
| Filepath | C:\ProgramData\Fortect\url_settings.json |
| Size | 9.8KB |
| Processes | 2788 (MainDaemon.exe) |
| Type | data |
| MD5 | 0cfe2a5a2569c884e91b7eb134aeffb6 |
| SHA1 | 68a7cfcf85e5303082202012ad9aa64b89ffc583 |
| SHA256 | 48b9c3f20021f6f2c016a791569e0691f9e2493231e2f87443838cdc7802a257 |
| CRC32 | 2C93D51F |
| ssdeep | 192:kZkHrJMm0EfROKkOE94eYG3lCQTg89vvhazjjTfERi1jkFsp1aYEsu76D/Snm:kZkLJMZEQLR6X88QF9vZ0jGIaYFuOmm |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 01e6ccf49d79046a_ExecDos.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\plugins\ExecDos.dll |
| Size | 27.0KB |
| Processes | 3036 (None) |
| Type | PE32 executable (DLL) (console) Intel 80386, for MS Windows |
| MD5 | 074ed73188561ea92648917ceef44ac8 |
| SHA1 | 0f10cb5763810796099d72a0b46666f9d5c69c3e |
| SHA256 | 01e6ccf49d79046af8d5cfb22bcb810a4dace58bf788e87f9be08427ffc62312 |
| CRC32 | 926EF142 |
| ssdeep | 768:FFcIFhQEpYinAMxfxFqjGYiBxFWAMxkEARXfn:FFcIr57HxZ8G73mxkRXv |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | da47d2189371d5ed_question[2].js |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\question[2].js |
| Size | 37.7KB |
| Type | UTF-8 Unicode text, with very long lines, with no line terminators |
| MD5 | 6f5fa5e1310e3281e1023f28f5c72419 |
| SHA1 | 72a7aeebcb270cbc71ce43cc35a5a164e5924a08 |
| SHA256 | da47d2189371d5ed7934d62de9d83cf288c607bd58380014df40c79d4d2c9075 |
| CRC32 | 87E3C8CA |
| ssdeep | 768:apiJCE3euXyhdTtOeQq3lTH1YiVvBgJZDl0rdk/7ekT8:aYpGZlP1TiDD0d0ekT8 |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | d34efa6215129d38_LICENSES.chromium.html |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\LICENSES.chromium.html |
| Size | 6.3MB |
| Processes | 3036 (None) |
| Type | HTML document, UTF-8 Unicode text, with very long lines |
| MD5 | 00f7785e6f0638c3425e881cdd844227 |
| SHA1 | 3572f06aab37ded4b895524e14824a3fa9f22222 |
| SHA256 | d34efa6215129d38d802d4e2609977035475e2a1aec9aac0edd90890f040d9b6 |
| CRC32 | C1256CDD |
| ssdeep | 24576:/P945WbWSLarj41T4mfA6c606q6C6eBcHicaLpY:rSu |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 21d03f19c4b1c12d_red_shield[1] |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\red_shield[1] |
| Size | 3.4KB |
| Type | PNG image data, 14 x 16, 8-bit/color RGBA, non-interlaced |
| MD5 | 87de5d9a3403e1d7635885cbaa52389d |
| SHA1 | 50b32c5966331e3e27bef987fd1da0129423d348 |
| SHA256 | 21d03f19c4b1c12db2feb8fb3a373d7e378976ecdfb64efb300204edc8947d3d |
| CRC32 | 15814E36 |
| ssdeep | 96:5SDZ/I09Da01l+gmkyTt6Hk8nTzVcxkZFd/:5SDS0tKg9E05TJcxi |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 9a2ac1e2cd9ee08f_rd[1] |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\rd[1] |
| Size | 756.0B |
| Type | ASCII text, with very long lines, with no line terminators |
| MD5 | 6a116d416d4368c2c174af1df17fbd8c |
| SHA1 | 1edd0f9a9e97b4af9f9a59b70ec59e47923f6933 |
| SHA256 | 9a2ac1e2cd9ee08f0939d51ee6857afd412ea4986be450a7452047ac8df3822e |
| CRC32 | 1E26AB03 |
| ssdeep | 12:g3/w8KsZ+lmkGhrmrJoj552mzQs0KE5xzmCZE2KwY52m2AWsK8bJ5u:Y48+mhOojL2mzatmCKL2m2mbK |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 91e6d2a44b8be983_getLoginStatus[2].nhn |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\getLoginStatus[2].nhn |
| Size | 138.0B |
| Type | ASCII text, with no line terminators |
| MD5 | adc5d96f6bcef323a83ee760624ded7b |
| SHA1 | 04f3cbeb085d8314515123ff7bd103dccbbde616 |
| SHA256 | 91e6d2a44b8be983adc19513b407a4cf90f87ce0b631750e6d64854f042c3196 |
| CRC32 | 3801C5C9 |
| ssdeep | 3:s8G3fLHrJLVCfLHLtIih9JE29rLjExPDeJV9gEofVtKI:s8G3BhCrhZVQeJV+DVp |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 0dc74a936d57a465_af.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\af.pak |
| Size | 321.0KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | 17e95507f1fa28c93fdb16462c5b520f |
| SHA1 | bddbe3243a4a31f054317c9c83226e667b463dc7 |
| SHA256 | 0dc74a936d57a465f877030f5c91d2e5e22c2e2af3c8733c96238955f2f18cbc |
| CRC32 | 336B4818 |
| ssdeep | 6144:9VdXiMb9IWlrnr9e5D4oEm/kQjB6KAxbxrgjXgxzsB+xSk1yMx65tHwDwzl2i3da:R95lrnrfhm8QjB6KAxbxrgjXgRVSk1HN |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | fbc23311fb5eb53c_background_gradient_red[1] |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BYECVYBT\background_gradient_red[1] |
| Size | 868.0B |
| Type | JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1x800, frames 3 |
| MD5 | 337038e78cf3c521402fc7352bdd5ea6 |
| SHA1 | 017eaf48983c31ae36b5de5de4db36bf953b3136 |
| SHA256 | fbc23311fb5eb53c73a7ca6bfc93e8fa3530b07100a128b4905f8fb7cb145b61 |
| CRC32 | C08DA614 |
| ssdeep | 24:vk9YMW80o0XxDuLHeOWXG4OZ7DAJuLHenX36n8R0O3kwd2q:M9YM3uERAq8uyJdB |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 61c56220a7734d6e_favoriteMeta[1].htm |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BYECVYBT\favoriteMeta[1].htm |
| Size | 8.1KB |
| Type | UTF-8 Unicode text, with very long lines, with no line terminators |
| MD5 | 2158917c838b336ef0bb474cae78b90b |
| SHA1 | 92f9015d768602f21830fbd8307b19556376f79e |
| SHA256 | 61c56220a7734d6e42a3882d8db3f0087dec48db4c79a0705d58dd2b4fbbcf66 |
| CRC32 | 1441CCEB |
| ssdeep | 192:3a1vecI+OHtkgJuUJlSs06+7/dGY5Zh5PxgWyzUBvdLvTPXQJ7zz6I5uVPt2ygQx:3a1vefJNrJtJlSs06+71G4txgWXvtvDp |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 70f316a5492848bb_down[1] |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\down[1] |
| Size | 3.3KB |
| Type | PNG image data, 15 x 15, 8-bit/color RGBA, non-interlaced |
| MD5 | 555e83ce7f5d280d7454af334571fb25 |
| SHA1 | 47f78f68d72e3d9041acc9107a6b0d665f408385 |
| SHA256 | 70f316a5492848bb8242d49539468830b353ddaa850964db4e60a6d2d7db4880 |
| CRC32 | 9EA3279D |
| ssdeep | 96:/SDZ/I09Da01l+gmkyTt6Hk8nTjTnJw1Ne:/SDS0tKg9E05TPoNe |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | c0f56b46dd5e7cd8_ru.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\ru.pak |
| Size | 593.7KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | dc22b380e7f3057cd30a1efbeffe329a |
| SHA1 | ce964424b3821561c77c47c056432b2dd0e0b9bd |
| SHA256 | c0f56b46dd5e7cd893f2f8e79f9f5385a3906f6b51a5099f7ec2e64a7b508183 |
| CRC32 | 15FB0300 |
| ssdeep | 12288:uWqXeXN2hxO3j/juDzv4J+Z4C5e8P/XfLhI0agdLcUwCMWrfGPUVZ22bqGYhcDaU:6Dt5o6yi |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | aee7b84efb017907_am.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\am.pak |
| Size | 519.7KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | 18f77d296d8c8543bef7baf245c9d327 |
| SHA1 | 7d0ab5d6ce4bb7b29d04e9d226a044515994407c |
| SHA256 | aee7b84efb01790773fdb49f1595a7f1b1dc6ab240df2d86b9c5d11247fbbbfb |
| CRC32 | 7E90D14D |
| ssdeep | 12288:nIiggiFuGzy8xVBKafIw5Q9bnIuWqQEx30jH8+I:XFiZy8xVBKQIw5Q9bnIqQA |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 2178eedd5723a6ac_google_com[1].htm |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\google_com[1].htm |
| Size | 219.0B |
| Type | HTML document, ASCII text, with CRLF, LF line terminators |
| MD5 | d4b691cd9d99117b2ea34586d3e7eeb8 |
| SHA1 | c79f5572f672361bc097676cb5da9d4aa956c8b9 |
| SHA256 | 2178eedd5723a6ac22e94ec59bdcd99229c87f3623753f5e199678242f0e90de |
| CRC32 | 0C530AC0 |
| ssdeep | 3:IskN20EFNjJ8S/7A+KWRIJiYEUFLZxs4bSl02rBsSZ7NE7uR0Lq9DmJS4IoQ5a8G:wRkrQWR0iYBtqWt2aSyuic4ILoP |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | edc264386dda1d60_it.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\it.pak |
| Size | 353.2KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | 49030cbfbe1f35d6b9fc82657526b2be |
| SHA1 | 84ab1c241cf3953c6c542b1401d824aecf194f3b |
| SHA256 | edc264386dda1d6093c584b893bc03b1b6bac40002ca5566354e076e16509475 |
| CRC32 | E9854031 |
| ssdeep | 6144:mwbTSetIYSrqRRhsO1VGT9TgTGw6tCqgGkwtkWgnbu8HryiWywNB2/j4Ze9pLOVY:ma6RZtj8+iqpVbu5csoU |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | c14bc04357fafb77_rcaptUi[2].js |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\rcaptUi[2].js |
| Size | 1.1KB |
| Type | UTF-8 Unicode text, with very long lines |
| MD5 | 5d7440b1a655f9bf5caf29906cfbee1e |
| SHA1 | d46f0199e292514bf9d7dbaed24ed46a324dec8d |
| SHA256 | c14bc04357fafb779b8977cd88f0a85699552be3c2660b0bc4fd9941d6261e0b |
| CRC32 | 6A2A3BBD |
| ssdeep | 24:GslZIFVykEFtDrJaFHOL0Qs8L4LfdLzaJfmuU5VwTf:/7IFMdDr2b9/aFfDf |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 591a26b26e0782bc_fortect.lnk |
|---|---|
| Filepath | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fortect\Fortect.lnk |
| Size | 850.0B |
| Processes | 3036 (None) |
| Type | MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Archive, ctime=Tue Jul 2 15:28:11 2024, mtime=Tue Jul 2 15:28:11 2024, atime=Mon Sep 26 19:38:04 2022, length=752488, window=hide |
| MD5 | cf453d268b8f5785653469fe084653e0 |
| SHA1 | 58066e76675a4683982c883c020b4f868155946d |
| SHA256 | 591a26b26e0782bc74a9229ba3270f434941160eba7b02cb5383bc39ab916a54 |
| CRC32 | F63CC331 |
| ssdeep | 12:8hPjcc+0ENvNydpF46X9lXcKcSARYjAfDebdp61cX1cSAF0bdp61c2EgvMM:8hrcBAdx9ZAR8AfWdhAFgdiEm |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 6df9c1348b3c47a5_invisible[1].js |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTDTA402\invisible[1].js |
| Size | 38.4KB |
| Type | ASCII text, with very long lines, with no line terminators |
| MD5 | 8c9e75e5c795dec6252ac116070108fa |
| SHA1 | a551dd3d4144b5f1be957c7fe7925749322b1084 |
| SHA256 | 6df9c1348b3c47a508d0fe703d2533a62cf760f3b1510a4946ba87d1ca37f562 |
| CRC32 | EC1D8052 |
| ssdeep | 768:uB3EEiOBNo2WyY/JgJqUl7KPCGN8OAjJbEy2QrDFZ:uNDiUNo2dY/JgJq1CtVEIZ |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 4b4c29490c93826c_settings.json |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programdata\conf\settings.json |
| Size | 30.8KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | 348b80291ac9b258f1d366d74cd5cb8f |
| SHA1 | 896c52b5970c038d3ddb9c8386dc1d4b6e5c0fba |
| SHA256 | 4b4c29490c93826cfc380699449b7842d23d9b627b1f1af81e18a52a2fcc5187 |
| CRC32 | F96B7003 |
| ssdeep | 768:TCkVpT07T3iuqA8rGYw57P7KPHYU6H8Fnx7ag+/:TbpTgt8rGYw53SQ0nbk |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 30acee7ec34d80bd_el.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\el.pak |
| Size | 650.3KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | 3137c0e418547ea635d56d95bcc77f4d |
| SHA1 | e72180b19b378cd8dde175586053538fdecd1e84 |
| SHA256 | 30acee7ec34d80bdda42f505a81c8a9a9ac24cb881f92ec6600d4f23cef2756b |
| CRC32 | E68B895D |
| ssdeep | 12288:1BqKNwKi02pgaZfIwWmau3HwO9K63TfDTshrFnx5uSWTT9rkv0psNteMxTdMSZi7:1BqKNwKi02pga6wvau3HP9K63TfDTsb6 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | ce7e21369e0dab8f_MainDaemon.exe |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\D2FA106B920C\programfiles\MainDaemon.exe |
| Size | 5.1MB |
| Processes | 3036 (None) |
| Type | PE32+ executable (GUI) x86-64, for MS Windows |
| MD5 | 92a22d1e73e073c970b14d321be54579 |
| SHA1 | baa2dd54ebd24142959fa119deda1c4c9136b3b4 |
| SHA256 | ce7e21369e0dab8fd33f4dc1c7e9ac5ac8a87ae4394ed75485b83660d5de9d3a |
| CRC32 | 8344F41A |
| ssdeep | 98304:zYlMVbV4wSK5iW75eSREviTVj8WNYSdxt:zYlMVbV4RK375vDTVj+Sd |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | fe6b8de069fe130c_lv.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\lv.pak |
| Size | 386.0KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | 7296de64051ab88f0596237b1c97bce0 |
| SHA1 | 1e21af0dd36cecd9468267188e0068d4ea0279fb |
| SHA256 | fe6b8de069fe130cd64681cc0537bf0c2db0fda34d15abd32f59e399334d6423 |
| CRC32 | 5E84C9F0 |
| ssdeep | 6144:FAS9zRaGkXltVFO/IMMTX49pnRBUp+Vi5b4m0c6Eq9AbkanpEqAFreVs1/:SSrjpM749fBli5aEbI6s1/ |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | f792151f010fa27a_apchash.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\apchash.dll |
| Size | 3.5MB |
| Processes | 3036 (None) |
| Type | PE32+ executable (DLL) (console) x86-64, for MS Windows |
| MD5 | a40975ae44326f8c2e728bdbb58a6347 |
| SHA1 | a9d6ca1f92c7249580da493ed9d55f69cbb838ff |
| SHA256 | f792151f010fa27a029b09e2650c76c8246bfddb2346a2c9faeb8e3474259f2c |
| CRC32 | 2A5AA259 |
| ssdeep | 49152:vGtlqGSVwASOb/IU6i2YuEn62pMzI4wtYGvp0oVc5tgQY+VdtYrPQAzVF:zQ+2YvkAdv2oMVd6sE |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 7746b7cfdedfca55_id[1] |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\id[1] |
| Size | 155.0B |
| Type | ASCII text |
| MD5 | 893a4f29fbc4c552b74271384628b3db |
| SHA1 | 368d05e49f07b691b0a969dfb977459fc49eb1b3 |
| SHA256 | 7746b7cfdedfca557b8a2e77debcbd23dd3cf8da20da829ff827009406f4a6f7 |
| CRC32 | D8A84D07 |
| ssdeep | 3:CEPJESa/uDESa/jHIWr8XmbIjpAIggRxkhUs/m/5kcBw:CCJZaUZa0k8WbuiIJihUsmRkcy |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 51edd31f6c5d298c_icudtl.dat |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\icudtl.dat |
| Size | 10.0MB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | 516f6b90d1539bd1eaeaa2fc32dadb92 |
| SHA1 | 8017789bef98902cdc95c18e67b84378ddd293c0 |
| SHA256 | 51edd31f6c5d298c662af320424b632172a31e3348cdbb201380636c95ded794 |
| CRC32 | 735E4725 |
| ssdeep | 196608:zTzwSv9AAyM0agliXUxCGZHa93Whlw6ZEtZ2:zoKlyMqliXUxCGZHa93Whlw6ZEt4 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 7529454c63a10cf5_ta.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\ta.pak |
| Size | 880.7KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | 0fc74b600b04f49186800fe79f6039f8 |
| SHA1 | b60f34b645c7746cfa96b814f3f48958ce8d6f53 |
| SHA256 | 7529454c63a10cf54e283c7d6745b4bb74476cc5602f37ce090a06e80aa84c9f |
| CRC32 | 7CA146A5 |
| ssdeep | 1536:7o5AFXFJ1ITr9tp7GmoyVcYVRQ7xo+yep3EvMZAO2FVNrwYxg3tHHKeJvA3UenBE:5Var9/7GmSqGlFQ5bG7zktR1cA2J |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | a8d8995f14d53ac3_rcaptUi[1].js |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTDTA402\rcaptUi[1].js |
| Size | 1.1KB |
| Type | UTF-8 Unicode text, with very long lines |
| MD5 | aa9cdf2a46c4ba6cf9f85685136363c8 |
| SHA1 | fbb197b54d6148e4155c0fbb66af6d0e4d79fbff |
| SHA256 | a8d8995f14d53ac3af79ffe929d6f827e6fc87490cfbccd33fc51daf8b150aea |
| CRC32 | E9B3F5C4 |
| ssdeep | 24:GslZIFVykEFtDrJaFHOL0Qs8L4LfdLzaJfmuU5Vw2:/7IFMdDr2b9/aFfG |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 687b7117c03eeed1_hr.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\hr.pak |
| Size | 358.3KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | 888b004f14c9e753b754e7d38d812477 |
| SHA1 | 251bb6e060a9d5b35e018a5117eb9d5eb42c5fef |
| SHA256 | 687b7117c03eeed10aa37d089ca8346b0571ce2fa32e2ce2449d6bafc4703537 |
| CRC32 | 9C5694C2 |
| ssdeep | 3072:r30DYSr6SipWxSAbjbUSzgfUOSb10uPfGWrO6WI6DkYAiKbeMvBkXYW0u28spFyX:z0DY86BT2pn3E5237XS |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | f7aab70f3d2ba06e_nsProcess.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\plugins\nsProcess.dll |
| Size | 26.5KB |
| Processes | 3036 (None) |
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
| MD5 | 6921336485f206e14f2d3d3f39a9679b |
| SHA1 | 3f82ab38be86e8a054397dacf73c1b88471b4f63 |
| SHA256 | f7aab70f3d2ba06e08401030d53347cf8e50c5de9222c8410399d8e5cdf706cf |
| CRC32 | 8FCC74F7 |
| ssdeep | 384:8gz60LitAZFirNyb8E9VF6IYinAM+of7dFeVU6wIYiB7dFMIAM+o/8E9VF0NyMHN:8gOYirnEpYinAMxfxFqZYiBxFrAMxkEA |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | fcc6715e9b73cb3c_f[2].txt |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTDTA402\f[2].txt |
| Size | 108.0B |
| Type | ASCII text, with no line terminators |
| MD5 | 903c1253fbdaee06e78ae86ccf8a2d6a |
| SHA1 | eaf174bdb30d48f358d71c3e9f510bbcf096d14e |
| SHA256 | fcc6715e9b73cb3c1c1b8042fb590efc76697e6187fcada5c5315180252f98d8 |
| CRC32 | 6FA00502 |
| ssdeep | 3:oVewGL34zzxHJzdeJjC0MIdZ+HvpHlxfYf:ogwcozzAjeqZ+nxwf |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 6b331d9fce2c3085_tightvnc_com[1].htm |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\tightvnc_com[1].htm |
| Size | 13.6KB |
| Type | HTML document, ASCII text, with very long lines |
| MD5 | 3c3685aa33fb35561fc358fdb312b0e1 |
| SHA1 | 205e3f86c7f763f100f01c0870c99267e82fe708 |
| SHA256 | 6b331d9fce2c3085aace3ebc0088b54f885edc663404dcdf1231b9a57bc4a1d2 |
| CRC32 | 8D6B7ADB |
| ssdeep | 192:/iYJgaoKIGBIPvUB5iQUGodPIrJE3pwW3XTvqBrQ6uPaDdPohQ05:uKIeBkaQIrJ2pwW3jvqB86uPGVoS05 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | f9fd1f1ee3012aab_ffmpeg.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\ffmpeg.dll |
| Size | 2.7MB |
| Processes | 3036 (None) |
| Type | PE32+ executable (DLL) (console) x86-64, for MS Windows |
| MD5 | 128c579c71be3944682205aa25187f5a |
| SHA1 | 1184ec602d358e88aedf6c025179749032b9c339 |
| SHA256 | f9fd1f1ee3012aabf6b27a897b3bf8a8959be647a5d99b46619c285d15abdad4 |
| CRC32 | 34C491EF |
| ssdeep | 49152:Ueyh3pgdFz4JsjJlusen1z8At7Eyb9f0WgARJ21yTZQViU5UkJQ6Vht3ktjC:nywOseZtt7/LJkyTZQViU5UkJxtQW |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | bf69b2cf1c1558fc_question[1].js |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\question[1].js |
| Size | 35.3KB |
| Type | UTF-8 Unicode text, with very long lines, with no line terminators |
| MD5 | dc0bca74e59d74ae1c77fd9139dd13c9 |
| SHA1 | 376155efbc880f1479d3891274aac4454e250db8 |
| SHA256 | bf69b2cf1c1558fcee7848c6b35383bdbadc52b53c8951a9b2de8acf0acdd582 |
| CRC32 | 30735EA4 |
| ssdeep | 768:ov62wSH2qSb8CJmQvpwPvgsKyVzgtXexm67cj/57tAGau/gaZNmmph:xttpSPvgUgtuIj/htAh6gO8mph |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | a5dc7418de7de555_question[1].js |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\question[1].js |
| Size | 33.0KB |
| Type | UTF-8 Unicode text, with very long lines, with no line terminators |
| MD5 | 338a7b37629755dbd47de0ef27df9ed2 |
| SHA1 | 530bd0240df151f637a886939f62227d5d2e618a |
| SHA256 | a5dc7418de7de55513d589f40d694cb900e61343ae51fe188f9d56b262dd1526 |
| CRC32 | 1ED5A2F0 |
| ssdeep | 768:KviO/OMoDcSCYSYtZyICXyYyXYLQcmFek5mmaTJVyNq:W2MoDrmEmfyILVmnmmUSNq |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 8fbd59ee64af8a70_fortect-side.bmp |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\plugins\fortect-side.bmp |
| Size | 152.6KB |
| Processes | 3036 (None) |
| Type | PC bitmap, Windows 3.x format, 165 x 315 x 24 |
| MD5 | 3b4ee5451899c2b00555c573a389aeb8 |
| SHA1 | 38a2a819a2b3b36e40fd2895a625f672141fa7d2 |
| SHA256 | 8fbd59ee64af8a702f7a57657ab1766030885e28090e63e966e31b0358ae11f3 |
| CRC32 | 8E2C268F |
| ssdeep | 1536:pUIlKQVyHnY1uydqm2H24Wz2IWc2mmfGQ0xdye+8W:pUIlKQVdye+8W |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 43bf3271e14b9523_rcaptUi[1].js |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BYECVYBT\rcaptUi[1].js |
| Size | 1.1KB |
| Type | UTF-8 Unicode text, with very long lines |
| MD5 | 9d37a84302d5b46d266d4a6705a0178d |
| SHA1 | c5d768dab7e40075d006bd7c0a10a3cd2fa59b71 |
| SHA256 | 43bf3271e14b9523ff503677d9b2e7a48f1df85f140bd3b5dcf660b12cdfda45 |
| CRC32 | CABA47FD |
| ssdeep | 24:GslZIFVykEFtDrJaFHOL0Qs8L4LfdLzaJfmuU5Vw2:/7IFMdDr2b9/aFfG |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | de03d755b7db3c9d_nb.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\nb.pak |
| Size | 325.9KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | 025b1e129cabd2ec1f7cd9b19c97c96f |
| SHA1 | 5ab2ad877a1aff52d450a9145ae197fab7b6d2de |
| SHA256 | de03d755b7db3c9d20708c1acbf0efe73b2531f92cf5f0741900e0ac15707bd2 |
| CRC32 | 8F211BC3 |
| ssdeep | 6144:7FR7CaHPu9AsrshC1HBfqOp7fTjDgDmyN7ZFmi5PA4PKXJ/R:bVXsrP1HBfqOp7fTjCZYi5PA4sJ/R |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | d4282ae977f23afe_chrome_200_percent.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\chrome_200_percent.pak |
| Size | 175.1KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | 3bab45c70f22646cf8452c30903810cb |
| SHA1 | 40b31d4c79b5a2b8d12f8cf8b6c49c962c31f766 |
| SHA256 | d4282ae977f23afe252e19e421c8d09696ea3b83a1e73a6aaebaaa5547c74cbc |
| CRC32 | 28B7A826 |
| ssdeep | 3072:9sDQYaEQN6AJP1N3/nXCWZQCPxBVrfR54x5GMR+F44ffbdZnYw9p4AbIVGYoDd+9:SDQYaNN681NPyCt9gx5GMRejnbdZnVEd |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | e9041dbf190948b7_rcapt[1].js |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTDTA402\rcapt[1].js |
| Size | 7.4KB |
| Type | UTF-8 Unicode text |
| MD5 | 5b0f98ba8c60a817ea34b893265dfb60 |
| SHA1 | 71498fe4e17a3aa2525d28bd2e022c6fd43599e8 |
| SHA256 | e9041dbf190948b792cc590eca87de20ec529cc76adcce2e4c0c60eb1d93025b |
| CRC32 | 68D9FE62 |
| ssdeep | 192:HvvW3GSRYVzFBp6YJ/IXddnaiV6M5qszsSiaLs/MYgOj2vx2CnILf:HvvW3GSRYVvp6Eedd16uqGsw5k2JjILf |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 5154e165bd6c2cc0_LICENSE |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\LICENSE |
| Size | 1.1KB |
| Processes | 3036 (None) |
| Type | ASCII text |
| MD5 | 4d42118d35941e0f664dddbd83f633c5 |
| SHA1 | 2b21ec5f20fe961d15f2b58efb1368e66d202e5c |
| SHA256 | 5154e165bd6c2cc0cfbcd8916498c7abab0497923bafcd5cb07673fe8480087d |
| CRC32 | 3958EFAA |
| ssdeep | 24:36DiJHxRHuyPP3GtIHw1Gg9QH+sUW8Ok4F+d1o36qjFD:36DiJzfPvGt7ICQH+sfIte36AFD |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 3577418e47a872de_d3dcompiler_47.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\d3dcompiler_47.dll |
| Size | 4.7MB |
| Processes | 3036 (None) |
| Type | PE32+ executable (DLL) (console) x86-64, for MS Windows |
| MD5 | c2c4f3ed81a601c2d93af1997a1038a7 |
| SHA1 | ea1d51e4878aa459453ac6ba018cfb5de95dad7b |
| SHA256 | 3577418e47a872de5f20fc0eccb3f5071a5c7fd9e4b5aac789fdb0da35c31f9b |
| CRC32 | 14A32199 |
| ssdeep | 49152:yuhjwXkKcimPVqB4faGCMhGNYYpQVTxx6k/ftO4w6FXKpOD21pLeXvZCoFwI8ccA:2y904wYbZCoOI85oyI3 |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | bd9df047d51943ac_192_168_3_119[1].htm |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\192_168_3_119[1].htm |
| Size | 178.0B |
| Type | HTML document, ASCII text, with CRLF line terminators |
| MD5 | cd2e0e43980a00fb6a2742d3afd803b8 |
| SHA1 | 81ffbd1712afe8cdf138b570c0fc9934742c33c1 |
| SHA256 | bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d |
| CRC32 | 0296DA05 |
| ssdeep | 3:qVoB3tUROGclXqyvXboAc9FKEIHiHby4AqWSZUXqXlIVLLP61IwcWWGu:q43tISl6kXiWHiHuwWSU6XlI5LP8IpfB |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | d0fcb6cbbb38b817_X26fpDNRJHzURx1EnXEFtnlRYbykjtW6zSo-piL8caf_NulMgXmUrPTjz8RvBL4d3PlGX_9Ppv_caPw9TKx3a2ayhL2uOwy5twjPKER_6EU[1].htm |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\X26fpDNRJHzURx1EnXEFtnlRYbykjtW6zSo-piL8caf_NulMgXmUrPTjz8RvBL4d3PlGX_9Ppv_caPw9TKx3a2ayhL2uOwy5twjPKER_6EU[1].htm |
| Size | 1.0KB |
| Type | ASCII text |
| MD5 | b8d2d3255ea26fd22e9157014eec0aca |
| SHA1 | ad8e076f3ec68ea1984390be7c93661276f2d1b0 |
| SHA256 | d0fcb6cbbb38b817b1d3baf4bd1fb5b1c5a3485ec8ced90e4d12be43a86176f3 |
| CRC32 | 95994647 |
| ssdeep | 24:gKxplEbAHzZEOK1bXDaEKzkOJ7F0zVTefXor+wMwenZfur+wfC:4nOKJXDa9zPJ7F2ZefYrEZfurq |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | ba4fbd4dfa73c2b8_snapshot_blob.bin |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\snapshot_blob.bin |
| Size | 401.5KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | d33245f0f9153b148fe7c71a3e7e3d59 |
| SHA1 | fc788c096d857c311a255e1323b54256dd33d278 |
| SHA256 | ba4fbd4dfa73c2b899793b13012b874693acd6c669f4371edc60a7d3da54a4d2 |
| CRC32 | 6A0E2888 |
| ssdeep | 1536:HOpj1SBU8plJHDDrnD1CZdRFYWADUoG7rd4QuykRpH4C/TgXQehdS8bcezjr4rRW:WBt3+60EJeOyIxW1OJE66Wz/+KPT |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 1911ff37363577ca_ms.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\ms.pak |
| Size | 332.6KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | af3f629ee9a1f6ef28a087bfc4735d42 |
| SHA1 | e49d9703937c15b31ca1f2cf3360e8bf4657cc90 |
| SHA256 | 1911ff37363577ca73cebb803b8d076b77b7d8b7c81b7edffc28982514d7f46f |
| CRC32 | 265F43F8 |
| ssdeep | 6144:DDfaCzzSop+kxC2Ziiy1GlpwbS/cOu5sCEcAMMuAx:DDyCzzjxC5IlpkkcL5jTMR |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | dfa03fa63b4b7338_sv.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\sv.pak |
| Size | 328.2KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | e7d2d089133c561c69a5aee13b61b11d |
| SHA1 | f374efe484ceaa718f930f8cc5aac3cc845ce012 |
| SHA256 | dfa03fa63b4b733829bf107c6944ac0e7a66d1d3db732e90504b1afc80565fff |
| CRC32 | 6AE9F80B |
| ssdeep | 6144:F4ulR7kxJSYD+Bzx+UA3PLXzo6SOgDE/xUDSAz5w55cgby:1lR4eTB8s5y5C |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 222c459899f24e19_search[1].htm |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BYECVYBT\search[1].htm |
| Size | 21.2KB |
| Type | HTML document, UTF-8 Unicode text, with very long lines, with no line terminators |
| MD5 | 2fa4d24afdf852bf9b9555a0d5798f96 |
| SHA1 | e0b9fac134316688e3666b1df5e7a47409dc224e |
| SHA256 | 222c459899f24e19761ecfb59a7345d1c6b70973801cc168cf8a161ccedf266f |
| CRC32 | 6D9DDDB3 |
| ssdeep | 384:7b9grCbK9TCzKCzZCzVCzCqCaZUHCaCulCNC1KVS4CHCrCOMCT959LCz/ClCkC4I:1gcK9sbWaTMKVBruBOru |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 705d55ee035b3a87_libEGL.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\libEGL.dll |
| Size | 478.5KB |
| Processes | 3036 (None) |
| Type | PE32+ executable (DLL) (console) x86-64, for MS Windows |
| MD5 | c925cdf1db4b2e30d0a240a3331761b5 |
| SHA1 | 39e3d5f122d2806b7bb0cbcd0e9de2742736e4e8 |
| SHA256 | 705d55ee035b3a877f718ca96512656e92246e93abc71f7dfaa0da8408361536 |
| CRC32 | 13812740 |
| ssdeep | 6144:NCm0Qm7we62b/jvtGs1+xBAS48mozraKNRqNcWePy/Dq1aVAHa:Nejwefb/jvtGs10BAS4ifqgy/Dq1a2 |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | d764d750201a3989_uninst.exe |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\uninst.exe |
| Size | 457.8KB |
| Processes | 3036 (None) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive |
| MD5 | ddae4c6f0cddc9a7253da40c3b8e33e6 |
| SHA1 | a68cd304e455f31ac83f1f85154b0c81909ac9b5 |
| SHA256 | d764d750201a3989920182e1d201296c7883b6c5f5ab711486e079103a3c755e |
| CRC32 | B1169AF8 |
| ssdeep | 6144:CYa6O2WpACfr6I8PfdbpiaDhyT6/DjHo:CYQbr1wffpyT6 |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | a736b9250768055f_id.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\id.pak |
| Size | 317.9KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | 4f666efba48ce60db2b307dd9312dc34 |
| SHA1 | 5656d28b78b31a42b11b008a3d380df392ddb5f4 |
| SHA256 | a736b9250768055f7f9ac593b1475b80ad0e0affb7134b2ca063debc2bbcf383 |
| CRC32 | 286B7141 |
| ssdeep | 6144:RuOwy75L62fZFD/A8HbfjQVnjHFctmPYkulD51yhtvt3SRsEaK:PhgGD7HQVnjHF8mwkMD51yhS |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | c316e97eca4ce771_MainService.exe |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\MainService.exe |
| Size | 6.4MB |
| Processes | 3036 (None) |
| Type | PE32+ executable (GUI) x86-64, for MS Windows |
| MD5 | cc3aceffb09f0a493b4aebad1f4385b3 |
| SHA1 | 5a7e26bcf070e9e7f46de3bb9b9ad3e4f674d0f4 |
| SHA256 | c316e97eca4ce77120bdcf167b043e1acbc65711287d62a49231a9605db57aba |
| CRC32 | 7A1FD78E |
| ssdeep | 98304:SuzXRTaTr2CG3Yc3U519knwN1Rq0YSdlt5:SuzXpaTr2CqYrcnwNPiSdV |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | ce792f732721a78e_targetAndPanels[1].htm |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BYECVYBT\targetAndPanels[1].htm |
| Size | 6.2KB |
| Type | UTF-8 Unicode text, with very long lines, with no line terminators |
| MD5 | 359369dcbbab0a781529b086e8835e5a |
| SHA1 | b997148ebb0b6b8522af7c58e6a4edd20f1f0f73 |
| SHA256 | ce792f732721a78e0e89625d9b07025cf9fb670e00ea3dc5733018416efdbbfb |
| CRC32 | 20966025 |
| ssdeep | 48:YwzVDMnc6fcH/uOkxzeGB4DMnc6KEJeomCczmCcIWd/hY/99pRm03Wvx7BV7XEId:BnpJcs19E5huxa1EzVeNiTSP9IYey |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | e211fed5abd72cfb_da.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\da.pak |
| Size | 335.4KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | 7222ed24c57c7f033681f6b563205e3f |
| SHA1 | 548f2467011ef0010db230a012fd4ec4d8df9275 |
| SHA256 | e211fed5abd72cfb641333414b4b2ae5f32bc59151d863e9cbe038a5d8390952 |
| CRC32 | 8903D1EB |
| ssdeep | 6144:W29uLTgs55zRiY2QYUwldcYJwRS9kg+gt5cYrrXzO+isFTWww:W29Agw5lh+h9V5FrPTo |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | ba328210b9fe5861_fortect.lnk |
|---|---|
| Filepath | C:\Users\Public\Desktop\Fortect.lnk |
| Size | 832.0B |
| Processes | 3036 (None) |
| Type | MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Archive, ctime=Tue Jul 2 15:28:11 2024, mtime=Tue Jul 2 15:28:11 2024, atime=Mon Sep 26 19:38:04 2022, length=752488, window=hide |
| MD5 | 092821d22808e4bcc26ffddfe95b3b36 |
| SHA1 | 60db4e12a39eff6e1a675a745146bda6a62f6c00 |
| SHA256 | ba328210b9fe5861fc684f07ae7095b689bc5fc427dc5208e635b84b9893da66 |
| CRC32 | 42A8039D |
| ssdeep | 12:8hPjcc+0ENvNydpF46X9lXcKcSARYjAXbdp61cX1cSAF0bdp61c2EgvMM:8hrcBAdx9ZAR8ArdhAFgdiEm |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | f254a8d5f35978d2_keys_js5[3].htm |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\keys_js5[3].htm |
| Size | 1.0KB |
| Type | ASCII text |
| MD5 | 3817e012d3a11ee70fb3ba022b3f05b4 |
| SHA1 | 7f8219fc154509080ec459134893c56268881629 |
| SHA256 | f254a8d5f35978d26c65f54641c9a0fbedf230f57713a9bdd7f1c062f7fe54ab |
| CRC32 | 28C2B345 |
| ssdeep | 24:avgE2xVRy3x/dxKXjbXDaEKzkOJ7F0zVTefXor+wMwenZfur+wfC:aSeBdxK/XDa9zPJ7F2ZefYrEZfurq |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 2abd102b73eb3c34_libGLESv2.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\libGLESv2.dll |
| Size | 7.1MB |
| Processes | 3036 (None) |
| Type | PE32+ executable (DLL) (console) x86-64, for MS Windows |
| MD5 | 802addf4d6251bf3eb0fc439f4615439 |
| SHA1 | d424950fb5e01575ce35a0b339877f1d3d5a7167 |
| SHA256 | 2abd102b73eb3c34170f91edb1492cf9e21cbbe5067c7f644a0f4acdf8167ffb |
| CRC32 | DB432D79 |
| ssdeep | 49152:ICVJ1Jx2WG4vs+ECmI6LRRrpQ2NUYzi6fPXqINTCrTKkd9L119I0GZvDuKVofuag:zlKzI28wx6lF0KbxLZvA+Ju4nw1z |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 68cec96a771fdebd_keys_js5[1].htm |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\keys_js5[1].htm |
| Size | 1.0KB |
| Type | ASCII text |
| MD5 | 79636a24650f52629d63a2fce7006d3e |
| SHA1 | 4a95c44fa3471f3282025ef7e6914ace123d69d6 |
| SHA256 | 68cec96a771fdebd225067a72f13515f5103a558c72ccc5980b844ba474d9a3f |
| CRC32 | 4E81438E |
| ssdeep | 24:0mGpRmgoJX6RPDaebXDaEKzkOJ7F0zVTefXor+wMwenZfur+wfC:g0goJX6R+YXDa9zPJ7F2ZefYrEZfurq |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 28dcc1c37459d9f7_ca.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\ca.pak |
| Size | 363.3KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | 9d2bec9781804347bbfc98b0168e5fee |
| SHA1 | bce9eabaf5f94dc0c3fa8498a1611f22a2976280 |
| SHA256 | 28dcc1c37459d9f7e450dbc94cde73eea2ec100f9e2d5729d9a34ae514e40f4d |
| CRC32 | 9B195E0C |
| ssdeep | 6144:lPPHKAzgmzSIs3cz0EYPC4M3nAp9OHQlWmwAGwXUMvdLbUuQRBtryBdcaQIle3nO:NKAz7zSIs3cz0EYPC4M3nAp9OHQlWmw4 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 5a9848ae6977a382_cron_MainService.json |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programdata\conf\cron_MainService.json |
| Size | 1.5KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | 2441e6d860b04efbcb18ad3355977ec3 |
| SHA1 | 7b90b602ff7884425ff5d6bb44478b8db6940e3a |
| SHA256 | 5a9848ae6977a3827efdb31a6440fc574624e414968d605d3b469e706c36c5ba |
| CRC32 | 19FE1180 |
| ssdeep | 24:Jglf2iSwBPf4NFYArh36kBmsdCpQ3DX16Me82tAX/+ZmDph7ZGWTTRoiuJ9lObFL:J9iSwxQYMBBmrpi71XXqYDL7UWRoi0l0 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | eaffdb916700bec8_zh-TW.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\zh-TW.pak |
| Size | 298.8KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | c9e20aae96b264476191f1b14b446905 |
| SHA1 | 56dcf2f68e82b6989d1772187481140dd21a35d6 |
| SHA256 | eaffdb916700bec8e840cbaf5de8f4032c519cdd6c089bb95ffd13639e7cd3bf |
| CRC32 | DE587D2B |
| ssdeep | 6144:/ZEE1mqU7QT2oIwkuhnf4uI5wuzuZ99/9yXTR:/ZmqUGIwLf4uI5wuzwn/m |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 4cf9c52c112a1b4c_th.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\th.pak |
| Size | 690.1KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | e7aa2ab72ff12d546f3794beecc235ae |
| SHA1 | 018060aa8412988559c59d155435c5fc1eeae34e |
| SHA256 | 4cf9c52c112a1b4cd3563869518530662eaccc93c0f118ac15eb4571fd369d96 |
| CRC32 | 30F2CF49 |
| ssdeep | 12288:O0F3QMVqsUs5UCWtLRflfj8OS6DoSyeuLA9u7Kle9dCn9j9Fc09XAyFH4u4dYPfc:w55n5U |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 6a4c633821854c50_conf.json |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programdata\conf\conf.json |
| Size | 347.5KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | 4e458b21d78b1387c62fa6c1f7fd3e50 |
| SHA1 | af14a897a94928ff59aa84734fe35c7fecf438c1 |
| SHA256 | 6a4c633821854c505561ff406dc16aea6320114695188fb522b9a651a7e9849c |
| CRC32 | B3EDFBEF |
| ssdeep | 6144:jc2fYlMVFbekvQKwf+IA7UGi4/jqRXqsgivzXb6tW/sOFLj9LWU13NZJ4:jcRmRvPwfU7UGi4/jQXq8XGOH9LFNN34 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 1b132ee1f2cf0cfc_AvProxy.exe |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\AvProxy.exe |
| Size | 4.5MB |
| Processes | 3036 (None) |
| Type | PE32+ executable (GUI) x86-64, for MS Windows |
| MD5 | ce5d7363be72c83c54cee657d1423718 |
| SHA1 | 3d51e9f57e41b9c79a131951b018027cb58fab4a |
| SHA256 | 1b132ee1f2cf0cfc7f0de5cc31748a2bbd93a2b06406ed29638468364a4e65d0 |
| CRC32 | F3C9D42A |
| ssdeep | 49152:Ch8PhYn94Q9pQ5ECx9T+2Agwb8cgwfxCNa3jdXkjpor2TEpeSQ/6TNsVNMPPoQg2:Ch8rl1zA9JgvaKor2TEpJQ5QfRYSdus |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | d944ff222626d50e_keys_js5[2].htm |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\keys_js5[2].htm |
| Size | 1.0KB |
| Type | ASCII text |
| MD5 | 4883b75693300002c961b6da525a0ffb |
| SHA1 | 3e2e7b81671f7d8e233b3c8c2dc0b2965936a8c3 |
| SHA256 | d944ff222626d50eab3d10fcfb1e82bf9b768986b6655318236704b327df1aa8 |
| CRC32 | D4B7FCCD |
| ssdeep | 24:mwmOEtw0SrX154VWhAOw/1JbXDaEKzkOJ7F0zVTefXor+wMwenZfur+wfC:m76/D1/Z01XDa9zPJ7F2ZefYrEZfurq |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | af8fba705d1b8836_FortectMain.exe |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\FortectMain.exe |
| Size | 128.0MB |
| Processes | 3036 (None) |
| Type | PE32+ executable (GUI) x86-64, for MS Windows |
| MD5 | c292af855b1732c3f4bd977a3863e93c |
| SHA1 | e71a0820785b4e6915e2cce85d6a58eae9c9eb91 |
| SHA256 | 4c44ea867e5b50bf8ab724624f142b67309fb726e45f8bea092b775eae0602e0 |
| CRC32 | 473B552E |
| ssdeep | 3145728:7qn2BxsBUCLWHqtjVBDYwpAAdZulo1+RUcvE:Wn2BxsBUCLWHqtjVBDYwpAAdZulo1tR |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 3cf734901fc773f4_version |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\version |
| Size | 7.0B |
| Processes | 3036 (None) |
| Type | ASCII text, with no line terminators |
| MD5 | 2e2f6f6a3d2c0a11e9207cc353e3be0b |
| SHA1 | 1b1858d87c1e15eee1b8e2f634ec64dcda22d160 |
| SHA256 | 3cf734901fc773f4b3ad1890fd69c681972628fe5ba4d473970b7bb7c808ded0 |
| CRC32 | 06DC975A |
| ssdeep | 3:xWS:QS |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 318c7f237ae6a393_rcapt[2].js |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\rcapt[2].js |
| Size | 7.4KB |
| Type | UTF-8 Unicode text |
| MD5 | 7c7e832c7e96b275886ab7426d3a6f66 |
| SHA1 | 9e35dd2cf3b40e2198554298de6f8d2e7f7cfb85 |
| SHA256 | 318c7f237ae6a3935ae88ceb680ab5c836612ccc9645a9b95add555b5242ad01 |
| CRC32 | DC807B88 |
| ssdeep | 192:HvvW3GSRYVzFBp6YJ/rZ1ddnaiV6M5qszsSiaLs/MYgOj2vxbCcO8LG:HvvW3GSRYVvp6Erdd16uqGsw5k2JuoLG |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 83cc697e973f7541_rcapt[4].js |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\rcapt[4].js |
| Size | 7.4KB |
| Type | UTF-8 Unicode text |
| MD5 | ed9eedb6f8e407e6a5b1fd936f41b790 |
| SHA1 | 35ebea2e562d0b2e8e6ddab5a2e02adee1a84f0d |
| SHA256 | 83cc697e973f7541009108673326a48d694714a9b1583cf3518d291611877031 |
| CRC32 | 0D4220E2 |
| ssdeep | 192:HvvW3GSRYVzFBp6YJ/4q+ddnaiV6M5qszsSiaLs/MYgOj2vxdwCaIkLcmKs:HvvW3GSRYVvp6ED+dd16uqGsw5k2JdZG |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 1717afb2f6958e37_v8_context_snapshot.bin |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\v8_context_snapshot.bin |
| Size | 716.6KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | 7ea15faff14c6631ef7ef7899ec8235d |
| SHA1 | b398fb7e8e3afa7886c483b054be4358aba5b800 |
| SHA256 | 1717afb2f6958e37a34ab35b5b796ff2d9fa7d0d4828a405221ac3260b722973 |
| CRC32 | 975078AE |
| ssdeep | 6144:G3H4NhudRgXWwaNhuD8AiMSZbG5J5TR29LxgXdej8Zvx/YUN03LF8ImGjx5liLAD:9huIMhuA1TONhZvx/Y57K+15MLA7P |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 0a4fb54012e3a0e4_vulkan-1.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\vulkan-1.dll |
| Size | 870.0KB |
| Processes | 3036 (None) |
| Type | PE32+ executable (DLL) (console) x86-64, for MS Windows |
| MD5 | 6c4678ffe55be421eac2b78937c6cfa1 |
| SHA1 | d02f9a2e7a64baa354959e63397a970e28f09ca5 |
| SHA256 | 0a4fb54012e3a0e4368274abad33c666d279dffb98129c4030b4a3730601ffe5 |
| CRC32 | 0A488851 |
| ssdeep | 12288:cuVhWbJ81GuHFcwx4rbJOvT8imTeZExRHbwz8g4oHV/Rna:cuubJehHFc+QWGeZUGzoCRn |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 092e76cce54b5299_sw.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\sw.pak |
| Size | 344.3KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | 0d31c0d250d567f354ee3dcc1386c67e |
| SHA1 | e2588932dcb2ea27927eeb22e4ac30dc59193228 |
| SHA256 | 092e76cce54b52990702440c5a4c6a25b2a9222da43f72b4e6052a037c128235 |
| CRC32 | 3C6803BD |
| ssdeep | 6144:B+Z0nRlq2LNoYpkonCKh/v5JGoKCip75PSUDmSfM2+m+nHnHw20/:B+ZoG2Lue5F1e75KjSE2n |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 34ad9bb80fe8bf28_7z.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\7z.dll |
| Size | 1.6MB |
| Processes | 3036 (None) |
| Type | PE32+ executable (DLL) (GUI) x86-64, for MS Windows |
| MD5 | 72491c7b87a7c2dd350b727444f13bb4 |
| SHA1 | 1e9338d56db7ded386878eab7bb44b8934ab1bc7 |
| SHA256 | 34ad9bb80fe8bf28171e671228eb5b64a55caa388c31cb8c0df77c0136735891 |
| CRC32 | D5226149 |
| ssdeep | 24576:S+clx4tCQJSVAFja8i/RwQQmzgO67V3bYgR+zypEqxr2VSlLP:jclmJSVARa86xzW3xRoyqqxrT |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 4c69177aae9d0403_rcapt[2].js |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTDTA402\rcapt[2].js |
| Size | 7.4KB |
| Type | UTF-8 Unicode text |
| MD5 | 2053063138ba2d06399c7b312e2e157e |
| SHA1 | e5f5aa946d8dd710860cbfcdcfd042b05f20a0fc |
| SHA256 | 4c69177aae9d0403c9deee9bf97a08ff323f2b99dd29746e9ee238e3079f2af8 |
| CRC32 | DD1CCA75 |
| ssdeep | 192:HvvW3GSRYVzFBp6YJ/FUddnaiV6M5qszsSiaLs/MYgOj2vxnCEQLu:HvvW3GSRYVvp6EKdd16uqGsw5k2JCNLu |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | d0933292c751f162_ipsec[3].htm |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\ipsec[3].htm |
| Size | 18.0B |
| Type | ASCII text |
| MD5 | 789a24f4dd4876faa12bfaf925570e74 |
| SHA1 | d7e9c86b8b59a52bbf5350aa7796d7d56af8e3b5 |
| SHA256 | d0933292c751f1624771bfdc13416bd7be352099b5698d7e09ade6d22270bc46 |
| CRC32 | 35ED197A |
| ssdeep | 3:9uuMxevn:9uxYv |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 40e076abdaa577bd_google_com[1].htm |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BYECVYBT\google_com[1].htm |
| Size | 145.1KB |
| Type | HTML document, UTF-8 Unicode text, with very long lines |
| MD5 | e1dcb68b290ebe393ddd934e5c8a4357 |
| SHA1 | 6a7e94c76b8044e1bf96ae4301ec486c00501616 |
| SHA256 | 40e076abdaa577bdf786e21e56a6f9db18892b2dc9873e665e7990f3747b7777 |
| CRC32 | 38C5D740 |
| ssdeep | 1536:KiB6Wh1NFlTOWX7nCCvf2VecxGzF0NGDhW/tdaPP2rf3/WxZUldVILarXbdnZnLl:KibFlTKH9J+P+L3/Wx0kUxntJT |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 06b0f2c100a9cf11_cron_mainservice.json |
|---|---|
| Filepath | C:\ProgramData\Fortect\conf\cron_MainService.json |
| Size | 1.1KB |
| Processes | 1236 (explorer.exe) |
| Type | data |
| MD5 | 3e612f5fd61a6f0dd50e639ca14440bd |
| SHA1 | 025bfad9a06389a1893b17182db5adc9136965a3 |
| SHA256 | 06b0f2c100a9cf112074f9d6d6c947eba236a4d7bd776a189ddadba2d6bd3293 |
| CRC32 | B0A2F807 |
| ssdeep | 24:cTxp+/RdGSYYvgc5eQnH5yIwn14NpdMIDT7nT:cTT+/yUvgc5eQH5vUyNfzT |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | e49afdc4cc23e0fe_keys_js5[1].htm |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTDTA402\keys_js5[1].htm |
| Size | 1.0KB |
| Type | ASCII text |
| MD5 | 90a93490455ef62f1e14723de78a45fd |
| SHA1 | 5b4b3b791d7421be1d53004712ed1ee498e546e5 |
| SHA256 | e49afdc4cc23e0fed6014cb2141087390a3c85927e68fbbe9a08c994064a881f |
| CRC32 | 87C7C41F |
| ssdeep | 24:Ap8sL1a36zE54UpbXDaEKzkOJ7F0zVTefXor+wMwenZfur+wfC:oL12x4IXDa9zPJ7F2ZefYrEZfurq |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 1a3d7a3b8f5873b7_FortectSetup64.7z |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\FortectSetup64.7z |
| Size | 81.3MB |
| Processes | 3036 (None) |
| Type | 7-zip archive data, version 0.4 |
| MD5 | 45176ad47dc27a6485369af9474b398a |
| SHA1 | 9150660cb1e5529c20c9d6bd24a041ce1fdf8fbd |
| SHA256 | 1a3d7a3b8f5873b72f12613811ab941328a11cc3ebb2f7f9fd83a584b1a4cde1 |
| CRC32 | 8C939B1E |
| ssdeep | 1572864:ouzoYfGdQLTtMJMg7YLozLwhAzdhkQi97ZWfTYcADERZUkzbtCLFPngZU/U4s:ouv0QL++voohAkvVZk2DERZjpCp4Zl |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 954349bce3884b5f_mainservice.install.engine.log |
|---|---|
| Filepath | C:\ProgramData\Fortect\logs\MainService.install.engine.log |
| Size | 435.0B |
| Processes | 2740 (MainService.exe) |
| Type | ASCII text, with CRLF line terminators |
| MD5 | 239db1cbad69d7a5698cdf4d865f9ba2 |
| SHA1 | 740cc2d02519a1c9eba02c311676d80441af51ca |
| SHA256 | 954349bce3884b5f3383aaad8d3b9b99289fd6e6aed56fa3c703c4f369464dcf |
| CRC32 | DF3D7833 |
| ssdeep | 12:j2Y+pUuz2VncZFTxqP2ZsOnzIwYf629iF+nL6d:jw+ucxPQn8wa9FL6d |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 003d30e7d128c677_errorPageStrings[1] |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\errorPageStrings[1] |
| Size | 2.5KB |
| Type | UTF-8 Unicode (with BOM) text, with CRLF line terminators |
| MD5 | 07d7197d980e82c3ce6b22c0342711ae |
| SHA1 | e3e675f4507d3d2f4f56f06c76abdc40d09dd1a2 |
| SHA256 | 003d30e7d128c6771b36ab2b0f02d36670e42488d86ba7db00ad862528266060 |
| CRC32 | 3485002F |
| ssdeep | 48:zTW8quJiyUlyHWKShUpeHRitRflRynLRX4Y1WW90W2olr8tcUV/9z8/pWMI9EMIN:zTW8qIiyUcAhUpIRSRflRynLRX4LMlrT |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | b4793c835f335bad_nl.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\nl.pak |
| Size | 336.8KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | a37aee62d1c38d01c640278510eafbc8 |
| SHA1 | 59d7822dd1c6db9e89c311180156624adeb0bdbb |
| SHA256 | b4793c835f335bad7e718eb9df8c190984443c66d7458568bca11f7bad8ab4fa |
| CRC32 | E49D7B4A |
| ssdeep | 6144:N5sLGg+MDh9tgho5Yq+VHKhfD+qn5u5gxudLbCPW:N5szTtTgho5Yq+oXQ5gxud/CPW |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | c58d78294421f3d2_question[1].js |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BYECVYBT\question[1].js |
| Size | 24.8KB |
| Type | UTF-8 Unicode text, with very long lines, with no line terminators |
| MD5 | ec7c92fa53e7f874fb65319f90138338 |
| SHA1 | cd209df8a95cfb9497ce0560626b318cfb0bd31c |
| SHA256 | c58d78294421f3d293ef891572a2b530a976414a6d1b4a3e5e879ba19997a931 |
| CRC32 | 5DDF94E5 |
| ssdeep | 384:un4uEiqY6AghNjYQRQCaiHIECxVh7wFrXEl46v09yJXqPfmpT1nT2W4fqejgwUze:agx7AdGkVKF4704JKG1iqugwUifKn4 |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | d6149efb37aed743_LogEx.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\plugins\LogEx.dll |
| Size | 64.5KB |
| Processes | 3036 (None) |
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
| MD5 | ff2dd47b0478ce26e7feed13e280eaee |
| SHA1 | 3c90f23cc82cdcb3369aa8beb27cee0fc1a22de5 |
| SHA256 | d6149efb37aed74391ac89914a600e6761e105d0bd823cf144fad4e9fc323319 |
| CRC32 | C711048E |
| ssdeep | 768:4oaF+ATCQye/I3KWmxj00Jyb8Enov8EpYinAMxfxFcn4YiBxFJtQfAMxkEq:YF+ATCNmVjj8po97HxZ6n473dQ/xO |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | af9117a061fd307b_apc_random_id_generator.exe |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\apc_random_id_generator.exe |
| Size | 324.4KB |
| Processes | 3036 (None) |
| Type | PE32+ executable (console) x86-64, for MS Windows |
| MD5 | b2a1c864ba7dd95a81caedcf7ec68a71 |
| SHA1 | f429657d298508762138f9908ba30a0cb5c3741a |
| SHA256 | af9117a061fd307b92926cff4a433aa975d136bcccade5c50e12d25aa88e7c73 |
| CRC32 | AD181F6C |
| ssdeep | 6144:9x9NVg7mXA2OaOa8NaAxXwKiL8RZ3I+LY8HHXe/vyJ7CitzsQ8cN3s3:TxA2SNaAxXwXGI25HWaDPM |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | ab74b9994104a4de_rcapt[1].js |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BYECVYBT\rcapt[1].js |
| Size | 7.4KB |
| Type | UTF-8 Unicode text |
| MD5 | ecb5c47db99772bdadef5cadf6eb7f0d |
| SHA1 | fb8f4341d94c47c8e3cbc557db8b7af5fb0b0ba7 |
| SHA256 | ab74b9994104a4de045c6c20effd1b527d06fbf7dc435facf4aec15624044092 |
| CRC32 | 76BF5197 |
| ssdeep | 192:HvvW3GSRYVzFBp6YJ/ikddnaiV6M5qszsSiaLs/MYgOj2vx+CfRL3:HvvW3GSRYVvp6ELdd16uqGsw5k2J7pL3 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 469fdfcaca047a13_dnserror[1] |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\dnserror[1] |
| Size | 6.1KB |
| Type | HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators |
| MD5 | 8c98552955cbb31ebed64742bf23349a |
| SHA1 | e1d12cf6c84e4dca1c69421209e12237633f8e75 |
| SHA256 | 469fdfcaca047a13a75283d5fd4bb96b56a28666d9df02195fdc2a4b78250539 |
| CRC32 | 1A5BE0FF |
| ssdeep | 96:uATpCAEQIgGN2P8bWF2oxrjSaFXQsgUkn:ukp4QSN2aWFFjSGXQVUkn |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 511e56978d98104c_rcapt[1].js |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\rcapt[1].js |
| Size | 7.4KB |
| Type | UTF-8 Unicode text |
| MD5 | bc7cac9b71973b8ea71a022f3bf5276c |
| SHA1 | 5f006fd25133b209eacdc1dc096054a7c7ba1082 |
| SHA256 | 511e56978d98104c4af81a772ecca44075fc5a5dcadcaa09f1fbdf35c7237d9f |
| CRC32 | AE2ABA81 |
| ssdeep | 192:HvvW3GSRYVzFBp6YJ/OtbddnaiV6M5qszsSiaLs/MYgOj2vxnCQkvLi:HvvW3GSRYVvp6EWBdd16uqGsw5k2JCbu |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 000785d21663f281_ja.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\ja.pak |
| Size | 430.5KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | 7eef8683b1feee0132ee090015dcd205 |
| SHA1 | d4cb5b63f5ea615969591ea0b82813ce4346e5de |
| SHA256 | 000785d21663f281ca02386960539fb932e2e9c75f0d20d865ac57ebec6c0609 |
| CRC32 | DB2A6992 |
| ssdeep | 3072:SU+mCg92fGjVJX7P6r8/XpZ0w2hfANY5yPkwQImbK9NH79beCc5ltgEbFPMTAjXe:SeB8Gptp/XpZ0w2R5Smr5ZjxVm |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 3c20332ad0096007_he.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\he.pak |
| Size | 458.8KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | 4dbee5760858b45b8e68e46feb73a6e4 |
| SHA1 | 983e047b8d33d26fad2ecdbca5238e9c99cbd080 |
| SHA256 | 3c20332ad00960073d91ffc2852727e6f3350251c29ce48e885f45c676b68b31 |
| CRC32 | 42A9F202 |
| ssdeep | 12288:jgOCfv+rjB8CLB2QmGE7zB60dAXYjE5LgoHKMan5bEjDnwEMQgY:jxCHy5Uoz |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | a679e3e525ed996c_rcapt[3].js |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\rcapt[3].js |
| Size | 7.4KB |
| Type | UTF-8 Unicode text |
| MD5 | 2edeab68bc0634abeb85e2f44ccc4290 |
| SHA1 | f32e9a5bb3acf38cf27c10a10da02ea9f517efed |
| SHA256 | a679e3e525ed996c1ebd5aef2dfc4c1ff93c3dbeff17b6934cfbe7cc2d689802 |
| CRC32 | DC62D7B5 |
| ssdeep | 192:HvvW3GSRYVzFBp6YJ/jw1ddnaiV6M5qszsSiaLs/MYgOj2vxUC16PLp:HvvW3GSRYVvp6ELwdd16uqGsw5k2JlUN |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 67413b0b90b6646c_bg.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\bg.pak |
| Size | 596.8KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | 03bdb0153929f96ad9ac8bad7201de71 |
| SHA1 | 23703c372a11c133a954e974920480d7757eccb1 |
| SHA256 | 67413b0b90b6646c4a584ca786a35aec7b4926fd4007e75d9196c944b46df02f |
| CRC32 | C33B791A |
| ssdeep | 12288:WgRxfVlY9dAs1aKUDpgaVVwsP86vmFpZ3SKN3YCcbIynMxJfu64K2zruSZpkVqUD:Wg39lY9dAs1aKUFAs0ZZ3SKG/vMvu6p9 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | d0ba19f5e334e60f_invalidcert[3] |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BYECVYBT\invalidcert[3] |
| Size | 2.1KB |
| Type | UTF-8 Unicode (with BOM) text, with CRLF line terminators |
| MD5 | 66f441cef8801549c2f0ff12cbe752a5 |
| SHA1 | de506bfb63225b3cc084ae292d4bf98a21ae6250 |
| SHA256 | d0ba19f5e334e60fb5056bc2e05b97de09aee4db49e5e11abde482bab9c4e8fb |
| CRC32 | 13C10CC2 |
| ssdeep | 48:mPntofz4/i5DjktylVDJlObUBsBXcysTqysg2Bp5Bi8OwaBynLysTqys4Bwy/Ae:SE4a5HlVDJMbUB2XcylyNkpfi8OwgynN |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 9b4797f4a5adacbe_question[1].js |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTDTA402\question[1].js |
| Size | 35.5KB |
| Type | UTF-8 Unicode text, with very long lines, with no line terminators |
| MD5 | cfe25ccdc28777e6468c046d82e59f2c |
| SHA1 | c12d3dcf99bd566742c610efa538510dabac2b7f |
| SHA256 | 9b4797f4a5adacbe03f4922ae62e777627693a1c8203333b1bef3436b109464c |
| CRC32 | 5BEB869F |
| ssdeep | 768:8vFQm2tlGORoY1nvlhdXnbOtlBXnKvlV3YReQ2aXXgTQA0+:KFufRoWnfdXnbODBil6HlrAX |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 843bb7e3a52e3eeb_modern-header.bmp |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\plugins\modern-header.bmp |
| Size | 83.1KB |
| Processes | 3036 (None) |
| Type | PC bitmap, Windows 3.x format, 497 x 57 x 24 |
| MD5 | 1e608f54c109218745c0d7a06bcd5235 |
| SHA1 | 3b96c4db479eb53d75eabc04a07f428c48ad4af4 |
| SHA256 | 843bb7e3a52e3eeb58a0ef385f21d80383c8e5e65daf12bc297d570bc6722f22 |
| CRC32 | BF0CE6BC |
| ssdeep | 384:WRr0VhlJKaNxSNIDEGnQnElrD2FaSwH4Cbf:Kr0flJKwsuEGnuEpD2JK4mf |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 497eb6d4ff31b385_EnVar.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\plugins\EnVar.dll |
| Size | 30.5KB |
| Processes | 3036 (None) |
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
| MD5 | 2177f534d0db3fda6a8f1119eba47ca1 |
| SHA1 | f7dc97fbcddc2d57963b32bcc40c8de34270a0af |
| SHA256 | 497eb6d4ff31b3858f6329d10a70f0cf44050631689eb952506ef632ab18845c |
| CRC32 | E6828A2C |
| ssdeep | 768:Q9BoeSzNC6zEpYinAMxfxFSYiBxFFAMxkEJ7u:Q9BnSzNm7HxZc73jxFu |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 797aafde72761531_tr.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\tr.pak |
| Size | 350.8KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | 9cce758eecd528effb7622997ce97f91 |
| SHA1 | 5dd837f4c850761faffb424c80de4157605d66eb |
| SHA256 | 797aafde72761531697d23cc5d41096dbfaacfa7b83ef7088e941e9284586e74 |
| CRC32 | C506B2C5 |
| ssdeep | 6144:aDetkb9Ki0COCUOcMoxJwuXh8SgeT5b/H+ho1s6MELVwiBXJma:l2bkidOJxnRl5b/T |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 21a84ae54dd474b1_uc1GF9JbZWcb5uGgUq8boSN640EePYh7AD9J6k1o6OWlygroFKS0h4C4LTMi99IJA0SrslMUC5hXAfj4TOj71vaBQjlXOdtEB3VXUoki1wo[1].htm |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BYECVYBT\uc1GF9JbZWcb5uGgUq8boSN640EePYh7AD9J6k1o6OWlygroFKS0h4C4LTMi99IJA0SrslMUC5hXAfj4TOj71vaBQjlXOdtEB3VXUoki1wo[1].htm |
| Size | 1.0KB |
| Type | ASCII text |
| MD5 | 6ca9bd78ef30cf3600008dd446b89dc3 |
| SHA1 | 8a58e9b69646a36ad5456bce1d80ed382a5a6af8 |
| SHA256 | 21a84ae54dd474b1a244b2b052dfe60690d8a03b3676602d5d066860c725b785 |
| CRC32 | 0D8A81C8 |
| ssdeep | 24:9YEmKxplEbAHzZEOK1bXDaEKzkOJ7F0zVTefXor+wMwenZfur+wfC:XWnOKJXDa9zPJ7F2ZefYrEZfurq |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 71e5e7665abd657f_te.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\te.pak |
| Size | 819.1KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | ea450a08e85fe4c5b7c71a61de07868d |
| SHA1 | a8fff5309cf66699ee28e81101f8634dad6cc49b |
| SHA256 | 71e5e7665abd657f33d2d8349b9684abc8b944b9bea682aa12e07e1c4e431e5e |
| CRC32 | 5AF45A0F |
| ssdeep | 12288:NSqBO3p1F9fBiTlUMrgCNFO3drUQ4GwQKG/C2845HX0IGq9GyAdK5hCXHbQOpdAk:NSM3ZT59MQ |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | b978fe26b397fa7c_ur.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\ur.pak |
| Size | 522.3KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | d7ba85fb9a1fd2d2ea3cd9cb36ae1f82 |
| SHA1 | 813296ea7216966f90ca1682c9650194cf879012 |
| SHA256 | b978fe26b397fa7cd106821e405294c57567452ec95bba551d0e1a6cc3531781 |
| CRC32 | 2385D3DA |
| ssdeep | 12288:BD8p+8PzZiPvQyUDUApr25CQEA2W6/0QYrXuUco/9NjjFpvOf:BD8BiCI52WY |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | c38123acd05cd0cf_cacert.crt |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\cacert.crt |
| Size | 5.1KB |
| Processes | 3036 (None) |
| Type | PEM certificate |
| MD5 | 9956b172b62aeb41ca988999947a488e |
| SHA1 | 199e3607abeafd168b02b062697656a847fe4de7 |
| SHA256 | c38123acd05cd0cfe4375417f766a9a465327117f5025b16e4403cfd2e07f045 |
| CRC32 | 8EBF8A91 |
| ssdeep | 96:LrBwgYufFy6nfwJeMmFtBuyuCk+Plvz49wC5UnhVhdnZrYGjWwbhliiuD:HBwgY2FLfFpbunCXlv09wfnXhNZrXxfq |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 44a44c9465ab4695_Crypto.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\plugins\Crypto.dll |
| Size | 24.0KB |
| Processes | 3036 (None) |
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
| MD5 | 1e5180eb2c6be1c0767bae6ca85bd731 |
| SHA1 | e04c5b7ea1b8edcb00853a85467e66394186690d |
| SHA256 | 44a44c9465ab4695e65f8e313d4e8db2c60414461314bb8ddd524191e04652b3 |
| CRC32 | 71E10632 |
| ssdeep | 384:1owKj4itsgQNyb8E9VF6IYinAM+of7dFM76QKBIYiB7dFQ3ARdAM+o/8E9VF0NyW:1oxbtiEpYinAMxfxFBWYiBxFfrAMxkEE |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 786d87e5eaedabee_getLoginStatus[1].js |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\getLoginStatus[1].js |
| Size | 270.0B |
| Type | UTF-8 Unicode text, with no line terminators |
| MD5 | 4810e261e5d57ad79ab643044d88bb71 |
| SHA1 | 8b8be4b5eea4fd8292ccad1c8da4968f009d61b4 |
| SHA256 | 786d87e5eaedabee435590f15226d43bc12244711c43024333eb3c1e0008b41b |
| CRC32 | 55B2CEEA |
| ssdeep | 6:s8G3Tg7KQ4hCr2aC/qcZlH+nEOJE1Ys/FkaXeJV+DVN8EWn:xGE7csQycZlHGEXfZXW+NVWn |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 6976c426e3ac66d6_noConnect[2] |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\noConnect[2] |
| Size | 8.0KB |
| Type | PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced |
| MD5 | 3cb8faccd5de434d415ab75c17e8fd86 |
| SHA1 | 098b04b7237860874db38b22830387937aeb5073 |
| SHA256 | 6976c426e3ac66d66303c114b22b2b41109a7de648ba55ffc3e5a53bd0db09e7 |
| CRC32 | F9D26F41 |
| ssdeep | 192:SSDS0tKg9E05TKPzo6BmMSpEJH8x07oLKsiF+2MxNdcNyVE:tJXE05g/uEJH8m7oLKLo2MxncUVE |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | f2afc04a24c9d89d_red_shield_48[1] |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\red_shield_48[1] |
| Size | 6.8KB |
| Type | PNG image data, 40 x 48, 8-bit/color RGBA, non-interlaced |
| MD5 | f413dd8a75b81a154a1fd5e4c4a0a782 |
| SHA1 | 667f7e3da51ca3417a1feb66d238466423c9487d |
| SHA256 | f2afc04a24c9d89d3c2f0d73f8cd6fb6b65adbe333196c3f99cc7d6868847ceb |
| CRC32 | D96BDACF |
| ssdeep | 192:8SDS0tKg9E05Tz045xhOwZtbiFHsrC3rlTqpHbW:7JXE05d5xhOwtGsSTqpHC |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 662a9db6ef4197cb_chrome_100_percent.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\chrome_100_percent.pak |
| Size | 126.2KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | a3d4515d3a33a407d313a62818e82a5d |
| SHA1 | 967ff9a6774a66f7b3299af4fd5d70961ed54d79 |
| SHA256 | 662a9db6ef4197cb4b6c50648a2cafceb7fd903015828df3fee605a602370be0 |
| CRC32 | EB77989A |
| ssdeep | 3072:KKzwqCT4wKN3/nXCWZQCPxBVO2o418Gb0+VRLf0ld0GY3cQ39Vm2I:KKzwt49NPyCtoK18Gb0OV8ld0GecQ3f2 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 5d155c64dd5c3d82_press_info_data[1].htm |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BYECVYBT\press_info_data[1].htm |
| Size | 223.7KB |
| Type | UTF-8 Unicode text, with very long lines, with no line terminators |
| MD5 | 9e5b0943007bc082e3adaab9aa4ae6e7 |
| SHA1 | 43757406a30f183721b79025d2a286ae38108d6b |
| SHA256 | 5d155c64dd5c3d820f31f7382f1e73c5bde63072fc0592ba533dda16786c4889 |
| CRC32 | D9FCF90F |
| ssdeep | 1536:7wvhVswWsaIVOTD0CsVhNwhIVOTD08wNhR:W9rT |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 53523cff731f0875_nsJSON.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\plugins\nsJSON.dll |
| Size | 44.0KB |
| Processes | 3036 (None) |
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
| MD5 | c09c3cf5b94a25a532f01d79614cf92e |
| SHA1 | 995aaf1bc329d549e56799bb94bac228a6ece9ff |
| SHA256 | 53523cff731f0875c303d6d8ef6383921fc21319b0b35e3acc8b979fb7d36e60 |
| CRC32 | 241F3D4B |
| ssdeep | 768:noZ1ZnhrTfldqk7Yyy94RxOcVQJrTDEpYinAMxfxFfKPUMLYiBxFLGsAMxkEq:Qpi52vOcqlT87HxZ1K8ML73pGqxW |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 186b697cfc4718c9_en-GB.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\en-GB.pak |
| Size | 293.6KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | ca79f7e2286ea036b80cacd634233731 |
| SHA1 | 79ad146ed5f7c9b505954e1d0278b582cddd3b8f |
| SHA256 | 186b697cfc4718c9ba3c6896671ef56d776cdf30f7212a061f8b2a6203b9bac3 |
| CRC32 | 3F61AB64 |
| ssdeep | 6144:SYCcF+0wLgus5MP9eczFy5faY9xyuZ5sSTXN:SYkHs5MxFy5xJ5sSbN |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | d5ebe3ef0ed74f92_pt-PT.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\pt-PT.pak |
| Size | 356.1KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | 64547d12dc56f6cd5ed713e3f8042134 |
| SHA1 | 95d7e036b1b42baf45b74ad9dadf1c31e82f4b6e |
| SHA256 | d5ebe3ef0ed74f9236be4f4f6d39ebb06e2e10fa356592ac9cf8c25e04032bfd |
| CRC32 | AE14EE1E |
| ssdeep | 6144:+gYHJt1jz7ieJVJJxhOOhAQIT/OCE5QKr6j:At1jKOhuRE5QKu |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 3027384e30d01e7d_sk.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\sk.pak |
| Size | 376.0KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | 9a609ad68435e0540c47a96ea0bc3cf5 |
| SHA1 | 7c49ac1a2214a590693019f63f2a2ed7208ebf3f |
| SHA256 | 3027384e30d01e7d53d9d340b7ddd91665c7ec94881c8d717344bae354b2c6a1 |
| CRC32 | 53B458E1 |
| ssdeep | 6144:78SoTejIkdhQnNi5jt57inJ0kDX5zPxLKaQZOGL+Ge:YSoikMQQht57i+kD5zPxLKaQZOGLs |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | db30557902ce0a58_Fortect.json |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\Fortect.json |
| Size | 924.0B |
| Processes | 3036 (None) |
| Type | ASCII text, with very long lines, with no line terminators |
| MD5 | 93c4bf5118b7e2e5987144381357135d |
| SHA1 | f82acd8fdf6d6e78a9b1e6d2bdfdfec24f80a0a0 |
| SHA256 | db30557902ce0a58e6b43bac46575d163d9725d57c7e834272918ffacdce8c3e |
| CRC32 | 25C91869 |
| ssdeep | 24:YWLSYl6YPY0Wnf+9+VlNiJ9ag2+yPOCUgn:YWL5bWnf+sVlN0k+yP7hn |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 32d83ff113fef532_vk_swiftshader_icd.json |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\vk_swiftshader_icd.json |
| Size | 106.0B |
| Processes | 3036 (None) |
| Type | ASCII text, with no line terminators |
| MD5 | 8642dd3a87e2de6e991fae08458e302b |
| SHA1 | 9c06735c31cec00600fd763a92f8112d085bd12a |
| SHA256 | 32d83ff113fef532a9f97e0d2831f8656628ab1c99e9060f0332b1532839afd9 |
| CRC32 | 596B3D49 |
| ssdeep | 3:YD96WyV18tzsmyXLVi1rTVWSCwW2TJHzeZ18rY:Y8WyV18tAZLVmCwXFiZ18rY |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 719854191d874ef2_gu.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\gu.pak |
| Size | 740.7KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | 93cc7570b7ca30b2f2138cabbf50883f |
| SHA1 | 321fe9cb0fc8e41ce07133db7a4fc1469f7c10d4 |
| SHA256 | 719854191d874ef26ee5705d47280765af694c63d555d05036318e0e62918f72 |
| CRC32 | 708BF1E6 |
| ssdeep | 3072:LFf73HpamH/BkxbQYUzyQkTYaMaWZu/lsMhmkTd4Miz2tQm251YvnsWnPjBf8w/b:JfTJD6xcYUjtBso5cxhpOsj |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 8cc95ca92f0e702d_fortect.exe |
|---|---|
| Filepath | C:\Program Files\Fortect\Fortect.exe |
| Size | 734.9KB |
| Processes | 3036 (None) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive |
| MD5 | 745dfc19a7a8ce32812211f17b792fa6 |
| SHA1 | 8a627b236f531c0ead419effc1c589e0f5a624b6 |
| SHA256 | 8cc95ca92f0e702dda28a9177e2f0ec7e38e5fde133542b3d7d1aa92e291da17 |
| CRC32 | 46FE3FC8 |
| ssdeep | 6144:mYa6e2TLtksn9yYx7YthwLBe/Py7M/IArFRTUgsBJxymtDLtq2IK1MX+zLBqGB4l:mYAez7OKNeHy7WTmzxymtlq2IKAYW |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 51fa2d73398e8ba1_FortectTray.exe |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\bin\FortectTray.exe |
| Size | 452.5KB |
| Processes | 3036 (None) |
| Type | PE32+ executable (GUI) x86-64, for MS Windows |
| MD5 | 1859b7f6e13f7320a0a47da381e650fc |
| SHA1 | 98b9326d0241cbb4fab51284fe6d866a96142b59 |
| SHA256 | 51fa2d73398e8ba11918cf0e48766caf0f1d8874c84ddd3fea2cef90d457cef1 |
| CRC32 | CBE00749 |
| ssdeep | 3072:hLC2sEPvAaekko6HDsJ9TyJhLUqVSsW0ADrVTykQZEBHKwb5MnBtcH:IGvAaPkFHcTy/LZg0YyXZEBp2 |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | a0242e54add06506_avupdate_msg.avr |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programdata\av\avupdate_msg.avr |
| Size | 6.4KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | 6d661baff0418302afcefbec82f3d9d9 |
| SHA1 | 19382edd791a7373a7fe95c2cfa2b7123aef7d21 |
| SHA256 | a0242e54add06506761bc933b90d5ce512707530d7a0efd17f1522aa11c7d18e |
| CRC32 | 9E7AEF72 |
| ssdeep | 96:7+rz/vx3SFRuC9nNKZRllhXBpQisZ3i5hSAFCLYIFrGZk2Z+5ZDSLW2vnv13Sr2k:qiFRuCJNKzRxw3i5hSAIbyrZ+7wn15GJ |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | bb52d2ed4a772930_es-419.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\es-419.pak |
| Size | 358.9KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | a3ad76c796cb2becc92a393ddaa5a623 |
| SHA1 | 728baa0b1170a3d796e1e17d3e4c8eb3d77a99b5 |
| SHA256 | bb52d2ed4a7729306e469ddec37291fcff2a8e16b1f9eab13c2e73887624a776 |
| CRC32 | AAC9D9A1 |
| ssdeep | 3072:q7e7yztoFQo0pCZjHoyoyuWgdzPPJTUlhmwgOD57lBfGLFpDNvggGm:q7emXppCUKMaB5+LFpDNvggGm |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 7e76684a6a86b039_pt-BR.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\pt-BR.pak |
| Size | 353.1KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | 9365f268aa04d060e381217506741c02 |
| SHA1 | 055898349f1b7024923c1b2800e799fdb6a726c5 |
| SHA256 | 7e76684a6a86b0397714c9e5eca2f567529931e27fe21a54ed5fc124329bcbd0 |
| CRC32 | 6930C0D7 |
| ssdeep | 3072:pu0FQ7ktxbvMYc4/VPLpGc7JfXNBXBL13+SBSe46n57OTiXcBF3UVxrN8KV34g5G:t+ktxLpXNBXBLdaGhsLk95cyJ9p/pbSP |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 74441313bb1fb625_gap[1] |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\gap[1] |
| Size | 44.0B |
| Type | GIF image data, version 89a, 10 x 1 |
| MD5 | 96c4c871750d7ca05dfa18ce6a85d369 |
| SHA1 | afe63ad72576922e708bdc0bd7bffbec84fd42f5 |
| SHA256 | 74441313bb1fb62500484443c4937e90d4e335351a4fcd12a9ac48448500e33e |
| CRC32 | 13E752AB |
| ssdeep | 3:C3WvExltxlrlen:ncFlen |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 61094bc62bd057f4_sqlite.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\sqlite.dll |
| Size | 1.1MB |
| Processes | 3036 (None) |
| Type | PE32+ executable (DLL) (GUI) x86-64, for MS Windows |
| MD5 | 2e65504772ba755dfc7074b4d0749250 |
| SHA1 | 0ebe0d6dc09b682faafd19887f744d780836e52a |
| SHA256 | 61094bc62bd057f49b85b0009f7de7947bc948fecb85052e6f3d803388f31d23 |
| CRC32 | C0EC3AD9 |
| ssdeep | 12288:O/2NMADKYIJqHLY2JhUh0IwURA4uiwXp+pZaod6/74vTkwtEHicg7VGYw09SmT:O/2P+JqHE2vUJw34u152ao8/74FtE08Q |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | b5fab377159091f4_vk_swiftshader.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\vk_swiftshader.dll |
| Size | 4.7MB |
| Processes | 3036 (None) |
| Type | PE32+ executable (DLL) (console) x86-64, for MS Windows |
| MD5 | 14225e11f54c9b0b08bb34ebe6de10b6 |
| SHA1 | d71197f3614b0953d130fe07456d95caed84b4ed |
| SHA256 | b5fab377159091f4a9f91701e8a88cea1a39d5303b01627896a1ebd71f842de2 |
| CRC32 | DBB96E65 |
| ssdeep | 49152:D0mGT8uVky3/yi3V5QuVEym0y8za7U+uzaXkZ/uQqt4+E9Q84Rb9WbUrW0Gnehuh:Il/gW3OLbc4qj |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | a124e1f85cff408f_savapi.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\savapi.dll |
| Size | 5.3MB |
| Processes | 3036 (None) |
| Type | PE32+ executable (DLL) (console) x86-64, for MS Windows |
| MD5 | a294fb262f2c9dfb5d1c627876e66138 |
| SHA1 | 957287b5bcef69a15af4365d637d8703d460ceb3 |
| SHA256 | a124e1f85cff408f05d11a406143a612472b4f666929d92b2d7a61858c6c19f2 |
| CRC32 | 626EF545 |
| ssdeep | 49152:aGtlqo9VwASOkdIU6iUsN0Xz62pCzoA3bW559bWJZ3c+9oCMknclUn4PyFDu6RoI:+q+NNCzTYoAFSzRsqGouxGcpcnY |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 58a05c51c0678fd5_api[1].js |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\api[1].js |
| Size | 899.0B |
| Type | ASCII text, with very long lines, with no line terminators |
| MD5 | 2343261a108d787ae98b3611fb28ee41 |
| SHA1 | ceb119d7808547e1197be11103b0e5ccc736d215 |
| SHA256 | 58a05c51c0678fd578b9ff6c38e26310157d6b8051097dc3b02027a74b727ed5 |
| CRC32 | F379ABDC |
| ssdeep | 24:2jkm94/zKPccHJk8cJk8Hbv+KVCetNH2k1KPO7sLqo40RWUnYN:VKEcpk1kjKoeLl1KFLrwUnG |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 1471693be91e53c2_background_gradient[2] |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\background_gradient[2] |
| Size | 453.0B |
| Type | JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1x800, frames 3 |
| MD5 | 20f0110ed5e4e0d5384a496e4880139b |
| SHA1 | 51f5fc61d8bf19100df0f8aadaa57fcd9c086255 |
| SHA256 | 1471693be91e53c2640fe7baeecbc624530b088444222d93f2815dfce1865d5b |
| CRC32 | C2D0CE77 |
| ssdeep | 6:3llVuiPjlXJYhg5suRd8PImMo23C/kHrJ8yA/NIeYoWg78C/vTFvbKLAh3:V/XPYhiPRd8j7+9LoIrobtHTdbKi |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | d6360e692b8edc5c_userinfo.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\nsf293F.tmp\UserInfo.dll |
| Size | 24.5KB |
| Processes | 3036 (None) |
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
| MD5 | 7c12b2dde3d65c1d4de5456c2f92aa9d |
| SHA1 | 1fedebdd8d2214a4fe25801157bd8c96619aba7e |
| SHA256 | d6360e692b8edc5ceda976e9027a917d379b5c62c958227130dd68de2f5be3a6 |
| CRC32 | 0EE4B93F |
| ssdeep | 384:tWH+2Nyb8E9VF6IYinAM+of7dFNL0nvSIYiB7dFmsNBvEAM+o/8E9VF0Nywfi9at:theEpYinAMxfxFwYiBxFmeyAMxkEUt |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | b7a50befbc22360c_vp.json |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programdata\conf\vp.json |
| Size | 960.0B |
| Processes | 3036 (None) |
| Type | data |
| MD5 | 4f0cc1d71725c12e501f4b72e1361944 |
| SHA1 | 98594524ec5bb01cbd2b88d51d94c41aed5b7a3d |
| SHA256 | b7a50befbc22360c81088aa64ca688e64cfde1ff521ed3cd404463dc7bd1c82f |
| CRC32 | 1E3F7C51 |
| ssdeep | 24:kYEN5mEWnwRmoMhHognhujZg3q6IIwKasagJiy0wo6n:kLnmE3moOhuteaIagJZn |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | a7a5e9906f1907e2_v7VuIMfdRFjYi8at76kOnrqWKHae1x3mkm44n2XS2jHGZ1RmKvYv1ZI_VfM_7LS-ADqb-aTFPLetd4Ov_SpX9Aml3koac-NjZmjZ0pdczs0[1].htm |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\v7VuIMfdRFjYi8at76kOnrqWKHae1x3mkm44n2XS2jHGZ1RmKvYv1ZI_VfM_7LS-ADqb-aTFPLetd4Ov_SpX9Aml3koac-NjZmjZ0pdczs0[1].htm |
| Size | 1.0KB |
| Type | ASCII text |
| MD5 | 8fd5441f8e1f19e1f8e1274159cb8b32 |
| SHA1 | e99e51f9e9be6de025c58771cc0ee9f433b16a03 |
| SHA256 | a7a5e9906f1907e29a351bedb7aeee3b7fb1228196461b3d4bf9154a2764e195 |
| CRC32 | 19ABB481 |
| ssdeep | 24:87NSo/Ntf3BTe9JMzbXDaEKzkOJ7F0zVTefXor+wMwenZfur+wfC:qSorf3BTEM/XDa9zPJ7F2ZefYrEZfurq |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 20edc43a59a72234_lt.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\lt.pak |
| Size | 387.1KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | 38f69424e75f6e213e5b3ef204a1cbfa |
| SHA1 | a519c40d601e3bf476019674dbc5dea851d347b1 |
| SHA256 | 20edc43a59a72234489ccec63d598d82b9540a90df874400dbb01862cf4c30ed |
| CRC32 | 271984E3 |
| ssdeep | 6144:ZCNqkSeL46Qf6Ri3n3142Svatn7o5Ul4ua5AuIrX6hZ2IF6S4:ZCNqkS9+Ril42Sa05m4WuhP6S4 |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | b1d761386dff9976_mr.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\mr.pak |
| Size | 728.3KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | 5b0ffbd8848dde61dca9f39836390fad |
| SHA1 | 7132f70058ec10a2353e963819df020e2fb6b65f |
| SHA256 | b1d761386dff997603bc1599422e09e244e385e32513feb599f3da7c0dfb7bd4 |
| CRC32 | DCF75CD8 |
| ssdeep | 3072:e9rz5hyddHFoWENQ7Nspi2L/dXMEy3RTh5014AV4amHwMo2AeRLhtYJZIpyXKa3O:WhydlFonDXiL3Z0/OVA5Re7y2 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 17b98abe332a2ee7_de.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\de.pak |
| Size | 360.1KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | d16a67c02f9cdb288e7ec3399994a33c |
| SHA1 | 7d15ba33c6263e65d91053ead94031c418ad23b0 |
| SHA256 | 17b98abe332a2ee7d36e637b473742df9b3dbe0984e0b7380c547135601bdddc |
| CRC32 | D4F37978 |
| ssdeep | 6144:5uAaQEC2XbE4N94qHan3883Bq1UqW8jCOH5ZgeQB46gqE:APm2LEd4as8mUql5US6gqE |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | afce792469d28568_ErrorPageTemplate[1] |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BYECVYBT\ErrorPageTemplate[1] |
| Size | 2.2KB |
| Type | UTF-8 Unicode (with BOM) text, with CRLF line terminators |
| MD5 | cd78307e5749eb8aa467b025dc66bcd3 |
| SHA1 | 7f85f932532719bc0ca23a21a24e146cdcd40668 |
| SHA256 | afce792469d28568da605230d27a6d5354f9451c60b5a3ce998edeaf098c8327 |
| CRC32 | 12B03B3E |
| ssdeep | 24:5Lj5x55k5N0ndgvoyeP0yyiyQCDr3nowMVworDtX3orKxWxDnCMA0da+BieyuSQK:5f5H5k5pvFehWrrarrZIrHd35IQfOS6 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 263f65645f5f2883_FortectUpdater.exe |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\D2FA106B920C\programfiles\FortectUpdater.exe |
| Size | 652.0KB |
| Processes | 3036 (None) |
| Type | PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive |
| MD5 | 5ed980dec14474b148d4a63336605900 |
| SHA1 | 524769307991add87f2c35a6076a69306b1d84c5 |
| SHA256 | 263f65645f5f28835b12090e890cd66849947e97877ef827eb7f4c49f8c66392 |
| CRC32 | 692AE4E9 |
| ssdeep | 6144:lYa6d2r+Xv52GajY3fMtf9R0aMR5jEzvKmDU3JDNq+RDf96/E46vyAr9:lY7wGv52/YGQTPevKmDU7xyAh |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 3374a0184d03fd13_FortectProtection64.7z |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\FortectProtection64.7z |
| Size | 1.9MB |
| Processes | 3036 (None) |
| Type | 7-zip archive data, version 0.4 |
| MD5 | 7ce3632b4d8c658b8dd5a70719436388 |
| SHA1 | 9549e2509ff7286cd90480b1e41e4ad68204fa55 |
| SHA256 | 3374a0184d03fd13af085c0a5ab3e945c2afa849d900214fb404f0ca18d02a86 |
| CRC32 | 2A47483A |
| ssdeep | 49152:sD8bp2LWOwjsSlfIcMAa5UU+RQ3OH477w6:sYbwWxZlQcMIUr3Oov |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | cb97aa4711e4a307_ml.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\ml.pak |
| Size | 896.8KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | a9f7cff33e1fbc052eefa51446c6cf30 |
| SHA1 | b9901a146cefb42455c2996f890a88196eed050c |
| SHA256 | cb97aa4711e4a307cc67e055c5d5631cd99433a2cc06572ecb153d41dc1d5643 |
| CRC32 | 73F4002A |
| ssdeep | 12288:EDvkk1z+Si7/qCLElbMmWDcZubSARyUxeW5p/7fl936A:El1z+Q7PW5p/7H3p |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 8b0217042d8c86d4_sr.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\sr.pak |
| Size | 560.4KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | 880fc5fee125dde8c1dbc2dab16d4d05 |
| SHA1 | 29c0f5f7892f6080cdf8d680972cfc15183a8f4a |
| SHA256 | 8b0217042d8c86d49cceacace04b324859b44d1ac51aeebcdb72c0772fcb8892 |
| CRC32 | 7ECE0CBC |
| ssdeep | 12288:0W7GIkcNglHIACp1rBbUsYsM0D5PaxrHNP437QXut/k/t:xtfj9H7D5Sx71 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 07d07a467e4988d3_favcenter[1] |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTDTA402\favcenter[1] |
| Size | 3.3KB |
| Type | PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced |
| MD5 | 25d76ee5fb5b890f2cc022d94a42fe19 |
| SHA1 | 62c180ec01ff2c30396fb1601004123f56b10d2f |
| SHA256 | 07d07a467e4988d3c377acd6dc9e53abca6b64e8fbf70f6be19d795a1619289b |
| CRC32 | 7FE3FBCC |
| ssdeep | 96:RZ/I09Da01l+gmkyTt6Hk8nT1ny5y3iw+BT:RS0tKg9E05T1yIyw6 |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 9274d60eddc28a26_ar.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\ar.pak |
| Size | 560.8KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | 2af71e74a1aae789fb3c7cfe1aec91ab |
| SHA1 | b7ae04edcb8458af0fb14eb8f346b97f3dfc2ed2 |
| SHA256 | 9274d60eddc28a261943258fa644587c4586e91c4bc415346f0b79b20676ada8 |
| CRC32 | 297DBF58 |
| ssdeep | 12288:CiOiPxKqWUjXji/TscvYUBxbsHX15sNb2+qTd4vMgSEN1y:CjP1qHl5N+c |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | f961ca94397297a8_et.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\et.pak |
| Size | 323.9KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | cd1025094c963017c56e6a4773c0d7a2 |
| SHA1 | c5e5e1569c34a09a95a717187c363edb37926ca7 |
| SHA256 | f961ca94397297a878076cc6441b31af1af75f5c2e705c8465d98419ae952c13 |
| CRC32 | 0FBB9331 |
| ssdeep | 6144:e9Plm1+MZuDM01E0A2SkbT/RHLFi7EM5ujk43RfLhKPQ+:eplPdD+yrM5ujg |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | b6d1afb92fbfaca8_fil.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\fil.pak |
| Size | 372.1KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | 8ea7c6702d16a196a9c92784ce322b5b |
| SHA1 | e5491c608a9b45ff5f409976ac85f3fa88e01c03 |
| SHA256 | b6d1afb92fbfaca8ad9bfd944747f0683513d8862cc1948c6e61ebda1115f700 |
| CRC32 | B3AB9429 |
| ssdeep | 6144:941jsF2yIDQT9WOCTD6xdVG6Z3A35FgmvQkAPm8:9d4OCTKk5Smy |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 4840dd4776b198ad_ro.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\ro.pak |
| Size | 365.3KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | 41495d709aede049bf63214d243804dc |
| SHA1 | cddcc90705779003ed20760b60b7339e2e83fdd8 |
| SHA256 | 4840dd4776b198ad61c8ea450075987d0c4cde0b976508906907039c5b6ffc56 |
| CRC32 | AAD0EB3B |
| ssdeep | 6144:SSXezlMb0Z7veEEDGCZpXqW5Zl/oWqr23/Yuobr:SG0Bv5EDGCZpXqW5ZZoI/Wr |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | c686babc034f53a2_green_shield[1] |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BYECVYBT\green_shield[1] |
| Size | 3.4KB |
| Type | PNG image data, 14 x 16, 8-bit/color RGBA, non-interlaced |
| MD5 | 254d388ce19d84a54fd44571e049e6a6 |
| SHA1 | 51ca725642f679978f5880278e5cac5ca4f70fae |
| SHA256 | c686babc034f53a24a1206019e958ba8fc879216fd7b6a4b972f188535341227 |
| CRC32 | 265B0B9C |
| ssdeep | 96:5SDZ/I09Da01l+gmkyTt6Hk8nTkN9D6ZB+:5SDS0tKg9E05TkN92ZE |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 7a5a613345d5c04f_question[2].js |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTDTA402\question[2].js |
| Size | 75.0B |
| Type | ASCII text, with no line terminators |
| MD5 | 7511081de85ec4de3561563f4ced0b32 |
| SHA1 | cbc37fdf23fc2e063da9bc9ae1caffac739af0f8 |
| SHA256 | 7a5a613345d5c04f03093c2e3f16d602f634914f2d7ea18e25a947b4e2a33761 |
| CRC32 | 35F98102 |
| ssdeep | 3:uTaliHEnVX173GXtR+PNMeABHJHX9RV1n:uaK+G8oB59RV1n |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 713ebb2266bd5192_keys_js5[2].htm |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTDTA402\keys_js5[2].htm |
| Size | 1.0KB |
| Type | ASCII text |
| MD5 | cec902854d271c5e11670a3429cdcc27 |
| SHA1 | 10d44dd02cf16e22817738d8bbb8ff344c9ca091 |
| SHA256 | 713ebb2266bd5192d16da43820f6aece13b9a077ec17aa7067e2bdbd81702791 |
| CRC32 | 3F80C1B4 |
| ssdeep | 24:jp3nSVtSBwxwVdENE1bXDaEKzkOJ7F0zVTefXor+wMwenZfur+wfC:jsccwVdmCXDa9zPJ7F2ZefYrEZfurq |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | eb8de7e756484cff_maindaemon.install.engine.log |
|---|---|
| Filepath | C:\ProgramData\Fortect\logs\MainDaemon.install.engine.log |
| Size | 10.7KB |
| Processes | 2788 (MainDaemon.exe) |
| Type | ASCII text, with very long lines, with CRLF line terminators |
| MD5 | 55ec7548158dc95a2afc82892ab78564 |
| SHA1 | 0abaea8a1ef68c840ad7ea1fede3c13b1a0322ea |
| SHA256 | eb8de7e756484cffba0c743eea6a3f50b3ea2e51bb7990b5a1c66416b8a7c6ad |
| CRC32 | 29EC2A7E |
| ssdeep | 192:GWJ4B932T6/rUAlftbCp3O7AbbfzyAzcxBKcmolIAzSlfkoRsGLJGAAb49/P0:PY932G/JlseOyAzcLKcmcVYsHGtLkU0 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | c93c04baa7b629f1_vi.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\vi.pak |
| Size | 415.5KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | 5ece0b4f29b6ecd6bed46f70888b7f52 |
| SHA1 | c9526301591ba37d769670e2719ebabe418eec6a |
| SHA256 | c93c04baa7b629f11870d7abc7a9f78ba5a68fceb4ddfacb6fe4ccbe768deae1 |
| CRC32 | 7CF65F1D |
| ssdeep | 12288:Up/qVsPjnzj037YLwShFoAalk5u1WziW+UnnJziq7VZ:6qVsPjnzj037cwSvsa5aEiW+Unliq7VZ |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name |
e3b0c44298fc1c14_nsq28E0.tmp
Empty file or file not found
|
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\nsq28E0.tmp |
| Size | 0.0B |
| Type | empty |
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| CRC32 | 00000000 |
| ssdeep | 3:: |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 8789eb3a9fd6534c_rcaptUi[2].js |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BYECVYBT\rcaptUi[2].js |
| Size | 1.1KB |
| Type | UTF-8 Unicode text, with very long lines |
| MD5 | d0dfbb34eb95d74c80da4f88ae238a90 |
| SHA1 | 2dad33ec760b26138e0ab82eccc46002c7446989 |
| SHA256 | 8789eb3a9fd6534c2a5b88962f0f0ad3629c52059dde825914c9fc732ffb20a0 |
| CRC32 | 673C1A00 |
| ssdeep | 24:GslZIFVykEFtDrJaFHOL0Qs8L4LfdLzaJfmuU5Vwo:/7IFMdDr2b9/aFf4 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | df0ec4343b4dc4a6_hu.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\hu.pak |
| Size | 387.2KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | 2da32b1023f28106a44baed81c7b500b |
| SHA1 | f097edc07b6e97cc7370647c7d2055bdd3570937 |
| SHA256 | df0ec4343b4dc4a69df239548de3506f9a77bfacfd21b0aa4361ffa605d22ac2 |
| CRC32 | B56FF70A |
| ssdeep | 6144:emCZ99yHuW44OAV5z/UQGRcNYcyDSWm7CL3MH85gR8GftG5EUnvydpEDk3ICf:IxvYV5z/rTb7QMH8595lu |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | bfd410927ef16994_settings_user.json |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programdata\conf\settings_user.json |
| Size | 400.0B |
| Processes | 3036 (None) |
| Type | data |
| MD5 | dcd031540d8a4fc74d78019bf661487a |
| SHA1 | ea7d537e79e2cd7578c331b78ffe532f1f5c63f7 |
| SHA256 | bfd410927ef16994229865873aa0c530650a21555682b8b45571167f719c3c3c |
| CRC32 | E99B2571 |
| ssdeep | 12:dGOFzyiq/BRnMzv8Hj7gBpUo4K09xED0cHYlc:RkBRe8Hj0St1cHYlc |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | b122038a876caf6f_getProfile[1].js |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\getProfile[1].js |
| Size | 187.0B |
| Type | UTF-8 Unicode text, with no line terminators |
| MD5 | 87cda6e9aea9f92c986af015aa29d827 |
| SHA1 | b89c12959bcf81d609ee1dc6bb0c53d55d962451 |
| SHA256 | b122038a876caf6f6a0e8e9d1e812e595a7f4f80d26737dedd443c5630ddf8cd |
| CRC32 | 740007B1 |
| ssdeep | 3:zQgdcRXSqXEiHVNaYGuvOPStIEZHftV1iYhDqckd0iX+c2PSzTEWHJE15XcAbqiB:zQvzUiHVH2atIi1P9qck6FcEOJE1VcIB |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 9b7af8bac852e210_getProfile[1].js |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTDTA402\getProfile[1].js |
| Size | 187.0B |
| Type | UTF-8 Unicode text, with no line terminators |
| MD5 | 88313eb24c7750e926294bef79ca3143 |
| SHA1 | aaf453dab3753a8004cfb900c8c3253a32ba46e7 |
| SHA256 | 9b7af8bac852e2102b449602f62f5116d96db0bba5c73748a47dce9924160b41 |
| CRC32 | D4756D2F |
| ssdeep | 3:zQgfdi21iHVNaYGuvOPStIEZHftV1iYhDqckd0iX+c2PSzTEWHJE15XcAbqiB:zQej1iHVH2atIi1P9qck6FcEOJE1VcIB |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 08e67aab8349a07b_zh-CN.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\zh-CN.pak |
| Size | 301.6KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | 73ef8bdfa58e55fc0753e88e34dd6eaf |
| SHA1 | bdcdf0bcbf1987af2c98d8b38d7ad59f2722c88b |
| SHA256 | 08e67aab8349a07b98cb8a17dcc582c8de0411906d2851bc93be76166e2773a5 |
| CRC32 | 6E3A9912 |
| ssdeep | 6144:Q3xCmP7e4ttOk7ynKKbztIgfT8W5cNpLf4Wl1:Q0URtt2nKKXtIgYW5cNpL3 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | cfde2f8af110f79c_avupdate.exe |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programdata\av\avupdate.exe |
| Size | 5.1MB |
| Processes | 3036 (None) |
| Type | PE32+ executable (console) x86-64, for MS Windows |
| MD5 | 95228d520e2a38ba21718c91cd3a572e |
| SHA1 | 31df1f941ea1d8524b4e2be146bf956b15ef0715 |
| SHA256 | cfde2f8af110f79c5dbe489a9ac69f5431027b26b86d4078d463cd948758c27b |
| CRC32 | 6EA3AB76 |
| ssdeep | 49152:BGtlqpIU6i76VwASOZbuecnMNTFSqJY9fMyP33ZHzF+zmymc7EgHJ9zV1c4GgqzP:K+06cK3lczmIbIu1Cm5ozlgHE/ |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 43bdc3b380573a65_rcaptUi[1].js |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\rcaptUi[1].js |
| Size | 1.1KB |
| Type | UTF-8 Unicode text, with very long lines |
| MD5 | 4a1dd61f83822be5ce59425e14d01dfc |
| SHA1 | 45fd7186c6838de41e698b84689d03129fc578cd |
| SHA256 | 43bdc3b380573a650f6c00d769fe547657b7f115fff39e78a6c9f0fd06cc0762 |
| CRC32 | 2752DCC8 |
| ssdeep | 24:GslZIFVykEFtDrJaFHOL0Qs8L4LfdLzaJfmuU5VwFJ7:/7IFMdDr2b9/aFf7 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 5fa16c38b08527ae_search[1].htm |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\search[1].htm |
| Size | 23.9KB |
| Type | HTML document, UTF-8 Unicode text, with very long lines, with no line terminators |
| MD5 | f4779913251cfcbce0e6acf886582853 |
| SHA1 | 6fbe74f148ba5eb65fcd6679373d27d9b2d936bd |
| SHA256 | 5fa16c38b08527aef32f7b7417dfa28258f2acb76e57fda087744f75189b491c |
| CRC32 | 5E60C921 |
| ssdeep | 384:6BBTkKcwfUCWIeCIjtrjruVVxMZoCjJC8bCd7C7b5HKHCF/e1CskXCIfBC8eGCO/:JkXo/86u5eEVvK |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | ee7929953006a217_rcaptUi[3].js |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\rcaptUi[3].js |
| Size | 1.1KB |
| Type | UTF-8 Unicode text, with very long lines |
| MD5 | 9da04add19a5724543a3520104eb75f7 |
| SHA1 | 2a40283a3d8f2e936fa0ddd626987b46398aff0a |
| SHA256 | ee7929953006a2172b132214f028e95ceb5e62145bfb625781c6fd789939c580 |
| CRC32 | 4162F6F7 |
| ssdeep | 24:GslZIFVykEFtDrJaFHOL0Qs8L4LfdLzaJfmuU5Vwrm:/7IFMdDr2b9/aFfbm |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 6f980f680bf30690_ShellExecAsUser.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\plugins\ShellExecAsUser.dll |
| Size | 63.5KB |
| Processes | 3036 (None) |
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
| MD5 | 018163ce44deb0e9e6f8201852f8b98c |
| SHA1 | b0903584a16b33964c559af00e24b0449dc41018 |
| SHA256 | 6f980f680bf306909cdbb49b23336cc429319811d7e7e48e5191242013d52575 |
| CRC32 | 58C709B3 |
| ssdeep | 1536:cA4CJ9OFpXf0AfNiTkIMrhdk67HxZ073bxx:XhCFptfN6MrhG6kf |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | be311135e790ce60_scew.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programdata\av\scew.dll |
| Size | 424.2KB |
| Processes | 3036 (None) |
| Type | PE32+ executable (DLL) (console) x86-64, for MS Windows |
| MD5 | 9191d7bdf8ce0c734a8fcefcfab44073 |
| SHA1 | 3ea8d147c34d6c319cd3fa45d37bdb968dfe3b3f |
| SHA256 | be311135e790ce60c0d80f80c00c0aabdaad65265ab4bbbf501414b7c4341c41 |
| CRC32 | 009702DC |
| ssdeep | 3072:1buL7c45KEMVJEXSIxquZ1cH/tzf3e3P3vPNIqd1yDq82diLxP9/R5V/FrvYGeS4:1S/FIEXPw80je3P/POiy/dLXPxeSkZ |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 0521f442e3419e13_question[3].js |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTDTA402\question[3].js |
| Size | 75.0B |
| Type | ASCII text, with no line terminators |
| MD5 | d8559b6d2261b1838b61c9a85ba99b5d |
| SHA1 | 909ee62ee7d1aa36a16dc19ac71c790596352435 |
| SHA256 | 0521f442e3419e13e5ebc15954eabfc789ea5d799c9f50a194162943fe380d76 |
| CRC32 | D699B8B1 |
| ssdeep | 3:4RoGVXI2FvBVUMH9LRVYl+PNMeABHIn:4GCX3vBVUMHtRVboBon |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 6c6ed48be417f931_System.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\plugins\System.dll |
| Size | 32.5KB |
| Processes | 3036 (None) |
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
| MD5 | a6a9a761f8bf173d4dea7823195eb97c |
| SHA1 | 70ef7462c23a5729d23d281336341b52a9cf36b1 |
| SHA256 | 6c6ed48be417f931e149185eff306244a7a82e2113e0f7483ccef74daea78ebd |
| CRC32 | 40BB26E1 |
| ssdeep | 768:UiqmijmpcNEpYinAMxfxFwbYiBxFkumAMxkE0:xqZm2m7HxZib73OuUxo |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 41e3f69ecc09290e_httpErrorPagesScripts[1] |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\httpErrorPagesScripts[1] |
| Size | 5.4KB |
| Type | UTF-8 Unicode (with BOM) text, with CRLF line terminators |
| MD5 | dea81ac0a7951fb7c6cae182e5b19524 |
| SHA1 | 8022d0b818a0aea1af61346d86e6c374737bc95a |
| SHA256 | 41e3f69ecc09290ebc49be16d2415036ddb2f7a4b868eef4091d0b5a301762fe |
| CRC32 | 5E7F4A18 |
| ssdeep | 96:JCc1g1V1riA1CiOcitXred1cILqcpOnZ1g1V1OWnvvqt:xmjriGCiOciwd1BPOPmjOWnvC |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 2d4b69cd66266766_uk.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\uk.pak |
| Size | 592.5KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | 0ef500ed746d9682b8d1d626add09ff1 |
| SHA1 | 346eaa1387d155635437429b038023cdf00f2c63 |
| SHA256 | 2d4b69cd662667668899eaf64cb0dac362a35fb8e0f23577888975100aab4382 |
| CRC32 | 840573BE |
| ssdeep | 12288:G+qkund0ukuT5qNnnIFB51B3IjQtE9RxLNiXE7qqnE2:G/zlP5jEV |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 1b4f4fc0b71a8ebc_sl.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\sl.pak |
| Size | 362.0KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | ca037617ea943c6d585931a912342ffe |
| SHA1 | 046fc9ba9678e3fa3dbc1939ee180e6e1d72e6d0 |
| SHA256 | 1b4f4fc0b71a8ebc8e74c44802cde3b6ed1abd4200d8b39ad296da0a06b62bbb |
| CRC32 | C4909680 |
| ssdeep | 6144:zDFRRTNXkd+nnbANj7ncsJLm4ocyxPbPDZuugMrkf8jQLD65Mn+cD46EIni/fz+C:zBRRTCBJrCw65Q+czEQi/fz+Yqg |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 1f71ea9b8568d096_fr.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\fr.pak |
| Size | 387.4KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | e5aafca1e91390bc629b3108c773bf29 |
| SHA1 | 9abf2fd6ab40cd9ae1b45d404672aaa58ebaf9c8 |
| SHA256 | 1f71ea9b8568d096080f0d77126e1ea2c54989644f59d9e68a4111ee7676b38f |
| CRC32 | 1E89828D |
| ssdeep | 12288:utmun6QuagV7YzJsZsMYnYEOhjBOkxxIH4WWCFxNxKpKT5FQusOhY8BaIJFcSJP:utmrVQF55V |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 41b55d1f0dbf1d41_rcaptUi[1].js |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\rcaptUi[1].js |
| Size | 1.1KB |
| Type | UTF-8 Unicode text, with very long lines |
| MD5 | 5acfae617efd1cdbbbc82848ea311061 |
| SHA1 | 318286d58bf7b32391b1954a96c18298a203a661 |
| SHA256 | 41b55d1f0dbf1d416494a3090dfa81f03fad6e27c979e6d29d1bd66305c787ff |
| CRC32 | D1A6214D |
| ssdeep | 24:GslZIFVykEFtDrJaFHOL0Qs8L4LfdLzaJfmuU5VwU:/7IFMdDr2b9/aFfk |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | b1a1b89b52f3b5d1_download[1].htm |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BYECVYBT\download[1].htm |
| Size | 14.5KB |
| Type | HTML document, ASCII text, with very long lines |
| MD5 | d714672f148b52a61fcd89fe760240e1 |
| SHA1 | 65ef45eae5af5e71d970064799d564437ab7ee7a |
| SHA256 | b1a1b89b52f3b5d17f84a03f40de79301de4cf60c7bdc9c38df390f5f07d44ba |
| CRC32 | 388DA4E3 |
| ssdeep | 192:ciYJgaoKIGBFPvUB5inUGodPIrJEa5PPpV2fUz8HPaDdPohQ05:bKIPBkVQIrJdhxV2czEPGVoS05 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 526d4d99a16c035f_807805_114[1].json |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BYECVYBT\807805_114[1].json |
| Size | 432.0B |
| Type | UTF-8 Unicode text, with very long lines, with no line terminators |
| MD5 | c34a7e7cac58f00f60b04448922a3404 |
| SHA1 | 21becc410e8fbbd33f521c7f30cbfdb9bfbf127b |
| SHA256 | 526d4d99a16c035f300f8a9898df0276a9489d59cdae5b9b72546c5a91477923 |
| CRC32 | DC2D6BF6 |
| ssdeep | 12:ecJ2cdLAPAdL3dueudrEJvPX06cSrUOSYGtw9:ec/dUPA3ueuN0XVcSrUpYN |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | d8a6aa3e91ef211d_fa.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\fa.pak |
| Size | 524.3KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | a81decbf9897152106864ea10b4fcb2a |
| SHA1 | 28cf65a1e91163dac211372f82508175abcc6769 |
| SHA256 | d8a6aa3e91ef211d1525ef26dcd2e20819039ad497d789cbc1691f3cd96b58e3 |
| CRC32 | 108AEF24 |
| ssdeep | 12288:tEX9euyagjfwCRwNUrGSXfStQvoT+JwMTAKzIxRAQiHedNu3htodxWetlClwGdnY:juyagjfw0wNUrGSXfStQvoT+JwMTAKzA |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | ea03bfd7fdda1eac_f[3].txt |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTDTA402\f[3].txt |
| Size | 113.0B |
| Type | ASCII text, with no line terminators |
| MD5 | 446dfcea2ff3436918f2dacba3cdeab9 |
| SHA1 | 81972855e41941736d23fee567721e53b4bedb40 |
| SHA256 | ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742 |
| CRC32 | 50F4F831 |
| ssdeep | 3:oVew2dzzxHJzdd/xC0MId/avHvpHlxfYf:ogw2zzn/xeq/Ynxwf |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 9f53df9c3e5658f7_cs.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\cs.pak |
| Size | 369.9KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | 146aac893ae2282cd6f155c7e4246734 |
| SHA1 | 453fefa0d412a38c3838b12387ab47e940485e29 |
| SHA256 | 9f53df9c3e5658f7b9dec9900a671e06ad83601a59029fea0a195893049c5feb |
| CRC32 | 67B6F40A |
| ssdeep | 6144:CR3X6PwyIbYJw/AZeAeL3+5K8IGNzAy25/j8QG:CR3QwyIsJw/sg3+5K8IGtAy2V8 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | edcad5b1ce8a304b_views[1] |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BYECVYBT\views[1] |
| Size | 1.8KB |
| Type | ASCII text, with CRLF line terminators |
| MD5 | bee1758a485085bb8a121eb74ba7e96f |
| SHA1 | 8024492e1126b17f832e36c932d433200180b693 |
| SHA256 | edcad5b1ce8a304b70b8c9ea57d4aeab740d979ffa59243b943011cb1ba4d57e |
| CRC32 | 3FB291C2 |
| ssdeep | 48:1QuIGYwCQ73ZOaFibdMpn1c2CqWMwr8Qp5lAh:SncJO8ZDru9S |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 03f91d98ea7c2d10_google_com[1].htm |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\google_com[1].htm |
| Size | 145.1KB |
| Type | HTML document, UTF-8 Unicode text, with very long lines |
| MD5 | 590edbf2a34400851f58c5b7741707fe |
| SHA1 | 840828101ba3cc14a6cb6161fbd33c1e7944314f |
| SHA256 | 03f91d98ea7c2d10531ca6d98755350bd8715ece084a2a5b633091178c2e4a3c |
| CRC32 | 0FC7A5F0 |
| ssdeep | 1536:KiB6Wh1NFlTOWX7nOFvf2VecxGzR0NGDhW/tdaPP2rf3/WxZUldVILarXbdnZnL3:KibFlTWu9j+P+L3/Wx0kUxntw6 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 9145f661cce61685_fortectsetupadmin.log |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\FortectSetupAdmin.log |
| Size | 9.9KB |
| Processes | 3036 (None) |
| Type | Little-endian UTF-16 Unicode text, with very long lines, with CRLF, CR line terminators |
| MD5 | f7a3cca89800e357ba204745d0ccc251 |
| SHA1 | 078f3736fec521d65341333eb7090c08aafcdd62 |
| SHA256 | 9145f661cce616851f01205c1e5f7deac3e4bfef68458e711a7c851c126b27a9 |
| CRC32 | A2373C97 |
| ssdeep | 192:YRSrN1mUeLr8XiavC+N+yGrPV8nBAO9fCKOmXK0DG+8f+pkSqSekStXaGzL3:YRSrN1BeLr8XioC+N+yGrPVMBAO9fCK0 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 8af6113d196b7f54_nsis7z.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\plugins\nsis7z.dll |
| Size | 468.0KB |
| Processes | 3036 (None) |
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
| MD5 | c79d324f22f32cbafc30d38fc7a2a606 |
| SHA1 | ed15ed33d0611b307aac25609c2bc46f440a8869 |
| SHA256 | 8af6113d196b7f54df6b2ca2cf923e0660a7f47bfe84cce4f8ec3777b53ac7e4 |
| CRC32 | 03006A46 |
| ssdeep | 12288:cNZu4odeOo0QsjC4Fz74p87MZj/Ce/0jE:G/KeN0Jbh74S7ObCesjE |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 0f5cdbe57a86ffc5_keys_js5[2].htm |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTY94C7J\keys_js5[2].htm |
| Size | 1.0KB |
| Type | ASCII text |
| MD5 | 806b8779318889351f73daf895ffaab7 |
| SHA1 | fa95480dcef1090776066cd33aa165e12edaa43a |
| SHA256 | 0f5cdbe57a86ffc5bc5fc0cb7c16ce8e8800650150db1abe35b3cfc7452adf4d |
| CRC32 | 465E139D |
| ssdeep | 24:lIA+2TBKuuJWsV3QKfbXDaEKzkOJ7F0zVTefXor+wMwenZfur+wfC:Hvk3BDXDa9zPJ7F2ZefYrEZfurq |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 6f0ed8ab11b3397d_mailCount[1].js |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZTDTA402\mailCount[1].js |
| Size | 49.0B |
| Type | ASCII text, with no line terminators |
| MD5 | c11f0b04a91dc2cc641f5f2359bafe42 |
| SHA1 | c1a6ff11de2e9e09c710aef8c6a91276e0e806d2 |
| SHA256 | 6f0ed8ab11b3397d955c42f209bb455beb3b299768c87be2514fa96b5c57ff57 |
| CRC32 | C010593D |
| ssdeep | 3:RloKieXgXvv2RwrrUf:vo/n2Rd |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 056db0cc0ec69f6e_hi.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\hi.pak |
| Size | 770.9KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | 551e17fdf75742ec3363fe6d08e6b27e |
| SHA1 | 45d4ca9ba49f548e8b083ec8c21ee907d56b2ee8 |
| SHA256 | 056db0cc0ec69f6ee09b46ab20ec8f24368b872c2e2334744a77c4aa811c9e2d |
| CRC32 | 8073EDF3 |
| ssdeep | 3072:oCbevtdsXMcyodBek+v34QAEm5dmLjslI4GR3Te7MNsedYbOqGPt383+8A7ndNTs:zbSCpdat15g5wQ9l |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | d1c062104f136edf_resources.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\resources.pak |
| Size | 5.1MB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | 915f50ee09363c2e946fa60c3080d97b |
| SHA1 | 38038c4bee8780aaa89936534e5559fbc6aec953 |
| SHA256 | d1c062104f136edf33ad4d89460b2e4d9c1e463e792834ab91ef7d2a11953794 |
| CRC32 | 99895792 |
| ssdeep | 98304:YhFdIHa+WSTCCDw/xcljwglh1eZML3Arwr/NGKwkT+E59zqaPqPXSF7yOzy2oeUn:S+WSG+lUGhkMLQkrVWk6q9+nPXsq2oek |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | ba92995d1296b989_invalidcert[2] |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BYECVYBT\invalidcert[2] |
| Size | 4.9KB |
| Type | HTML document, UTF-8 Unicode (with BOM) text, with CRLF line terminators |
| MD5 | 57868b56f2ae430d15693e82a827ddb5 |
| SHA1 | c72b54f285f93e0ada5d1991dd2e8d1a14aa6a0c |
| SHA256 | ba92995d1296b989dc78b21e8c7eaadc799e91db819f3f83bfba817b28df6e4b |
| CRC32 | 6CA10D5C |
| ssdeep | 96:UqUHCkAs5PFkiGjUpG9gHdk0iSAu5hfeGNBz1t9hS:9ULAsnkdjo2gnNBz39hS |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | e34a164a539da857_uninstall.lnk |
|---|---|
| Filepath | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fortect\Uninstall.lnk |
| Size | 817.0B |
| Processes | 3036 (None) |
| Type | MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive, ctime=Tue Jul 2 15:28:07 2024, mtime=Tue Jul 2 15:28:07 2024, atime=Mon May 20 00:43:35 2024, length=468736, window=hide |
| MD5 | fae175bfaded2d6d8c94336c0734ea09 |
| SHA1 | 8556793d503cba62f07e51de7c501ef17a65596f |
| SHA256 | e34a164a539da857e57e3d46a54764fb364e1b169097fbb43280b2a0877f2e99 |
| CRC32 | 359D1802 |
| ssdeep | 12:8meOCjk1o0ENvNydpF46X9lXccZowviojAObdp61c7y0bdp61cAgG1M:8meOCYmNAdx91qsAKdfygdMW |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | dba15736751a45dc_keys_js5[1].htm |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\keys_js5[1].htm |
| Size | 1.0KB |
| Type | ASCII text |
| MD5 | 5a3ab9e38f59b345e5de3aa02d077ae0 |
| SHA1 | 3723c1a5f7e661e29e2f698f673473ccd7a7c2c1 |
| SHA256 | dba15736751a45dcc8811119aebe35e5ab0bf0592617818e6b966dd181a8d635 |
| CRC32 | D2326B60 |
| ssdeep | 24:y8E8Zx1Hv1bXDaEKzkOJ7F0zVTefXor+wMwenZfur+wfC:/Zx1HBXDa9zPJ7F2ZefYrEZfurq |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | e4f1ae937f95fb8a_apcfile.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\apcfile.dll |
| Size | 5.3MB |
| Processes | 3036 (None) |
| Type | PE32+ executable (DLL) (console) x86-64, for MS Windows |
| MD5 | 317636ddc6c69f2760c55caaacb5c9cf |
| SHA1 | c360b822a2135d531ffc7979cdf4c3f05ea07721 |
| SHA256 | e4f1ae937f95fb8ab70ded4a408c3baaba909026b5b24acf8f6a8b50795c991d |
| CRC32 | FD1573D7 |
| ssdeep | 49152:dGtlqNIU6iDtVwASO5pDtflKOIJPVF/hbhYwpEv8ad7B8Ju/xPFlpwEiwsOvPlZD:K+PpMJtF5bhYOE0wFlpsffpxQ2bZk |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 2689367b205c16ce_events[1].htm |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VKMIWH9C\events[1].htm |
| Size | 2.0B |
| Type | ASCII text, with no line terminators |
| MD5 | 444bcb3a3fcf8389296c49467f27e1d6 |
| SHA1 | 7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb |
| SHA256 | 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df |
| CRC32 | 79DCDD47 |
| ssdeep | 3:V:V |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 74a6123920651e0b_views[2] |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BYECVYBT\views[2] |
| Size | 3.3KB |
| Type | HTML document, UTF-8 Unicode text, with CRLF line terminators |
| MD5 | 913e35f05cf4bfc35e991e436f061b2e |
| SHA1 | 4d227f742c40d843b3e28a212ac1e8a304b9c1f3 |
| SHA256 | 74a6123920651e0bc714ab1f56ce7f6b796f3ca280e3b9489c9e13b1e1ffac5f |
| CRC32 | D9F5D257 |
| ssdeep | 48:4pPowKI58aHF/Au4Az3btKUAomFh9I5G6XNl1wv6s6v7T2M4dl4qbR/s1:pkmaHF/ERJ2vE6seCP4aR/s1 |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 28fe82312383c121_pl.pak |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\Fortect\EBB2B7109925\programfiles\locales\pl.pak |
| Size | 373.3KB |
| Processes | 3036 (None) |
| Type | data |
| MD5 | 820518dd035e1b504c8b794506f56484 |
| SHA1 | 01da91e7d00ef0e8de62161d0285b9b943a3b5bd |
| SHA256 | 28fe82312383c121366eb254c37ed2dfbe2493c6248cdac2b86de82feeedfb45 |
| CRC32 | 07D572C9 |
| ssdeep | 6144:0zYhR04bWUd+gAtiW1b2nPvmCUdGUhAzLSmFGmN/1QhA952L4x5sG:MYhRC0/AtiW1b2nPeCUdGUhMUmN/1Qh+ |
| Yara | None matched |
| VirusTotal | Search for analysis |