Name | bae319f183da5acc_time_20240716_055702.jpg |
---|---|
Filepath | C:\Users\test22\AppData\Roaming\Screenshots\time_20240716_055702.jpg |
Size | 29.6KB |
Processes | 2980 (windowsjx.exe) |
Type | JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1024x768, frames 3 |
MD5 | 128eb3bdd2baeec768639e77d2da1f87 |
SHA1 | 43a1006d1c6e9b758c5261a4b3d8209f87334e6a |
SHA256 | bae319f183da5acc03be0241aceb4dddab90040db95751a0fc1f62624a29872f |
CRC32 | 62D1EB9B |
ssdeep | 384:B7vLfr7LbgJOhooypmFf48Z3GUaf4xgCv+9NBQ:BjErqf48Z3GM+Cz |
Yara |
|
VirusTotal | Search for analysis |
Name | 8f47dbd8189dbe96_invoice_a_202.exe |
---|---|
Filepath | C:\Users\test22\AppData\Local\Temp\invoice_a_202.exe |
Size | 465.0KB |
Processes | 2556 (wscript.exe) |
Type | PE32 executable (GUI) Intel 80386, for MS Windows |
MD5 | f9e94909637a6b6471565022188ab2be |
SHA1 | b7b70fe9831829ebbe8e810d4d0a6253205dd640 |
SHA256 | 8f47dbd8189dbe96bda7511f2a37277ee9fab8a763619d120c0fe49d953124b7 |
CRC32 | 794BB34B |
ssdeep | 6144:2/Ya3uK4MW5sl80PF2hV/4puXyjSJ5DwFiyycdFXErWksAOZZgjXAccD6N:2/YaejslPd2f/4njSJJwLZ4sfZgpN |
Yara |
|
VirusTotal | Search for analysis |
Name | 822cbb0bef4ca3df_install.vbs |
---|---|
Filepath | C:\Users\test22\AppData\Local\Temp\install.vbs |
Size | 392.0B |
Processes | 2760 (invoice_a_202.exe) 2844 (wscript.exe) |
Type | data |
MD5 | a709fe06db2d825ee491b8bac6569204 |
SHA1 | add15c4998d5ed7ceb83714514a6285f52cfcecb |
SHA256 | 822cbb0bef4ca3dff8f2ae70537a990a2c4330db5b484f5e51282cb43ece8e46 |
CRC32 | F71EBBA0 |
ssdeep | 12:4D8o++ugypjBQMBvFQ4lOnb5SprNF0M/0aimi:4Dh+S0FNObYrNF0Nait |
Yara | None matched |
VirusTotal | Search for analysis |
Name | a2eb8ec643b32f38_bqiniwtuyc.js |
---|---|
Filepath | C:\Users\test22\AppData\Roaming\bQiNiwTuYc.js |
Size | 3.6KB |
Processes | 2556 (wscript.exe) |
Type | ASCII text, with very long lines, with no line terminators |
MD5 | 794372001398b622ff579acfaef83033 |
SHA1 | 16a5959aff569a269103456b282dd803651f4e06 |
SHA256 | a2eb8ec643b32f38c67006ea8b9ab00b449546b4869dd4e43fb45fc5fba45968 |
CRC32 | 78E752A2 |
ssdeep | 96:00UAUU/bAuojKxyimicjumLmTVBedfwBvVBDUJDSCOPAtG8x7Op:00UAUUDAuom8ihcjumLmTVBedYtVBDUo |
Yara | None matched |
VirusTotal | Search for analysis |
Name | 65f6b612484a6110_logs.dat |
---|---|
Filepath | C:\ProgramData\Remcos\logs.dat |
Size | 260.0B |
Processes | 2980 (windowsjx.exe) |
Type | data |
MD5 | 5440a11179e5a9b08a4c84e715e6d2a0 |
SHA1 | 3e9a3591b1c8eb71f38d1c7bc726cff87e9fef18 |
SHA256 | 65f6b612484a61109f08aa0068fe721329dce95e12042a2975cb780bf45d266f |
CRC32 | A964CB56 |
ssdeep | 6:6lV4WQD5YcIeeDAlOWA4dbJWEogltmgXl1oV:6lVdaec0WNW+ltZI |
Yara | None matched |
VirusTotal | Search for analysis |