| Name | b7c225ef3cc3e875_d93f411851d7c929.customdestinations-ms |
|---|---|
| Filepath | c:\users\test22\appdata\roaming\microsoft\windows\recent\customdestinations\d93f411851d7c929.customdestinations-ms |
| Size | 7.8KB |
| Processes | 1400 (powershell.exe) |
| Type | data |
| MD5 | 81ca4510272caf505e8091e9a28cb716 |
| SHA1 | 71414aeec9f1e4a6f5a461b01700cc9cc992cd9e |
| SHA256 | b7c225ef3cc3e87506150eb140e7b9cc127a3469c50a808854acac71a53d98bf |
| CRC32 | FC31E90F |
| ssdeep | 96:EtuCcBGCPDXBqvsqvJCwoRtuCcBGCPDXBqvsEHyqvJCwor/47HwxGlUVul:EtCgXoRtCgbHnorLxY |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | dc1259a075e4d6ca_adobe-downexc.bat |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\Temp\Adobe-DownExc.bat |
| Size | 381.0B |
| Processes | 2544 (wscript.exe) |
| Type | DOS batch file, ASCII text |
| MD5 | 0e1c45f4335aba979b471a38ed1a0afe |
| SHA1 | 73ad43d86ada534eac9a6fcb05f55a56d9152058 |
| SHA256 | dc1259a075e4d6cad53771205ae449a126ac3a300c166dc4ff0e9ab6407e19b8 |
| CRC32 | 40693259 |
| ssdeep | 6:hDbFHImQpcLJaZ5betZwaKJV38GLg9VXbRXp+NI5P5ZmwpulXbRXp+NI5P58OWDr:hFOOLAHy4HB8QYVrVP5Y60rVP585vVPd |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 3c6e062d7cff32f5_adobe-run.vbs |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\Temp\Adobe-Run.vbs |
| Size | 124.0B |
| Processes | 2544 (wscript.exe) |
| Type | ASCII text |
| MD5 | 0cf956810c41bb3397b009c21f154e5d |
| SHA1 | 320b08c0886fc4b69e770b8d16f973647687a9b6 |
| SHA256 | 3c6e062d7cff32f59fe3f7c61ad541fcaccd524f8d245cd94880cd0a53ee8241 |
| CRC32 | 0878EDD9 |
| ssdeep | 3:jblYFFEm8nmtCBwwWAX+PzRXp+ViE1C5P559YHLjLAK:ju3NqAKwwWDbRXp+NI5P559YHkK |
| Yara | None matched |
| VirusTotal | Search for analysis |