| Name | c9a138b14ef0b191_2f5nctj8.txt |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\Microsoft\Windows\Cookies\2F5NCTJ8.txt |
| Size | 110.0B |
| Processes | 2216 (wscript.exe) |
| Type | ASCII text |
| MD5 | 66b6310f837a4d1545715e0f6365985f |
| SHA1 | 21e0d7031fee3161c7d6696282a3b36b665f0cd8 |
| SHA256 | c9a138b14ef0b19144e3dfb48c0cce6f67252f90bc9500e56be441b72e4c6ee0 |
| CRC32 | E06DA62E |
| ssdeep | 3:GmM/BTWXemAKWSXXTWvVEUskY27Vd1lccKTfVDtQ:XM/WKSXXSl71Gj5Q |
| Yara | None matched |
| VirusTotal | Search for analysis |
| Name | cf11d6b3c18d4c02_d93f411851d7c929.customDestinations-ms~RFe42bed.TMP |
|---|---|
| Filepath | C:\Users\test22\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d93f411851d7c929.customDestinations-ms~RFe42bed.TMP |
| Size | 7.8KB |
| Processes | 1120 (powershell.exe) 2692 (powershell.exe) |
| Type | data |
| MD5 | f2f5505600e2895c007b3ff3cfe3d4aa |
| SHA1 | f0235a3c8056872d55eeef803d1bc33bac37a753 |
| SHA256 | cf11d6b3c18d4c02466b670bcb0394ac49382e6a87ad58d2561f2660922b586c |
| CRC32 | 9AF5ED3C |
| ssdeep | 96:EtuCojGCPDXBqvsqvJCwoJtuCojGCPDXBqvsEHyqvJCworc7HwxGlUVul:Etu6XoJtu6bHnorXxY |
| Yara |
|
| VirusTotal | Search for analysis |