| Name | b4f7eb279b546280_pxtgqcfi.out |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\pxtgqcfi.out |
| Size | 598.0B |
| Processes | 2760 (powershell.exe) |
| Type | UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators |
| MD5 | a1c562ac9d97a318c51c149f5120eefc |
| SHA1 | 6207bb55aaba9a9cd8cf780aa471fa3e4424714c |
| SHA256 | b4f7eb279b5462804db0d68940b32fe46fe7ead29508d5373d17a2b35cede978 |
| CRC32 | 206FD7D7 |
| ssdeep | 12:K4X/NzR37LvXOLMxQnPAE2xOLMTHuKai31bIKIMBj6I5BFR5y:KyNzd3BxQnIE2nKKai31bIKIMl6I5Dvy |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | b5bb3a4b583ae7a5_pxtgqcfi.0.cs |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\pxtgqcfi.0.cs |
| Size | 487.0B |
| Processes | 2760 (powershell.exe) |
| Type | C++ source, UTF-8 Unicode (with BOM) text, with very long lines |
| MD5 | afa9d5676b296e729cadd17eac36ff9b |
| SHA1 | 98c05def932b44b550d37aec04f8062821492986 |
| SHA256 | b5bb3a4b583ae7a5a557c0e34917d0eb4c08107a962576b777630a9cc70a103d |
| CRC32 | 3E4379BA |
| ssdeep | 6:V/DsYLDS81zuy2BMmHQXReKJ8SRHy4HqYR6mYmze/b88y:V/DTLDfuMXfHWYR5ejLy |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 3a255c0024916f19_590aee7bdd69b59b.customdestinations-ms |
|---|---|
| Filepath | c:\users\test22\appdata\roaming\microsoft\windows\recent\customdestinations\590aee7bdd69b59b.customdestinations-ms |
| Size | 7.8KB |
| Processes | 2760 (powershell.exe) |
| Type | data |
| MD5 | 6fd29def73b2779e0ae71c4eecd304f7 |
| SHA1 | 4ba660e4db856e04eb93a01c59ee764259ec55e7 |
| SHA256 | 3a255c0024916f19c5b3f5d4aa5cde453cc5d90b0784a15f0456e57e71a764b6 |
| CRC32 | 1F966CD8 |
| ssdeep | 96:ctuCeGCPDXBqvsqvJCwo5tuCeGCPDXBqvsEHyqvJCworDPtDHXyf2lUVul:ctvXo5tvbHnorxTyQ |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 7886e9d237ad2e69_pxtgqcfi.pdb |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\pxtgqcfi.pdb |
| Size | 7.5KB |
| Processes | 2900 (csc.exe) 2760 (powershell.exe) |
| Type | MSVC program database ver 7.00, 512*15 bytes |
| MD5 | 30b2e04b279c4f67a2c61a401ae370e1 |
| SHA1 | a11ea16b8554e3e01f6cb5c69bce51595bf4cb51 |
| SHA256 | 7886e9d237ad2e69bfc10907d67cd1b1e9421ff4e90e02df2b925a15ea29c26a |
| CRC32 | DDFC79AF |
| ssdeep | 6:zz/BamfXllNS/+7l/31mllxrS/77715KZYXjT8MoGggksl/3YXBGQu+e0KWEi+:zz/H1W/kltSXS/pw+dmqRi |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | e8901f873c4ed465_CSCCEC0.tmp |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\CSCCEC0.tmp |
| Size | 652.0B |
| Processes | 2900 (csc.exe) |
| Type | MSVC .res |
| MD5 | be6f166f16c3f9403bbdb4e92efbf310 |
| SHA1 | 07fbf5ed7dd097feedf73cf15010344d74cacdea |
| SHA256 | e8901f873c4ed465e081461ffb88073a7cd5993843af282544a25a87c1d17336 |
| CRC32 | 59122157 |
| ssdeep | 12:DXt4Ii3ntuAHia5YA49aUGiqMZAiN5gryVDGak7YnqqWDXPN5Dlq5J:+RI+ycuZhNKakSSPNnqX |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | 2d92bdf3d4256b8f_pxtgqcfi.dll |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\pxtgqcfi.dll |
| Size | 3.5KB |
| Processes | 2900 (csc.exe) 2760 (powershell.exe) |
| Type | PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows |
| MD5 | 0af9d42382464db059df33268667fc3a |
| SHA1 | d4725f70695e0b7b4d495f88c69e029519748107 |
| SHA256 | 2d92bdf3d4256b8fc4cd5bd09ccb6b21d8a9b709856936855cedcca8cdf6d0d4 |
| CRC32 | 7AB55BD8 |
| ssdeep | 24:etGSZNiGTw3lqt7x7WukoUl2F6UUbdPtkZfu8tmV1Q6mI+ycuZhNKakSSPNnq:6+p7c8y6UMuJuhiJ1ulKa3+q |
| Yara |
|
| VirusTotal | Search for analysis |
| Name | 8c6ec9b40a6d7bb6_pxtgqcfi.cmdline |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\pxtgqcfi.cmdline |
| Size | 311.0B |
| Processes | 2760 (powershell.exe) |
| Type | UTF-8 Unicode (with BOM) text, with very long lines, with no line terminators |
| MD5 | b237fbc5d57ef054b33a515e16203789 |
| SHA1 | c1dd304d05093aa5213de237057a5e7de9bb0840 |
| SHA256 | 8c6ec9b40a6d7bb6bf1d4fb7218b7478ab145a8c7494ef9540c3ebdf96818430 |
| CRC32 | A0CDF009 |
| ssdeep | 6:pAu+H2LvFJDdq++bDdqBnmQpcLJ23fw2nQmGsSAE2NmQpcLJ23fwyHn:p37LvXOLMxQnPAE2xOLMTHn |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name |
e3b0c44298fc1c14_pxtgqcfi.err
Empty file or file not found
|
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\pxtgqcfi.err |
| Size | 0.0B |
| Type | empty |
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| CRC32 | 00000000 |
| ssdeep | 3:: |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | eb3acfedf8466ce4_RESCF2E.tmp |
|---|---|
| Filepath | C:\Users\test22\AppData\Local\Temp\RESCF2E.tmp |
| Size | 1.2KB |
| Processes | 1700 (cvtres.exe) 2900 (csc.exe) |
| Type | Intel 80386 COFF object file, not stripped, 3 sections, symbol offset=0x406, 9 symbols |
| MD5 | bedfb979edad65ebfbf359382772f2ca |
| SHA1 | f67195c9624b1369c15ab7e574549ec2d2a566db |
| SHA256 | eb3acfedf8466ce4a96349e6ae56e490654358c814baad32c4310ada2f76f238 |
| CRC32 | 4D425800 |
| ssdeep | 24:HbJ9YernA/E3mHrUnhKLI+ycuZhNKakSSPNnqjtd:0ernAMmInhKL1ulKa3+qjH |
| Yara | None matched |
| VirusTotal | Search for analysis |