| Name | 214c86b8bd2e00a7_d93f411851d7c929.customdestinations-ms |
|---|---|
| Filepath | c:\users\test22\appdata\roaming\microsoft\windows\recent\customdestinations\d93f411851d7c929.customdestinations-ms |
| Size | 7.8KB |
| Processes | 2056 (powershell.exe) |
| Type | data |
| MD5 | bab8a70759247f06d6327d70acd8b39e |
| SHA1 | 171c1b8aa59a4f8db54cfcb5ccfb41462f162b9a |
| SHA256 | 214c86b8bd2e00a7c3227fee95565a3f56903b8ce9fb49272d870033532d31ec |
| CRC32 | 58D978D4 |
| ssdeep | 96:EtuCcBGCPDXBqvsqvJCwoRtuCcBGCPDXBqvsEHyqvJCworP47HwxGlUVul:EtCgXoRtCgbHnor7xY |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | d75b7d9da6f8ed68_setupact.log |
|---|---|
| Filepath | C:\Windows\Logs\DPX\setupact.log |
| Size | 22.3KB |
| Processes | 3048 (wusa.exe) |
| Type | UTF-8 Unicode (with BOM) text, with CRLF line terminators |
| MD5 | e8a6276c8ac650b6728188280fe4a093 |
| SHA1 | 0dff45aada0b1bdc1171a6b40ac6444a3c5bca76 |
| SHA256 | d75b7d9da6f8ed68d6bdaea59d7d894b600e8e9262449e4053feff2caed29286 |
| CRC32 | AAED8A73 |
| ssdeep | 192:sKLKYKLKdIH36KBKzWI1EcTm8oKyKEK/KdKGKvKdKiKfKWKHKjKQKPKKKWKhKqKd:pIHVo+ |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | b7c225ef3cc3e875_d93f411851d7c929.customDestinations-ms~RF201b17e.TMP |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d93f411851d7c929.customDestinations-ms~RF201b17e.TMP |
| Size | 7.8KB |
| Processes | 2764 (powershell.exe) 2892 (powershell.exe) |
| Type | data |
| MD5 | 81ca4510272caf505e8091e9a28cb716 |
| SHA1 | 71414aeec9f1e4a6f5a461b01700cc9cc992cd9e |
| SHA256 | b7c225ef3cc3e87506150eb140e7b9cc127a3469c50a808854acac71a53d98bf |
| CRC32 | FC31E90F |
| ssdeep | 96:EtuCcBGCPDXBqvsqvJCwoRtuCcBGCPDXBqvsEHyqvJCwor/47HwxGlUVul:EtCgXoRtCgbHnorLxY |
| Yara |
|
| VirusTotal | Search for analysis |