| Name | b2b8d0ae6f521f74_user.ps1 |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\user.ps1 |
| Size | 2.6KB |
| Processes | 2672 (powershell.exe) |
| Type | Little-endian UTF-16 Unicode text, with very long lines, with CR line terminators |
| MD5 | cc85cea6976260ff5a37cce16add254a |
| SHA1 | 512fceabd954e3eeba91c173f8b20e46501d3a00 |
| SHA256 | b2b8d0ae6f521f7405305a7afbe6d230c0dd22a18c4a852a6b69d9e54513e248 |
| CRC32 | 5477620B |
| ssdeep | 48:nrl9NR/6l1wl9N3AzP/P3aAf+oH6wR+CrqUpZdo+GtuhaLwKnl9NCzoXZ/P3aAG:n5RigwzP/P3aA3lrqgQzCeZ/P3aAG |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | e79b4cb2c0fbc55d_chrome.ps1 |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\chrome.ps1 |
| Size | 241.0B |
| Processes | 2672 (powershell.exe) |
| Type | UTF-8 Unicode (with BOM) text, with CRLF line terminators |
| MD5 | 9b4aa2bcec6ef1d194c3f1d2ea5965d3 |
| SHA1 | 3ccec521c21e8b6c3862aebc16281d3871f9fed4 |
| SHA256 | e79b4cb2c0fbc55dcd6afd7ae2294bd506ac8314d555506b5f4595bacd03e3f7 |
| CRC32 | 54975F0C |
| ssdeep | 6:jmWZighVTVcINFGnvzXVAfUr8fz9e7KlWvtel57BVO:SeRhVhRFGH1vUTO |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | c954e39a45997e09_347ae1b52e590f04.customdestinations-ms |
|---|---|
| Filepath | c:\users\test22\appdata\roaming\microsoft\windows\recent\customdestinations\347ae1b52e590f04.customdestinations-ms |
| Size | 5.5KB |
| Processes | 2672 (powershell.exe) |
| Type | data |
| MD5 | 38f7f5f6542941f88c08de73f0ae64a7 |
| SHA1 | 273665bd196c0892e1a8aec4e34534538ec6e056 |
| SHA256 | c954e39a45997e095aca4f24acf99231fbf2595ebeacf9342e982231e7a03f17 |
| CRC32 | CE9188EB |
| ssdeep | 48:ssHlRnRMbqRo7sHlRnRMb/EHdRoHbuM4b3+SogZolxwUQlUVul:bryg5ryzEHbKj47HwxGlUVul |
| Yara | None matched |
| VirusTotal | Search for analysis |