20c6d29d...d77d

C:\Users\FD1HVy\Desktop\=UTF-8B4oCuNHBtLnhlcy5leGU==.exe

Sample File

Binary

Malicious

»

Mime Type	application/vnd.microsoft.portable-executable
File Size	1.96 MB
MD5	217c23371f1d91e81beac74a759be045
SHA1	7aa2abe3c6d2decee0bd741198a59db9c92d4cbd
SHA256	20c6d29da875075afa0ed7b4fb58e555de89d4bed13bf5ad109817c593ddd77d
SSDeep	49152:cbIZw+8h+93HIyboFW0eqqoD5PyyGBrmM/eZzUBSzPayRxcJ:zb3HlCW0eGIy6r//eZAIWyRxq
ImpHash	00be6e6c4f9e287672c8301b72bdabf3

File Reputation Information

»

Severity	Blacklisted
First Seen	2019-07-06 17:40 (UTC+2)
Last Seen	2019-07-12 16:00 (UTC+2)
Names	Win32.Trojan.Delshad
Families	Delshad
Classification	Trojan

PE Information

»

Image Base	0x400000
Entry Point	0x41d549
Size Of Code	0x2ea00
Size Of Initialized Data	0x13400
File Type	FileType.executable
Subsystem	Subsystem.windows_gui
Machine Type	MachineType.i386
Compile Timestamp	2018-09-30 18:01:44+00:00

Sections (6)

»

Name	Virtual Address	Virtual Size	Raw Data Size	Raw Data Offset	Flags	Entropy
.text	0x401000	0x2e924	0x2ea00	0x400	IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ	6.7
.rdata	0x430000	0x9a8c	0x9c00	0x2ee00	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ	5.13
.data	0x43a000	0x203a0	0xc00	0x38a00	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE	3.24
.gfids	0x45b000	0xe8	0x200	0x39600	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ	2.09
.rsrc	0x45c000	0x68f8	0x6a00	0x39800	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ	6.67
.reloc	0x463000	0x1fdc	0x2000	0x40200	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ	6.68

Imports (2)

»

KERNEL32.dll (140)

»

API Name	Ordinal	IAT Address	Thunk RVA	Thunk Offset	Hint
GetLastError	0x0	0x430000	0x38d20	0x37b20	0x202
SetLastError	0x0	0x430004	0x38d24	0x37b24	0x473
GetCurrentProcess	0x0	0x430008	0x38d28	0x37b28	0x1c0
DeviceIoControl	0x0	0x43000c	0x38d2c	0x37b2c	0xdd
SetFileTime	0x0	0x430010	0x38d30	0x37b30	0x46a
CloseHandle	0x0	0x430014	0x38d34	0x37b34	0x52
CreateDirectoryW	0x0	0x430018	0x38d38	0x37b38	0x81
RemoveDirectoryW	0x0	0x43001c	0x38d3c	0x37b3c	0x403
CreateFileW	0x0	0x430020	0x38d40	0x37b40	0x8f
DeleteFileW	0x0	0x430024	0x38d44	0x37b44	0xd6
CreateHardLinkW	0x0	0x430028	0x38d48	0x37b48	0x93
GetShortPathNameW	0x0	0x43002c	0x38d4c	0x37b4c	0x261
GetLongPathNameW	0x0	0x430030	0x38d50	0x37b50	0x20f
MoveFileW	0x0	0x430034	0x38d54	0x37b54	0x363
GetFileType	0x0	0x430038	0x38d58	0x37b58	0x1f3
GetStdHandle	0x0	0x43003c	0x38d5c	0x37b5c	0x264
WriteFile	0x0	0x430040	0x38d60	0x37b60	0x525
ReadFile	0x0	0x430044	0x38d64	0x37b64	0x3c0
FlushFileBuffers	0x0	0x430048	0x38d68	0x37b68	0x157
SetEndOfFile	0x0	0x43004c	0x38d6c	0x37b6c	0x453
SetFilePointer	0x0	0x430050	0x38d70	0x37b70	0x466
SetFileAttributesW	0x0	0x430054	0x38d74	0x37b74	0x461
GetFileAttributesW	0x0	0x430058	0x38d78	0x37b78	0x1ea
FindClose	0x0	0x43005c	0x38d7c	0x37b7c	0x12e
FindFirstFileW	0x0	0x430060	0x38d80	0x37b80	0x139
FindNextFileW	0x0	0x430064	0x38d84	0x37b84	0x145
GetVersionExW	0x0	0x430068	0x38d88	0x37b88	0x2a4
GetCurrentDirectoryW	0x0	0x43006c	0x38d8c	0x37b8c	0x1bf
GetFullPathNameW	0x0	0x430070	0x38d90	0x37b90	0x1fb
FoldStringW	0x0	0x430074	0x38d94	0x37b94	0x15c
GetModuleFileNameW	0x0	0x430078	0x38d98	0x37b98	0x214
GetModuleHandleW	0x0	0x43007c	0x38d9c	0x37b9c	0x218
FindResourceW	0x0	0x430080	0x38da0	0x37ba0	0x14e
FreeLibrary	0x0	0x430084	0x38da4	0x37ba4	0x162
GetProcAddress	0x0	0x430088	0x38da8	0x37ba8	0x245
GetCurrentProcessId	0x0	0x43008c	0x38dac	0x37bac	0x1c1
ExitProcess	0x0	0x430090	0x38db0	0x37bb0	0x119
SetThreadExecutionState	0x0	0x430094	0x38db4	0x37bb4	0x493
Sleep	0x0	0x430098	0x38db8	0x37bb8	0x4b2
LoadLibraryW	0x0	0x43009c	0x38dbc	0x37bbc	0x33f
GetSystemDirectoryW	0x0	0x4300a0	0x38dc0	0x37bc0	0x270
CompareStringW	0x0	0x4300a4	0x38dc4	0x37bc4	0x64
AllocConsole	0x0	0x4300a8	0x38dc8	0x37bc8	0x10
FreeConsole	0x0	0x4300ac	0x38dcc	0x37bcc	0x15f
AttachConsole	0x0	0x4300b0	0x38dd0	0x37bd0	0x17
WriteConsoleW	0x0	0x4300b4	0x38dd4	0x37bd4	0x524
GetProcessAffinityMask	0x0	0x4300b8	0x38dd8	0x37bd8	0x246
CreateThread	0x0	0x4300bc	0x38ddc	0x37bdc	0xb5
SetThreadPriority	0x0	0x4300c0	0x38de0	0x37be0	0x499
InitializeCriticalSection	0x0	0x4300c4	0x38de4	0x37be4	0x2e2
EnterCriticalSection	0x0	0x4300c8	0x38de8	0x37be8	0xee
LeaveCriticalSection	0x0	0x4300cc	0x38dec	0x37bec	0x339
DeleteCriticalSection	0x0	0x4300d0	0x38df0	0x37bf0	0xd1
SetEvent	0x0	0x4300d4	0x38df4	0x37bf4	0x459
ResetEvent	0x0	0x4300d8	0x38df8	0x37bf8	0x40f
ReleaseSemaphore	0x0	0x4300dc	0x38dfc	0x37bfc	0x3fe
WaitForSingleObject	0x0	0x4300e0	0x38e00	0x37c00	0x4f9
CreateEventW	0x0	0x4300e4	0x38e04	0x37c04	0x85
CreateSemaphoreW	0x0	0x4300e8	0x38e08	0x37c08	0xae
GetSystemTime	0x0	0x4300ec	0x38e0c	0x37c0c	0x277
SystemTimeToTzSpecificLocalTime	0x0	0x4300f0	0x38e10	0x37c10	0x4be
TzSpecificLocalTimeToSystemTime	0x0	0x4300f4	0x38e14	0x37c14	0x4d0
SystemTimeToFileTime	0x0	0x4300f8	0x38e18	0x37c18	0x4bd
FileTimeToLocalFileTime	0x0	0x4300fc	0x38e1c	0x37c1c	0x124
LocalFileTimeToFileTime	0x0	0x430100	0x38e20	0x37c20	0x346
FileTimeToSystemTime	0x0	0x430104	0x38e24	0x37c24	0x125
GetCPInfo	0x0	0x430108	0x38e28	0x37c28	0x172
IsDBCSLeadByte	0x0	0x43010c	0x38e2c	0x37c2c	0x2fe
MultiByteToWideChar	0x0	0x430110	0x38e30	0x37c30	0x367
WideCharToMultiByte	0x0	0x430114	0x38e34	0x37c34	0x511
GlobalAlloc	0x0	0x430118	0x38e38	0x37c38	0x2b3
GetTickCount	0x0	0x43011c	0x38e3c	0x37c3c	0x293
LockResource	0x0	0x430120	0x38e40	0x37c40	0x354
GlobalLock	0x0	0x430124	0x38e44	0x37c44	0x2be
GlobalUnlock	0x0	0x430128	0x38e48	0x37c48	0x2c5
GlobalFree	0x0	0x43012c	0x38e4c	0x37c4c	0x2ba
LoadResource	0x0	0x430130	0x38e50	0x37c50	0x341
SizeofResource	0x0	0x430134	0x38e54	0x37c54	0x4b1
SetCurrentDirectoryW	0x0	0x430138	0x38e58	0x37c58	0x44d
GetExitCodeProcess	0x0	0x43013c	0x38e5c	0x37c5c	0x1df
GetLocalTime	0x0	0x430140	0x38e60	0x37c60	0x203
MapViewOfFile	0x0	0x430144	0x38e64	0x37c64	0x357
UnmapViewOfFile	0x0	0x430148	0x38e68	0x37c68	0x4d6
CreateFileMappingW	0x0	0x43014c	0x38e6c	0x37c6c	0x8c
OpenFileMappingW	0x0	0x430150	0x38e70	0x37c70	0x379
GetCommandLineW	0x0	0x430154	0x38e74	0x37c74	0x187
SetEnvironmentVariableW	0x0	0x430158	0x38e78	0x37c78	0x457
ExpandEnvironmentStringsW	0x0	0x43015c	0x38e7c	0x37c7c	0x11d
GetTempPathW	0x0	0x430160	0x38e80	0x37c80	0x285
MoveFileExW	0x0	0x430164	0x38e84	0x37c84	0x360
GetLocaleInfoW	0x0	0x430168	0x38e88	0x37c88	0x206
GetTimeFormatW	0x0	0x43016c	0x38e8c	0x37c8c	0x297
GetDateFormatW	0x0	0x430170	0x38e90	0x37c90	0x1c8
GetNumberFormatW	0x0	0x430174	0x38e94	0x37c94	0x233
SetFilePointerEx	0x0	0x430178	0x38e98	0x37c98	0x467
GetConsoleMode	0x0	0x43017c	0x38e9c	0x37c9c	0x1ac
GetConsoleCP	0x0	0x430180	0x38ea0	0x37ca0	0x19a
HeapSize	0x0	0x430184	0x38ea4	0x37ca4	0x2d4
SetStdHandle	0x0	0x430188	0x38ea8	0x37ca8	0x487
GetProcessHeap	0x0	0x43018c	0x38eac	0x37cac	0x24a
RaiseException	0x0	0x430190	0x38eb0	0x37cb0	0x3b1
GetSystemInfo	0x0	0x430194	0x38eb4	0x37cb4	0x273
VirtualProtect	0x0	0x430198	0x38eb8	0x37cb8	0x4ef
VirtualQuery	0x0	0x43019c	0x38ebc	0x37cbc	0x4f1
LoadLibraryExA	0x0	0x4301a0	0x38ec0	0x37cc0	0x33d
IsProcessorFeaturePresent	0x0	0x4301a4	0x38ec4	0x37cc4	0x304
IsDebuggerPresent	0x0	0x4301a8	0x38ec8	0x37cc8	0x300
UnhandledExceptionFilter	0x0	0x4301ac	0x38ecc	0x37ccc	0x4d3
SetUnhandledExceptionFilter	0x0	0x4301b0	0x38ed0	0x37cd0	0x4a5
GetStartupInfoW	0x0	0x4301b4	0x38ed4	0x37cd4	0x263
QueryPerformanceCounter	0x0	0x4301b8	0x38ed8	0x37cd8	0x3a7
GetCurrentThreadId	0x0	0x4301bc	0x38edc	0x37cdc	0x1c5
GetSystemTimeAsFileTime	0x0	0x4301c0	0x38ee0	0x37ce0	0x279
InitializeSListHead	0x0	0x4301c4	0x38ee4	0x37ce4	0x2e7
TerminateProcess	0x0	0x4301c8	0x38ee8	0x37ce8	0x4c0
RtlUnwind	0x0	0x4301cc	0x38eec	0x37cec	0x418
EncodePointer	0x0	0x4301d0	0x38ef0	0x37cf0	0xea
InitializeCriticalSectionAndSpinCount	0x0	0x4301d4	0x38ef4	0x37cf4	0x2e3
TlsAlloc	0x0	0x4301d8	0x38ef8	0x37cf8	0x4c5
TlsGetValue	0x0	0x4301dc	0x38efc	0x37cfc	0x4c7
TlsSetValue	0x0	0x4301e0	0x38f00	0x37d00	0x4c8
TlsFree	0x0	0x4301e4	0x38f04	0x37d04	0x4c6
LoadLibraryExW	0x0	0x4301e8	0x38f08	0x37d08	0x33e
QueryPerformanceFrequency	0x0	0x4301ec	0x38f0c	0x37d0c	0x3a8
GetModuleHandleExW	0x0	0x4301f0	0x38f10	0x37d10	0x217
GetModuleFileNameA	0x0	0x4301f4	0x38f14	0x37d14	0x213
GetACP	0x0	0x4301f8	0x38f18	0x37d18	0x168
HeapFree	0x0	0x4301fc	0x38f1c	0x37d1c	0x2cf
HeapAlloc	0x0	0x430200	0x38f20	0x37d20	0x2cb
HeapReAlloc	0x0	0x430204	0x38f24	0x37d24	0x2d2
GetStringTypeW	0x0	0x430208	0x38f28	0x37d28	0x269
LCMapStringW	0x0	0x43020c	0x38f2c	0x37d2c	0x32d
FindFirstFileExA	0x0	0x430210	0x38f30	0x37d30	0x133
FindNextFileA	0x0	0x430214	0x38f34	0x37d34	0x143
IsValidCodePage	0x0	0x430218	0x38f38	0x37d38	0x30a
GetOEMCP	0x0	0x43021c	0x38f3c	0x37d3c	0x237
GetCommandLineA	0x0	0x430220	0x38f40	0x37d40	0x186
GetEnvironmentStringsW	0x0	0x430224	0x38f44	0x37d44	0x1da
FreeEnvironmentStringsW	0x0	0x430228	0x38f48	0x37d48	0x161
DecodePointer	0x0	0x43022c	0x38f4c	0x37d4c	0xca

gdiplus.dll (9)

»

API Name	Ordinal	IAT Address	Thunk RVA	Thunk Offset	Hint
GdiplusShutdown	0x0	0x430234	0x38f54	0x37d54	0x274
GdiplusStartup	0x0	0x430238	0x38f58	0x37d58	0x275
GdipCreateHBITMAPFromBitmap	0x0	0x43023c	0x38f5c	0x37d5c	0x5f
GdipCreateBitmapFromStreamICM	0x0	0x430240	0x38f60	0x37d60	0x52
GdipCreateBitmapFromStream	0x0	0x430244	0x38f64	0x37d64	0x51
GdipDisposeImage	0x0	0x430248	0x38f68	0x37d68	0x98
GdipCloneImage	0x0	0x43024c	0x38f6c	0x37d6c	0x36
GdipFree	0x0	0x430250	0x38f70	0x37d70	0xed
GdipAlloc	0x0	0x430254	0x38f74	0x37d74	0x21

Icons (1)

»

Memory Dumps (2)

»

Name	Process ID	Start VA	End VA	Dump Reason	PE Rebuilds	Bitness	Entry Points	AV	YARA	Actions
=utf-8b4ocunhbtlnhlcy5legu==.exe	1	0x00E70000	0x00ED4FFF	Relevant Image	-	32-bit	-			... Memory Dump Actions Download Dump Go to process
=utf-8b4ocunhbtlnhlcy5legu==.exe	1	0x00E70000	0x00ED4FFF	Process Termination	-	32-bit	-			... Memory Dump Actions Download Dump Go to process

Local AV Matches (1)

»

Threat Name	Severity
Generic.Starter.3.EC0425DF	Malicious

svchost .exe

Dropped File

Binary

Malicious

»

Mime Type	application/vnd.microsoft.portable-executable
File Size	5.00 MB
MD5	3e7bd2126ad2d056b12a906ec74f4e75
SHA1	2147ec630ce348816fce2e9b7a36a14a0a7f56d0
SHA256	7f1d3ed805910aa90172d72e7923d129d2967bfe50398e863ec48b71c952b199
SSDeep	49152:qLEF0sMSeQfrF9TM1CMSVXa38ZcfbNIIXi3bJ5A45bzXb/Zz:qLEFNMfC/U38SbNII0bJ5A+bl
ImpHash	4cda7c490dd86a130584d01edc3a0b05

File Reputation Information

»

Severity	Blacklisted
First Seen	2019-07-07 06:28 (UTC+2)
Last Seen	2019-07-12 17:00 (UTC+2)
Names	Win32.Trojan.Encoder
Families	Encoder
Classification	Trojan

PE Information

»

Image Base	0x400000
Entry Point	0x4014b0
Size Of Code	0x77800
Size Of Initialized Data	0x86a00
Size Of Uninitialized Data	0x1400
File Type	FileType.executable
Subsystem	Subsystem.windows_gui
Machine Type	MachineType.i386
Compile Timestamp	2019-07-02 04:50:38+00:00

Sections (16)

»

Name	Virtual Address	Virtual Size	Raw Data Size	Raw Data Offset	Flags	Entropy
.text	0x401000	0x77640	0x77800	0x400	IMAGE_SCN_CNT_CODE, IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_ALIGN_1BYTES, IMAGE_SCN_ALIGN_4BYTES, IMAGE_SCN_ALIGN_8BYTES, IMAGE_SCN_ALIGN_16BYTES, IMAGE_SCN_ALIGN_32BYTES, IMAGE_SCN_ALIGN_64BYTES, IMAGE_SCN_ALIGN_256BYTES, IMAGE_SCN_ALIGN_1024BYTES, IMAGE_SCN_ALIGN_2048BYTES, IMAGE_SCN_ALIGN_4096BYTES, IMAGE_SCN_ALIGN_8192BYTES, IMAGE_SCN_ALIGN_MASK, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ	5.9
.data	0x479000	0x67f8	0x6800	0x77c00	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_ALIGN_2BYTES, IMAGE_SCN_ALIGN_4BYTES, IMAGE_SCN_ALIGN_8BYTES, IMAGE_SCN_ALIGN_16BYTES, IMAGE_SCN_ALIGN_32BYTES, IMAGE_SCN_ALIGN_64BYTES, IMAGE_SCN_ALIGN_512BYTES, IMAGE_SCN_ALIGN_1024BYTES, IMAGE_SCN_ALIGN_2048BYTES, IMAGE_SCN_ALIGN_4096BYTES, IMAGE_SCN_ALIGN_8192BYTES, IMAGE_SCN_ALIGN_MASK, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE	0.55
.rdata	0x480000	0x7540	0x7600	0x7e400	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_ALIGN_2BYTES, IMAGE_SCN_ALIGN_4BYTES, IMAGE_SCN_ALIGN_8BYTES, IMAGE_SCN_ALIGN_16BYTES, IMAGE_SCN_ALIGN_32BYTES, IMAGE_SCN_ALIGN_64BYTES, IMAGE_SCN_ALIGN_512BYTES, IMAGE_SCN_ALIGN_1024BYTES, IMAGE_SCN_ALIGN_2048BYTES, IMAGE_SCN_ALIGN_4096BYTES, IMAGE_SCN_ALIGN_8192BYTES, IMAGE_SCN_ALIGN_MASK, IMAGE_SCN_MEM_READ	5.0
.bss	0x488000	0x13a0	0x0	0x0	IMAGE_SCN_CNT_UNINITIALIZED_DATA, IMAGE_SCN_ALIGN_2BYTES, IMAGE_SCN_ALIGN_4BYTES, IMAGE_SCN_ALIGN_8BYTES, IMAGE_SCN_ALIGN_16BYTES, IMAGE_SCN_ALIGN_32BYTES, IMAGE_SCN_ALIGN_64BYTES, IMAGE_SCN_ALIGN_512BYTES, IMAGE_SCN_ALIGN_1024BYTES, IMAGE_SCN_ALIGN_2048BYTES, IMAGE_SCN_ALIGN_4096BYTES, IMAGE_SCN_ALIGN_8192BYTES, IMAGE_SCN_ALIGN_MASK, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE	0.0
.idata	0x48a000	0xf98	0x1000	0x85a00	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_ALIGN_1BYTES, IMAGE_SCN_ALIGN_2BYTES, IMAGE_SCN_ALIGN_4BYTES, IMAGE_SCN_ALIGN_16BYTES, IMAGE_SCN_ALIGN_32BYTES, IMAGE_SCN_ALIGN_64BYTES, IMAGE_SCN_ALIGN_256BYTES, IMAGE_SCN_ALIGN_512BYTES, IMAGE_SCN_ALIGN_1024BYTES, IMAGE_SCN_ALIGN_4096BYTES, IMAGE_SCN_ALIGN_8192BYTES, IMAGE_SCN_ALIGN_MASK, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE	5.25
.CRT	0x48b000	0x34	0x200	0x86a00	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_ALIGN_1BYTES, IMAGE_SCN_ALIGN_2BYTES, IMAGE_SCN_ALIGN_4BYTES, IMAGE_SCN_ALIGN_16BYTES, IMAGE_SCN_ALIGN_32BYTES, IMAGE_SCN_ALIGN_64BYTES, IMAGE_SCN_ALIGN_256BYTES, IMAGE_SCN_ALIGN_512BYTES, IMAGE_SCN_ALIGN_1024BYTES, IMAGE_SCN_ALIGN_4096BYTES, IMAGE_SCN_ALIGN_8192BYTES, IMAGE_SCN_ALIGN_MASK, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE	0.27
.tls	0x48c000	0x20	0x200	0x86c00	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_ALIGN_1BYTES, IMAGE_SCN_ALIGN_2BYTES, IMAGE_SCN_ALIGN_4BYTES, IMAGE_SCN_ALIGN_16BYTES, IMAGE_SCN_ALIGN_32BYTES, IMAGE_SCN_ALIGN_64BYTES, IMAGE_SCN_ALIGN_256BYTES, IMAGE_SCN_ALIGN_512BYTES, IMAGE_SCN_ALIGN_1024BYTES, IMAGE_SCN_ALIGN_4096BYTES, IMAGE_SCN_ALIGN_8192BYTES, IMAGE_SCN_ALIGN_MASK, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE	0.22
/4	0x48d000	0x4fe0	0x5000	0x86e00	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_ALIGN_8BYTES, IMAGE_SCN_ALIGN_16BYTES, IMAGE_SCN_ALIGN_32BYTES, IMAGE_SCN_ALIGN_64BYTES, IMAGE_SCN_ALIGN_2048BYTES, IMAGE_SCN_ALIGN_4096BYTES, IMAGE_SCN_ALIGN_8192BYTES, IMAGE_SCN_ALIGN_MASK, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ	4.27
/19	0x492000	0x1dbfe1	0x1dc000	0x8be00	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_ALIGN_1BYTES, IMAGE_SCN_ALIGN_4BYTES, IMAGE_SCN_ALIGN_16BYTES, IMAGE_SCN_ALIGN_64BYTES, IMAGE_SCN_ALIGN_256BYTES, IMAGE_SCN_ALIGN_1024BYTES, IMAGE_SCN_ALIGN_4096BYTES, IMAGE_SCN_ALIGN_MASK, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ	6.06
/31	0x66e000	0x1c2aa	0x1c400	0x267e00	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_ALIGN_1BYTES, IMAGE_SCN_ALIGN_4BYTES, IMAGE_SCN_ALIGN_16BYTES, IMAGE_SCN_ALIGN_64BYTES, IMAGE_SCN_ALIGN_256BYTES, IMAGE_SCN_ALIGN_1024BYTES, IMAGE_SCN_ALIGN_4096BYTES, IMAGE_SCN_ALIGN_MASK, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ	4.78
/45	0x68b000	0x3a2ad	0x3a400	0x284200	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_ALIGN_1BYTES, IMAGE_SCN_ALIGN_4BYTES, IMAGE_SCN_ALIGN_16BYTES, IMAGE_SCN_ALIGN_64BYTES, IMAGE_SCN_ALIGN_256BYTES, IMAGE_SCN_ALIGN_1024BYTES, IMAGE_SCN_ALIGN_4096BYTES, IMAGE_SCN_ALIGN_MASK, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ	6.09
/57	0x6c6000	0x1b6b4	0x1b800	0x2be600	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_ALIGN_1BYTES, IMAGE_SCN_ALIGN_2BYTES, IMAGE_SCN_ALIGN_4BYTES, IMAGE_SCN_ALIGN_16BYTES, IMAGE_SCN_ALIGN_32BYTES, IMAGE_SCN_ALIGN_64BYTES, IMAGE_SCN_ALIGN_256BYTES, IMAGE_SCN_ALIGN_512BYTES, IMAGE_SCN_ALIGN_1024BYTES, IMAGE_SCN_ALIGN_4096BYTES, IMAGE_SCN_ALIGN_8192BYTES, IMAGE_SCN_ALIGN_MASK, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ	4.74
/70	0x6e2000	0x9489	0x9600	0x2d9e00	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_ALIGN_1BYTES, IMAGE_SCN_ALIGN_4BYTES, IMAGE_SCN_ALIGN_16BYTES, IMAGE_SCN_ALIGN_64BYTES, IMAGE_SCN_ALIGN_256BYTES, IMAGE_SCN_ALIGN_1024BYTES, IMAGE_SCN_ALIGN_4096BYTES, IMAGE_SCN_ALIGN_MASK, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ	4.49
/81	0x6ec000	0x817e5	0x81800	0x2e3400	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_ALIGN_1BYTES, IMAGE_SCN_ALIGN_4BYTES, IMAGE_SCN_ALIGN_16BYTES, IMAGE_SCN_ALIGN_64BYTES, IMAGE_SCN_ALIGN_256BYTES, IMAGE_SCN_ALIGN_1024BYTES, IMAGE_SCN_ALIGN_4096BYTES, IMAGE_SCN_ALIGN_MASK, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ	5.05
/92	0x76e000	0xc4fc0	0xc5000	0x364c00	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_ALIGN_1BYTES, IMAGE_SCN_ALIGN_4BYTES, IMAGE_SCN_ALIGN_16BYTES, IMAGE_SCN_ALIGN_64BYTES, IMAGE_SCN_ALIGN_256BYTES, IMAGE_SCN_ALIGN_1024BYTES, IMAGE_SCN_ALIGN_4096BYTES, IMAGE_SCN_ALIGN_MASK, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ	5.66
/107	0x833000	0x2ab10	0x2ac00	0x429c00	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_ALIGN_1BYTES, IMAGE_SCN_ALIGN_4BYTES, IMAGE_SCN_ALIGN_16BYTES, IMAGE_SCN_ALIGN_64BYTES, IMAGE_SCN_ALIGN_256BYTES, IMAGE_SCN_ALIGN_1024BYTES, IMAGE_SCN_ALIGN_4096BYTES, IMAGE_SCN_ALIGN_MASK, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ	4.85

Imports (4)

»

ADVAPI32.dll (8)

»

API Name	Ordinal	IAT Address	Thunk RVA	Thunk Offset	Hint
CryptAcquireContextW	0x0	0x48a2c4	0x8a064	0x85a64	0xb1
CryptCreateHash	0x0	0x48a2c8	0x8a068	0x85a68	0xb3
CryptDeriveKey	0x0	0x48a2cc	0x8a06c	0x85a6c	0xb5
CryptDestroyHash	0x0	0x48a2d0	0x8a070	0x85a70	0xb6
CryptDestroyKey	0x0	0x48a2d4	0x8a074	0x85a74	0xb7
CryptEncrypt	0x0	0x48a2d8	0x8a078	0x85a78	0xba
CryptHashData	0x0	0x48a2dc	0x8a07c	0x85a7c	0xc8
CryptReleaseContext	0x0	0x48a2e0	0x8a080	0x85a80	0xcb

KERNEL32.dll (53)

»

API Name	Ordinal	IAT Address	Thunk RVA	Thunk Offset	Hint
AddAtomA	0x0	0x48a2e8	0x8a088	0x85a88	0x3
CloseHandle	0x0	0x48a2ec	0x8a08c	0x85a8c	0x45
CopyFileW	0x0	0x48a2f0	0x8a090	0x85a90	0x69
CreateFileW	0x0	0x48a2f4	0x8a094	0x85a94	0x83
CreateMutexA	0x0	0x48a2f8	0x8a098	0x85a98	0x8f
CreateSemaphoreA	0x0	0x48a2fc	0x8a09c	0x85a9c	0x9d
DeleteCriticalSection	0x0	0x48a300	0x8a0a0	0x85aa0	0xc4
DeleteFileW	0x0	0x48a304	0x8a0a4	0x85aa4	0xc9
EnterCriticalSection	0x0	0x48a308	0x8a0a8	0x85aa8	0xdf
FindAtomA	0x0	0x48a30c	0x8a0ac	0x85aac	0x11e
FindClose	0x0	0x48a310	0x8a0b0	0x85ab0	0x120
FindFirstFileW	0x0	0x48a314	0x8a0b4	0x85ab4	0x12b
FindNextFileW	0x0	0x48a318	0x8a0b8	0x85ab8	0x137
FreeLibrary	0x0	0x48a31c	0x8a0bc	0x85abc	0x153
GetAtomNameA	0x0	0x48a320	0x8a0c0	0x85ac0	0x15d
GetCurrentDirectoryW	0x0	0x48a324	0x8a0c4	0x85ac4	0x1b0
GetCurrentProcess	0x0	0x48a328	0x8a0c8	0x85ac8	0x1b1
GetCurrentProcessId	0x0	0x48a32c	0x8a0cc	0x85acc	0x1b2
GetCurrentThreadId	0x0	0x48a330	0x8a0d0	0x85ad0	0x1b5
GetFileSize	0x0	0x48a334	0x8a0d4	0x85ad4	0x1dc
GetLastError	0x0	0x48a338	0x8a0d8	0x85ad8	0x1ee
GetModuleHandleA	0x0	0x48a33c	0x8a0dc	0x85adc	0x1fe
GetProcAddress	0x0	0x48a340	0x8a0e0	0x85ae0	0x229
GetStartupInfoA	0x0	0x48a344	0x8a0e4	0x85ae4	0x244
GetSystemTimeAsFileTime	0x0	0x48a348	0x8a0e8	0x85ae8	0x25b
GetTickCount	0x0	0x48a34c	0x8a0ec	0x85aec	0x273
InitializeCriticalSection	0x0	0x48a350	0x8a0f0	0x85af0	0x2c6
IsDBCSLeadByteEx	0x0	0x48a354	0x8a0f4	0x85af4	0x2e2
IsDebuggerPresent	0x0	0x48a358	0x8a0f8	0x85af8	0x2e3
LeaveCriticalSection	0x0	0x48a35c	0x8a0fc	0x85afc	0x301
LoadLibraryA	0x0	0x48a360	0x8a100	0x85b00	0x303
LoadLibraryW	0x0	0x48a364	0x8a104	0x85b04	0x306
MultiByteToWideChar	0x0	0x48a368	0x8a108	0x85b08	0x32d
QueryPerformanceCounter	0x0	0x48a36c	0x8a10c	0x85b0c	0x367
ReadFile	0x0	0x48a370	0x8a110	0x85b10	0x37d
ReleaseMutex	0x0	0x48a374	0x8a114	0x85b14	0x38d
ReleaseSemaphore	0x0	0x48a378	0x8a118	0x85b18	0x391
SetLastError	0x0	0x48a37c	0x8a11c	0x85b1c	0x405
SetUnhandledExceptionFilter	0x0	0x48a380	0x8a120	0x85b20	0x431
Sleep	0x0	0x48a384	0x8a124	0x85b24	0x43d
TerminateProcess	0x0	0x48a388	0x8a128	0x85b28	0x449
TlsAlloc	0x0	0x48a38c	0x8a12c	0x85b2c	0x44e
TlsFree	0x0	0x48a390	0x8a130	0x85b30	0x44f
TlsGetValue	0x0	0x48a394	0x8a134	0x85b34	0x450
TlsSetValue	0x0	0x48a398	0x8a138	0x85b38	0x451
UnhandledExceptionFilter	0x0	0x48a39c	0x8a13c	0x85b3c	0x45d
VirtualProtect	0x0	0x48a3a0	0x8a140	0x85b40	0x47d
VirtualQuery	0x0	0x48a3a4	0x8a144	0x85b44	0x480
WaitForSingleObject	0x0	0x48a3a8	0x8a148	0x85b48	0x489
WideCharToMultiByte	0x0	0x48a3ac	0x8a14c	0x85b4c	0x49f
WriteFile	0x0	0x48a3b0	0x8a150	0x85b50	0x4b2
lstrcmpW	0x0	0x48a3b4	0x8a154	0x85b54	0x4d1
lstrlenW	0x0	0x48a3b8	0x8a158	0x85b58	0x4dd

msvcrt.dll (4)

»

API Name	Ordinal	IAT Address	Thunk RVA	Thunk Offset	Hint
_fdopen	0x0	0x48a3c0	0x8a160	0x85b60	0x16
_fileno	0x0	0x48a3c4	0x8a164	0x85b64	0x1a
_read	0x0	0x48a3c8	0x8a168	0x85b68	0x3c
_write	0x0	0x48a3cc	0x8a16c	0x85b6c	0x68

msvcrt.dll (83)

»

API Name	Ordinal	IAT Address	Thunk RVA	Thunk Offset	Hint
__dllonexit	0x0	0x48a3d4	0x8a174	0x85b74	0x38
__doserrno	0x0	0x48a3d8	0x8a178	0x85b78	0x39
__getmainargs	0x0	0x48a3dc	0x8a17c	0x85b7c	0x3b
__initenv	0x0	0x48a3e0	0x8a180	0x85b80	0x3c
__lconv_init	0x0	0x48a3e4	0x8a184	0x85b84	0x45
__mb_cur_max	0x0	0x48a3e8	0x8a188	0x85b88	0x46
__pioinfo	0x0	0x48a3ec	0x8a18c	0x85b8c	0x65
__set_app_type	0x0	0x48a3f0	0x8a190	0x85b90	0x69
__setusermatherr	0x0	0x48a3f4	0x8a194	0x85b94	0x6c
_acmdln	0x0	0x48a3f8	0x8a198	0x85b98	0x7a
_amsg_exit	0x0	0x48a3fc	0x8a19c	0x85b9c	0x8f
_cexit	0x0	0x48a400	0x8a1a0	0x85ba0	0xa0
_errno	0x0	0x48a404	0x8a1a4	0x85ba4	0xda
_filelengthi64	0x0	0x48a408	0x8a1a8	0x85ba8	0xf0
_fileno	0x0	0x48a40c	0x8a1ac	0x85bac	0xf1
_fmode	0x0	0x48a410	0x8a1b0	0x85bb0	0xfc
_fstat64	0x0	0x48a414	0x8a1b4	0x85bb4	0x108
_initterm	0x0	0x48a418	0x8a1b8	0x85bb8	0x13d
_iob	0x0	0x48a41c	0x8a1bc	0x85bbc	0x141
_lock	0x0	0x48a420	0x8a1c0	0x85bc0	0x1a5
_lseeki64	0x0	0x48a424	0x8a1c4	0x85bc4	0x1ad
_onexit	0x0	0x48a428	0x8a1c8	0x85bc8	0x247
_strnicmp	0x0	0x48a42c	0x8a1cc	0x85bcc	0x2bc
_unlock	0x0	0x48a430	0x8a1d0	0x85bd0	0x2f6
_vsnprintf	0x0	0x48a434	0x8a1d4	0x85bd4	0x317
_wgetenv	0x0	0x48a438	0x8a1d8	0x85bd8	0x37a
_winmajor	0x0	0x48a43c	0x8a1dc	0x85bdc	0x37c
_write	0x0	0x48a440	0x8a1e0	0x85be0	0x392
abort	0x0	0x48a444	0x8a1e4	0x85be4	0x3be
atoi	0x0	0x48a448	0x8a1e8	0x85be8	0x3c8
calloc	0x0	0x48a44c	0x8a1ec	0x85bec	0x3cc
exit	0x0	0x48a450	0x8a1f0	0x85bf0	0x3d6
fclose	0x0	0x48a454	0x8a1f4	0x85bf4	0x3d9
fflush	0x0	0x48a458	0x8a1f8	0x85bf8	0x3dc
fgetpos	0x0	0x48a45c	0x8a1fc	0x85bfc	0x3de
fopen	0x0	0x48a460	0x8a200	0x85c00	0x3e4
fprintf	0x0	0x48a464	0x8a204	0x85c04	0x3e6
fputc	0x0	0x48a468	0x8a208	0x85c08	0x3e8
fputs	0x0	0x48a46c	0x8a20c	0x85c0c	0x3e9
fread	0x0	0x48a470	0x8a210	0x85c10	0x3ec
free	0x0	0x48a474	0x8a214	0x85c14	0x3ed
fsetpos	0x0	0x48a478	0x8a218	0x85c18	0x3f4
fwrite	0x0	0x48a47c	0x8a21c	0x85c1c	0x3f8
getc	0x0	0x48a480	0x8a220	0x85c20	0x3fb
getenv	0x0	0x48a484	0x8a224	0x85c24	0x3fd
getwc	0x0	0x48a488	0x8a228	0x85c28	0x400
isspace	0x0	0x48a48c	0x8a22c	0x85c2c	0x40d
iswctype	0x0	0x48a490	0x8a230	0x85c30	0x413
localeconv	0x0	0x48a494	0x8a234	0x85c34	0x420
malloc	0x0	0x48a498	0x8a238	0x85c38	0x425
memchr	0x0	0x48a49c	0x8a23c	0x85c3c	0x42b
memcpy	0x0	0x48a4a0	0x8a240	0x85c40	0x42d
memmove	0x0	0x48a4a4	0x8a244	0x85c44	0x42f
memset	0x0	0x48a4a8	0x8a248	0x85c48	0x431
putc	0x0	0x48a4ac	0x8a24c	0x85c4c	0x437
putwc	0x0	0x48a4b0	0x8a250	0x85c50	0x43a
realloc	0x0	0x48a4b4	0x8a254	0x85c54	0x441
setlocale	0x0	0x48a4b8	0x8a258	0x85c58	0x448
setvbuf	0x0	0x48a4bc	0x8a25c	0x85c5c	0x449
signal	0x0	0x48a4c0	0x8a260	0x85c60	0x44a
sprintf	0x0	0x48a4c4	0x8a264	0x85c64	0x44d
strcat	0x0	0x48a4c8	0x8a268	0x85c68	0x453
strchr	0x0	0x48a4cc	0x8a26c	0x85c6c	0x455
strcmp	0x0	0x48a4d0	0x8a270	0x85c70	0x456
strcoll	0x0	0x48a4d4	0x8a274	0x85c74	0x457
strcpy	0x0	0x48a4d8	0x8a278	0x85c78	0x458
strerror	0x0	0x48a4dc	0x8a27c	0x85c7c	0x45b
strftime	0x0	0x48a4e0	0x8a280	0x85c80	0x45d
strlen	0x0	0x48a4e4	0x8a284	0x85c84	0x45e
strncmp	0x0	0x48a4e8	0x8a288	0x85c88	0x461
strxfrm	0x0	0x48a4ec	0x8a28c	0x85c8c	0x46e
system	0x0	0x48a4f0	0x8a290	0x85c90	0x473
towlower	0x0	0x48a4f4	0x8a294	0x85c94	0x47d
towupper	0x0	0x48a4f8	0x8a298	0x85c98	0x47e
ungetc	0x0	0x48a4fc	0x8a29c	0x85c9c	0x47f
ungetwc	0x0	0x48a500	0x8a2a0	0x85ca0	0x480
vfprintf	0x0	0x48a504	0x8a2a4	0x85ca4	0x481
wcscmp	0x0	0x48a508	0x8a2a8	0x85ca8	0x491
wcscoll	0x0	0x48a50c	0x8a2ac	0x85cac	0x492
wcscpy	0x0	0x48a510	0x8a2b0	0x85cb0	0x493
wcsftime	0x0	0x48a514	0x8a2b4	0x85cb4	0x496
wcslen	0x0	0x48a518	0x8a2b8	0x85cb8	0x497
wcsxfrm	0x0	0x48a51c	0x8a2bc	0x85cbc	0x4aa

Memory Dumps (2)

»

Name	Process ID	Start VA	End VA	Dump Reason	PE Rebuilds	Bitness	Entry Points	AV	YARA	Actions
svchost .exe	3	0x00400000	0x0085DFFF	Relevant Image	-	32-bit	-			... Memory Dump Actions Download Dump Go to process
svchost .exe	3	0x00400000	0x0085DFFF	Process Termination	-	32-bit	-			... Memory Dump Actions Download Dump Go to process

Local AV Matches (1)

»

Threat Name	Severity
Trojan.GenericKD.32127402	Malicious

C:\\588bce7c90097ed212\DHtmlHeader.html.ch4x0

Dropped File

Text

Unknown

»

Also Known As	C:\\588bce7c90097ed212\DHtmlHeader.html (Modified File)
Mime Type	text/html
File Size	15.77 KB
MD5	35f897f8b9cecc8357fa287fa718f300
SHA1	75776790ef598563b82fd50e2287e4d6c4e3c32c
SHA256	cf5e74671b674b8775f273bbfdcf7bd9e1f52c46b6d9ff22e5a1ca0561c2b5ba
SSDeep	384:d84PGKhJrgEHCgZLZRBoypK8/RZbhSALXLdiD1:d86GKhBHZMj8/RXbLdo1

C:\\588bce7c90097ed212\header.bmp.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\588bce7c90097ed212\header.bmp (Modified File)
Mime Type	application/octet-stream
File Size	3.57 KB
MD5	9717f028f0e9313a86f51f50208a2573
SHA1	aeb1ab7c75cb86a463530daf64f1d58a4e4cb52b
SHA256	be5128d7eaf619d699c131a053aaa6ac8fe0e149623efe61620bb3ea74bf6f3f
SSDeep	96:XtWHEJKGnEFI+E4VfJcRksthS/uHfo13Ssp9cZ:lnoI+E40kstg/uHfIZ+

C:\\588bce7c90097ed212\SplashScreen.bmp.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\588bce7c90097ed212\SplashScreen.bmp (Modified File)
Mime Type	application/octet-stream
File Size	40.15 KB
MD5	9047466e12bb023ac02532a2760b31e0
SHA1	ac043268a33157f634335ebcadce513a3a2806cd
SHA256	840a940ecccd8b1963b52c72410b795286077d8094bb73b05c8fc4ae2727d11e
SSDeep	768:Md9YueWx8YfXNFPJoozpIgHqAWiZaoAOSQrP/Ps3PHyZg6:M0jWrfDJo6pIeqDNoAOSM8vy5

C:\\588bce7c90097ed212\1029\eula.rtf.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\588bce7c90097ed212\1029\eula.rtf (Modified File)
Mime Type	application/octet-stream
File Size	3.66 KB
MD5	e19f14f251bc9e1c9888ccbcd6ff6aa3
SHA1	7d7443cf73d22c3d89937f66a1b2f4e3fbf55607
SHA256	a455cc0d963f04de1eb752518385e5834211e9f3bc4eb20f49e06877ac1a1373
SSDeep	96:Jo+gyFEi10VJHlfVbk9PRnDwc/TYTOLXmvODO9FQDQ+Yfh:Joeei10Vl2n0cDXcOfjY5

C:\\588bce7c90097ed212\1030\eula.rtf.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\588bce7c90097ed212\1030\eula.rtf (Modified File)
Mime Type	application/octet-stream
File Size	3.27 KB
MD5	7d0c4451ea28a910fbbfbccee575507b
SHA1	d27a9572ecdff600adc021ce5363c4680bf11be5
SHA256	4d5f887ae7ea21d8ffe487f9c5dff87aabf351f4c4470c04cf29eb6a6eb6f04b
SSDeep	96:JoGDwNjH146wkzKSCJKBiUj6d327vxTNIS7eU:JohHXwkzKJJKBiQ6dUvdNIyP

C:\\588bce7c90097ed212\1031\eula.rtf.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\588bce7c90097ed212\1031\eula.rtf (Modified File)
Mime Type	application/octet-stream
File Size	3.37 KB
MD5	692fa9d6f9767c9726dc1d14a455ef38
SHA1	57133c4b86f32fcc38adb08b542a3ebc52765a10
SHA256	7c599e4ecc8b3892e839aa40fe958cce18b985cd42e30ed881fe0d6b3056f701
SSDeep	96:JoGDzgbeRyMxBlwB714oDBWhDTX8LAlAam:JoFSRyMrwF14fm

C:\\588bce7c90097ed212\1037\eula.rtf.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\588bce7c90097ed212\1037\eula.rtf (Modified File)
Mime Type	application/octet-stream
File Size	6.73 KB
MD5	cbfda3eb827a7c88aa66847e180ad577
SHA1	0709cb2e2563ed09dce53e9c8f518f5d60b9f992
SHA256	40c6d9db70755f7a490594d4c12f3bce259fca2471d63ad5185d3c53950eef29
SSDeep	192:31k7czouz06k5I+3JXtH8nmkjBiooh6NkgSp4kX/vmasFC:3K7LuzA1GjBidkJGr31AC

C:\\588bce7c90097ed212\1038\eula.rtf.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\588bce7c90097ed212\1038\eula.rtf (Modified File)
Mime Type	application/octet-stream
File Size	4.18 KB
MD5	5be6cb5256185bb82db936af14a81644
SHA1	fcb277de86210fcd8aedefb487ef181bc69f904e
SHA256	b83a19e4ed9db00549cd962743fe0ce32e676a4eab1aec0300aa3022e3ed8f68
SSDeep	96:3axexHjzkEdHKYRWAhVPZMdRzUx9AjC842deMkn:3axexHjzzjhutumD/IMk

C:\\588bce7c90097ed212\1042\eula.rtf.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\588bce7c90097ed212\1042\eula.rtf (Modified File)
Mime Type	application/octet-stream
File Size	12.41 KB
MD5	d9f0614f066bbf95177563a4634f292b
SHA1	aee6a5f95a9ce0ce23f7c5921335ea055932b9d5
SHA256	a446444a4e42cb41b1e00ae436f7b6b5fcafb7813e311f2a60ac69e59bcd049d
SSDeep	384:3F5CvNQmQY8gqI+Qea8yWzqKT/yKWWKtNhN7:vC1hPtN8yDKro

C:\\588bce7c90097ed212\1044\eula.rtf.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\588bce7c90097ed212\1044\eula.rtf (Modified File)
Mime Type	application/octet-stream
File Size	3.01 KB
MD5	11113dbce90c3ebc97da54e822a4844b
SHA1	412fb6128f0e498d547df540e26f2d4698347860
SHA256	28652487424ef77c197dc511a472f1eaedb6b72a2f656e47a3335807eef08bf3
SSDeep	48:8Yb54xH12I/rqAcPqbx4fKP40ciS9cHVwxy4183sGwvM/6RnAf+LJTnsxURkbA:3b54xH12Iyk4RT9swx23sxvMWnd7so

C:\\588bce7c90097ed212\1045\eula.rtf.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\588bce7c90097ed212\1045\eula.rtf (Modified File)
Mime Type	application/octet-stream
File Size	3.98 KB
MD5	bd9afe0454dedd30af78f59890594bbe
SHA1	88bfe82521da2e1c553fcaacc2e5ad080389b995
SHA256	1ebd7475d5e36db15b7560380dfaee36efc6d366b67c2815568267bf95f4c1e3
SSDeep	96:3kDgig1o/ByFYB0566zRzmVrA3JZr8sZrhKGQonLTsVAnF:3kD5g1o59BylzmNm8sZVKH8TsVAF

C:\\588bce7c90097ed212\1046\eula.rtf.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\588bce7c90097ed212\1046\eula.rtf (Modified File)
Mime Type	application/octet-stream
File Size	3.63 KB
MD5	310433b7fd926f5d1debeccdacb29516
SHA1	0e7eb7f3b376e60486a775772fb2fe424b65fa78
SHA256	736489ede264e75c973723004dc167b8e73d0734758545a2baca7c6a6867bc92
SSDeep	96:3k6SC6rt4tAyBmQ57Mt3nlkZ35RGdSZeBJc1jqP0OFEr9mTk0Gwh:3k6SC6rqB3alkhZZeHWK0OCrMlh

C:\\588bce7c90097ed212\1049\eula.rtf.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\588bce7c90097ed212\1049\eula.rtf (Modified File)
Mime Type	application/octet-stream
File Size	53.21 KB
MD5	76663a953ae43e30911ac73ae9ba6184
SHA1	2095ed36a8a7ebd579f05be18a48997f11449870
SHA256	ed7aa4a301efeb3c1aceaa88560d926e177fe8186bc60df16b3bfcba906cd455
SSDeep	1536:Bsm0A5wzIMWysLSvHinbJdt2F3YKyyQ5nr:B3mIMWyMXbJdt8YKyyQ5nr

C:\\588bce7c90097ed212\1053\eula.rtf.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\588bce7c90097ed212\1053\eula.rtf (Modified File)
Mime Type	application/octet-stream
File Size	3.80 KB
MD5	41d647863144c8bdf15c19ac2f8214d3
SHA1	7a86c57a85ce87a3442c28f1bd760490b969502f
SHA256	bb237619b90f7fbfa6cbd3bea68883f154314adb0a6cb1e839243ed49df4deff
SSDeep	96:3Ea/+lBpTNO65bMIe6oI2C3ojWV9BCvtPWfrqXwe:3r/GpTNO62lC3wHtufrW

C:\\588bce7c90097ed212\1055\eula.rtf.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\588bce7c90097ed212\1055\eula.rtf (Modified File)
Mime Type	application/octet-stream
File Size	3.80 KB
MD5	d56dfc892e6ade7b6dbc7ec59275e2f7
SHA1	0e0deca4971d8e7e59c4f105b0a5d9807eedcf1e
SHA256	f8eaa55a1a7db8034d7b15fe554cda68033673f4166469e9baf4b77c066989b5
SSDeep	96:3VlETWthsuj7zcYmaU0Y3EyPC5pObptk5FFn:3VPtBaws65pONtk5FFn

C:\\588bce7c90097ed212\2070\eula.rtf.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\588bce7c90097ed212\2070\eula.rtf (Modified File)
Mime Type	application/octet-stream
File Size	3.94 KB
MD5	1b2c4194d7f17924723aff2443452420
SHA1	c665e43ac0bdee5f4792093d927bffd8b9c76dcf
SHA256	2c58ba9e5b375859713416e0ce4bfe56ea4f5ee9a1c70d62c03c0bb27a28c55a
SSDeep	96:3XBRSPeUr9O6nBy9oa1ucvEvXm8l0vhJHC+h5xd6vDs:3jgtr9NBKZOX4vviiGs

C:\\588bce7c90097ed212\3082\eula.rtf.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\588bce7c90097ed212\3082\eula.rtf (Modified File)
Mime Type	application/octet-stream
File Size	3.02 KB
MD5	ed8d1706f7f1e7eaac073a7782d6c45a
SHA1	754cb0aad43d30d0c0c2f0c9adcbcfd200e4b3f2
SHA256	5ba52be96d6c28e5aed8cb03e2cd7f10d546c25908f136b50a260b0f042bab0b
SSDeep	96:JoGDwNjHyC0+gR82JgAXSwHn3Ey+Ehq52oVeM73GkE1lJ:JohHyN+kghUx+Cq5LeMzGZ1H

C:\\Users\FD1HVy\Desktop\2yl2D.jpg.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Desktop\2yl2D.jpg (Modified File)
Mime Type	application/octet-stream
File Size	88.46 KB
MD5	058f97b209c86e1b26a18a681db0cc9f
SHA1	23ccedf2fb114737c9ba727df5c3d913ceb2833d
SHA256	524ebf9b8d4970376731120200f680e75879662358390fc2307c2301c35ee5f4
SSDeep	1536:qWHyPD8ifVYWV6Qrx6zyFiCTIMc5Ts1P5d3ETvx06nMaeU0STu+foEEzV/Mi3uV:qWHg/9VpkzQiCTmo73ETxiaeDSat13W

C:\\Users\FD1HVy\Desktop\30Mc DMJl7nJeeX.png.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Desktop\30Mc DMJl7nJeeX.png (Modified File)
Mime Type	application/octet-stream
File Size	95.38 KB
MD5	872a7ad35671426e08fe07253065e20c
SHA1	94f6941fd121122550d79ece2fe6525e19196997
SHA256	15dd13a03aa965910bd3fdf4c7a1f07450d38362bbbfbf3c7d5bb3d2a23a80eb
SSDeep	1536:JcEJo9qNlvhENAVTCMb1zMIvVOAKpFdElauWKQf03UMpGZPCUSJ1eF78M7:DJo98gAP4IvVlEFbuWKQWpGZfSXeZ7

C:\\Users\FD1HVy\Desktop\8feX lm3NMkC1.pptx.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Desktop\8feX lm3NMkC1.pptx (Modified File)
Mime Type	application/octet-stream
File Size	18.69 KB
MD5	6d59d9d1b41f59de785a0e75f5bb97ec
SHA1	aad360aa56d1ce831fc33b45e2a8dc6340afee44
SHA256	6a9bb924f2b169bd230e80d48cfa0e1b854cea0b3417ee33614468ad6b76f79e
SSDeep	384:mD1rGakYURlmTh29zXouZerbg0oIZ7enRSCxkJbatLUYHfele8R0TCiq:AsP/RgTE9zXouZ+g9c7egCxkctL5HMoq

C:\\Users\FD1HVy\Desktop\cXHS0XVI.mp3.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Desktop\cXHS0XVI.mp3 (Modified File)
Mime Type	application/octet-stream
File Size	87.91 KB
MD5	96ac434a6aea043e4b70ab97f5d0d19d
SHA1	441b615b98e149f8f07ea35a56a08f4cfb6f36a4
SHA256	0c74c008df52f0885da32db3619faaa7b86e34de571577823e75b9c1dab87c8c
SSDeep	1536:8ds82Yed/wLIAPrCnG1cPwDClqaqCcNlbX7LNIzhai0Df+Op/oJGzP7xIcYKXC+m:8ds82Jd/Kb2nGtGrqCCbLLNI/2oJGzPG

C:\\Users\FD1HVy\Desktop\DB7SVGOmJWkFO.mp3.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Desktop\DB7SVGOmJWkFO.mp3 (Modified File)
Mime Type	application/octet-stream
File Size	36.98 KB
MD5	7d1607884c0e5eeba9421df9805acb15
SHA1	a647e4a56d1735c3219d4633c6679d98d8b7bf34
SHA256	6a6356d65252421b386beae6d616da3edd1949dfe6abad4a0950361fbcf39af6
SSDeep	768:oaNBU6wvrvVLMa9QHczCZH11QpTa8Q7rTBwsZemO1blzpeJLYUF5:oaNG6wD9DzCZHOTa8Sph3a7eJd/

C:\\Users\FD1HVy\Desktop\F0T_qKtx4.wav.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Desktop\F0T_qKtx4.wav (Modified File)
Mime Type	application/octet-stream
File Size	14.48 KB
MD5	cc30a3061e8ed0919c9b47c0753bd28d
SHA1	4a435d8684c0f078522ad0f2ad32237dbd58234c
SHA256	71690287f63f60cde53683514db43b694b89b5ca83d57fc763e34dc2fb2a989e
SSDeep	384:TQ9/Gd4KPN+jDTdtbJHIKfV3/3M3qRVZKl/:TO/JKPN+DTpHIK3/362c

C:\\Users\FD1HVy\Desktop\jbqb.avi.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Desktop\jbqb.avi (Modified File)
Mime Type	application/octet-stream
File Size	35.77 KB
MD5	ffc7b6d08b0cb55a80b18453156d8399
SHA1	fcd579a398035a9b54f86377cfda5b987610ed3f
SHA256	9bc3a39b441a22a70a28956a8f8d748c3be04e6a16f5cc1ea914c87f6901dfa0
SSDeep	768:Zr21Qg0+umsw8650qsyBpqlWEM4va556PBUCoyc+jS+4636dqb:ZS1QT+ug8VopqlWZ4SPNyhjSk3Cqb

C:\\Users\FD1HVy\Desktop\kxfhx5V664.doc.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Desktop\kxfhx5V664.doc (Modified File)
Mime Type	application/octet-stream
File Size	33.65 KB
MD5	8d81a0e438ab1013c36c23327bfd1241
SHA1	02cdbf74810d487be24d2aa6649855d24fb5dc56
SHA256	612898cdf927085d446f7b56c216ce2d09dc10cff25e0fa6c264630f93c9d57c
SSDeep	768:X8hm4aDMnO4BIw1SGmih38HcsZtJMtxneocwRxw:YZaOBIcoih38Hcsi9Hc+W

C:\\Users\FD1HVy\Desktop\MmYokEmRcYJ.png.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Desktop\MmYokEmRcYJ.png (Modified File)
Mime Type	application/octet-stream
File Size	36.87 KB
MD5	51d02ac0bb28a9abc3f0fb5ed6744b0a
SHA1	f16904140dcbabd959439f0b02b569dab900b2f8
SHA256	4226511d33601c65bb2b84787e810f8058f6f92a3cbaa81f493cbe31eb4241e2
SSDeep	768:CMkmssx0/ZqeDji0SMTvXcUT44ZJGFI3RfOYZLqEaVhXFFywu9Hn:hvm/RDbSKvcUT44ZJAC2YIEohVFa

C:\\Users\FD1HVy\Desktop\mqwq.pptx.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Desktop\mqwq.pptx (Modified File)
Mime Type	application/octet-stream
File Size	10.24 KB
MD5	85a307f82d0e9ba05caedbe824fe57e0
SHA1	955675fe52f6f5765f2922ef64d2f368fc372c8f
SHA256	061f8f5d18e5eb8cd9c968b75f53749e53a1a9c08c224982f0ff9834698c1864
SSDeep	192:hRJvAar0O39MqXoScivfEd1wW3+4TF+55OxwZsVbOq/wSR56i44bPD:hU1O39KNiXEdHZ3xw+VbXD

C:\\Users\FD1HVy\Desktop\QikSkb7g.bmp.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Desktop\QikSkb7g.bmp (Modified File)
Mime Type	application/octet-stream
File Size	41.94 KB
MD5	58d2abe95158fbcc2ef93e0b885bd247
SHA1	64908263b66c901afe2c2622d4b5ce98e408f6c0
SHA256	10e058edadb87924ac6718960c75a16fa482c708bfff517ffd4834e2d008df6a
SSDeep	768:gv+Hb9w/dhYf/V6btA1McilueBPLe5Fh/TSnBNnGz8OsWIkMufu6cfD:g+wkf/SqOcv956n3A8OsDkMufXcfD

C:\\Users\FD1HVy\Desktop\sU9-HY4ux.jpg.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Desktop\sU9-HY4ux.jpg (Modified File)
Mime Type	application/octet-stream
File Size	42.83 KB
MD5	5e17072f33a52bac759b50e51d8e3ef6
SHA1	dfd1c62dca4f86c6758d29e3adcaab40e3c83cb1
SHA256	6e96f486013f06927f26d006efbb16a435696ccfc20382d55fd4d77ad0984a8c
SSDeep	768:6u3cAvHfvw6rAJ4SsdZmUUhXNEpYy9FHE67AqMs5+DQ8oQozU0kwQa8Y:6ur7JdEJZNEpnAjXQpzjk5a8Y

C:\\Users\FD1HVy\Desktop\x9JAvccGk.mp3.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Desktop\x9JAvccGk.mp3 (Modified File)
Mime Type	application/octet-stream
File Size	23.44 KB
MD5	066a0e1880714d1899d94562bdc6c162
SHA1	c7ce7e40b159761bec741267c46ec7cbecf6b498
SHA256	08e7a97884499db329fc41a42bc47a6abb3d935657058b8cdc1599c9ed9c19d8
SSDeep	384:j+GLoINwEizYqBTBQlpPKmsOdpfFqrREmqtXyBJrRfO/yJ8FMRZ7TL25lXTc7Ke:j+SoIwEize9KmvnRmuAOwvtLg4F

C:\\Users\FD1HVy\Desktop\yDKyqzypE.mp4.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Desktop\yDKyqzypE.mp4 (Modified File)
Mime Type	application/octet-stream
File Size	39.19 KB
MD5	3852a83a73046b94520060ca887968fe
SHA1	25f14f610adf9a846b2217c8704b67e994f2d8a2
SHA256	caa4dab52b057b85ecdd0fbfe93f213ddf38246775ef3ed2f48a9e8aa1b2a293
SSDeep	768:meIGsal2LECOBx3ygyvNvIwkziiKEQCwentjuOOmFE0G:j5sUMOBJdsQw2KEeeFuOFq

C:\\Users\FD1HVy\Desktop\6yNY_ug\AT7juf3 qRgd.flv.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Desktop\6yNY_ug\AT7juf3 qRgd.flv (Modified File)
Mime Type	application/octet-stream
File Size	47.73 KB
MD5	0fc5d38fc00e72c2f4b9514277f2cd8f
SHA1	4dfc06f7f094b225f0eebb32bc22699c5141c05f
SHA256	6eb5ec64f0ba025699097c9f643f6779cdd2230ec6c0d66823b8fb390fda933a
SSDeep	768:Y+2PADi1b5VEYFkz999WXQHjeurUVJSBtOiFNv3POWJlSyH8b1GOfzIkNK2BXpQy:qAu1b56YFc9W8eWUVmx3PAyHDOfq2Bd

C:\\Users\FD1HVy\Desktop\6yNY_ug\RSIcX_Y0W6_I0qJ.bmp.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Desktop\6yNY_ug\RSIcX_Y0W6_I0qJ.bmp (Modified File)
Mime Type	application/octet-stream
File Size	60.21 KB
MD5	fb4003b2fa527ac8f2bad84cfb5b60c7
SHA1	1a6c98a8bc5da6f0b9de845a8dbf26c117ff8397
SHA256	93f8896c15a1c30f27b7b3fccffced6d10cbd15e741774a889209ddd4bbb44fb
SSDeep	1536:jgwHfHOgU4xWnEzMKqg63d4nV5oyDEQbYu:MAu14xWkXQ4VaQqu

C:\\Users\FD1HVy\Desktop\6yNY_ug\V4fQ_dlgWJr-zrpYk_z.avi.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Desktop\6yNY_ug\V4fQ_dlgWJr-zrpYk_z.avi (Modified File)
Mime Type	application/octet-stream
File Size	28.98 KB
MD5	4a78149c5beac3b23125a16811ae15c3
SHA1	fae67aa03807f633fef8c1133b3b4999525edda6
SHA256	54f15887975092b54a858cafbe705dbaa2a5372342f9d03bd9f0a03b4030a879
SSDeep	768:siqDA2daiO8PytFhCI15PclVsRo62/YuA6KLzOI:XuA6BPytT15P4NnAuALLyI

C:\\Users\FD1HVy\Documents\94u3KnILxI40rD_De9FJ.docx.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Documents\94u3KnILxI40rD_De9FJ.docx (Modified File)
Mime Type	application/octet-stream
File Size	49.15 KB
MD5	7eb1e2632e49f9ec59e2aa6e34479c29
SHA1	e4f996af36ab2d0188868e3f314acd7277258afa
SHA256	941a3a9b31a49c6339d216dfcb5a86493263181d6170e78d13b4009720a14e67
SSDeep	1536:ic5uc/Iu6VYHr8QO04Yakoet/D0thXK2DDfFPZs:iu/IuVLFOTkPitJKkDfFO

C:\\Users\FD1HVy\Documents\DJBYwDQ8aNwW.pptx.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Documents\DJBYwDQ8aNwW.pptx (Modified File)
Mime Type	application/octet-stream
File Size	42.77 KB
MD5	71ab1fcb1172d38a29be2bdd4e691c1a
SHA1	84c45fd5b4fc7524c9b36bbcab97fa3bc081bf95
SHA256	6cefe9562efabe8ee6d793e86a57f97a78e357ab6ea5e2e3b239f0c111bbd155
SSDeep	768:ZQFzOUcvhqkME6jPwUoXu7obeJIK/f1F/pMAVEvR98oHn9hbG2NvlXNsRO:+m5qdxPvsTbuv/9xpZVgR9B/3sRO

C:\\Users\FD1HVy\Documents\eKu5MJfOuiObNmnhj3.doc.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Documents\eKu5MJfOuiObNmnhj3.doc (Modified File)
Mime Type	application/octet-stream
File Size	2.43 KB
MD5	73e3dd919ae3ca225f85d9bf77561ea8
SHA1	e2dac7fcc819bcf7b1fc9ae55fd85c9df7f955ef
SHA256	9c15c2138ec49b1e36af5ff5c137607079a61cc492eafa9d27412f0684652551
SSDeep	48:8WDVRsej1LTCipgQqKB/R/W2G3YSzrqwFZri6pFifPyz+TfkQWfUL0WMQ:9VRsIPDpghu/I6wFNjpknyzck7UL0WT

C:\\Users\FD1HVy\Documents\H-HbRhrw8Lx _r.xlsx.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Documents\H-HbRhrw8Lx _r.xlsx (Modified File)
Mime Type	application/octet-stream
File Size	24.66 KB
MD5	7275afe7f382ec034ea75b34bb4ed354
SHA1	611dbaf93390cc601e6b4f846714f5081d005e05
SHA256	d4412dcef17ec9d7c6c87ad80f643330475485d4efb2dc3ffcb5e6c83c6eeff2
SSDeep	768:eEXXHyF1n+9qKOuR1RbehqoT2EqRnaav7pE0BGD:e2XSf+9qKO+Xegorqose0BQ

C:\\Users\FD1HVy\Documents\hLapSGUG20Vwu.xlsx.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Documents\hLapSGUG20Vwu.xlsx (Modified File)
Mime Type	application/octet-stream
File Size	73.43 KB
MD5	50275aa7cf4aa0e585d66d16d2149539
SHA1	62627a87467aeb849ef66e34db914a2a61eaff8e
SHA256	3f8b40ed08f94a54b1a6f9e4f4f811126ba4502bde61429c0761bd69c6f6c887
SSDeep	1536:xxoXZKUOGG0Iyhgk4kAkwmJElTO/yWqpSwg9WY5kQ4a:xxON/JhgwSllTO/yDSwgFn

C:\\Users\FD1HVy\Documents\J-Br JD99atjDlY.odt.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Documents\J-Br JD99atjDlY.odt (Modified File)
Mime Type	application/octet-stream
File Size	98.18 KB
MD5	115faedb107895f44caca5bd1583927d
SHA1	d364783784efd1d19eee7d898d80368461a748a0
SHA256	0a80e0a254d0502ddcdaf05514db57ee52d91c1cd6a8308ca4d3c075bdab263c
SSDeep	1536:f/jfzEI7HJfMkaZFTFOyvO9kE+PVKag6nIKLcVN8hLsD87qAMDg1IzDouro2:fDzfekap/RE+5g6nLLcVNG4OM04HrL

C:\\Users\FD1HVy\Documents\LqBEcTY.xlsx.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Documents\LqBEcTY.xlsx (Modified File)
Mime Type	application/octet-stream
File Size	86.58 KB
MD5	586778b23b3c440014011553b814d218
SHA1	8bf927f6aa0b79ec213e66f4ea8b86e26de84660
SHA256	1a29758f2977716f80ba5af0468de6cd391266eaa8eca672163b12cdf4a08356
SSDeep	1536:DtoNEZuhk+iFV/dUQZ8NcoWQTjj7Drp4LLCJy0F12b7/NTUDd:eouW1am8zJjjj+Cc7/dUDd

C:\\Users\FD1HVy\Documents\mthUrjDiv8e.xlsx.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Documents\mthUrjDiv8e.xlsx (Modified File)
Mime Type	application/octet-stream
File Size	17.07 KB
MD5	074b232aac20c917fc2f2a001fc8f13a
SHA1	cc64ca9c8f4afe00266d53bb8b4c723527578812
SHA256	250ab682987e1c665ef6b6fe286512a2a92704c8b8623f16a6d4883dbd45537c
SSDeep	384:al1HoZOzMX1xJOHjTVFUoRjXzrWGkxCUu9JmtpYVPl+h:al11qJS3UOjeru9ErQP8

C:\\Users\FD1HVy\Documents\Nwtr19oWW72lChkU.pptx.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Documents\Nwtr19oWW72lChkU.pptx (Modified File)
Mime Type	application/octet-stream
File Size	39.98 KB
MD5	06e7398b4d3e5febd0b70bc22ed70c01
SHA1	ceedbfb110dacc789aed2c27084e4acab0f201bf
SHA256	abf6149e5f11c1b600cce45738f5e6bbc8da875a2217d140ab8743bd363d9e3d
SSDeep	768:RQzChog2rh3xxlTv2UP/kyMUb0Wi9ExEWDbvD1dQMc87Lt5EpSr4bL0Jj:CiZMrlTv7nkvUTiOhD31dxpXtKor4bAF

C:\\Users\FD1HVy\Documents\OaX_ybEfUiRenWUP9.odp.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Documents\OaX_ybEfUiRenWUP9.odp (Modified File)
Mime Type	application/octet-stream
File Size	33.30 KB
MD5	48f0a4f540f2307b67e6dbd1c085cfd1
SHA1	8e1164646ce5b55f58448cb9eb1c7e71322d1bb1
SHA256	a51bad62f22d2b62b466ec5b35d40a4fcadc2be7835ae1bf27975668582e4abe
SSDeep	768:N3V0vzPLMoidMS3115kB4wLwGXC0GE123E2lcKsHJyfOZRfP9q5:NOPQ7dxrM4wEGSlEk02MHQfOLP9m

C:\\Users\FD1HVy\Documents\rV98wfYL9r89BoQQg.xlsx.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Documents\rV98wfYL9r89BoQQg.xlsx (Modified File)
Mime Type	application/octet-stream
File Size	50.52 KB
MD5	9c759d097ad1f5e6e4f59841e1924cee
SHA1	4c6e8072a03ccde8519075fa91a46d359e90af42
SHA256	2d9d74300f9b59799b093804b609e31c392cd7675bbaeeec04da63bc8d6cf110
SSDeep	768:eNUuV180y6JXIYoOLWwDE2In6tRjBGnIWBsLJ8jV3lmw1KDnaGqrgI:iUY80TXIYoD6InkRjBouL+pvgI

C:\\Users\FD1HVy\Documents\t1-0_mMPFcyOce6.pptx.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Documents\t1-0_mMPFcyOce6.pptx (Modified File)
Mime Type	application/octet-stream
File Size	42.94 KB
MD5	6e4d08eee94cf0bc8a3438353b450d68
SHA1	d9a7efab58ec10e2ef276dceaf0caf54912903b5
SHA256	17da425d56b7d69157670e4575c71dd3e1582cd143040c25218567eb557ec9d0
SSDeep	768:XslbbHsc82PQwU/gBmbs+LzUnFw+JdfxrCVopzg0qwXnn+BhKwvkEskpvrK0zvmp:XsVbHIjwU/Omw+nUa+JdxOVS0oXnlwve

C:\\Users\FD1HVy\Documents\2wUnbqg2S8\PTtANAZzO0.csv.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Documents\2wUnbqg2S8\PTtANAZzO0.csv (Modified File)
Mime Type	application/octet-stream
File Size	33.74 KB
MD5	09b5ce9435962c8ee7a481a8802bdef7
SHA1	cf2076cfad3d2b7289e858635419fb41a4df1555
SHA256	8fa6bbf19fd6c0e8506b206045513f31fe681454dfef169deeb4dc92fb30a549
SSDeep	768:KoND4b8Mxx+PayDr6oP1ntcVvh42ZeqljVdZMwW+ZUNHkK3QD0AL+9mt:5x4b8MxyDr6At+3ljDG8D5Ak

C:\\Users\FD1HVy\Documents\2wUnbqg2S8\tBFGLCUy70u3zz.csv.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Documents\2wUnbqg2S8\tBFGLCUy70u3zz.csv (Modified File)
Mime Type	application/octet-stream
File Size	68.52 KB
MD5	5ab9f79d5a6c2b66d93f1340ecdb8a42
SHA1	33c702119403002d7a1fe261d9e8b62c2e9ef1cb
SHA256	78d5c5e0889303a1692c6ee412feee7d7514b16a00a68f13c2c2b10018a774d7
SSDeep	1536:xXcEoNyyLfo0wyq0WRMTmzMaEoyjLiHBszpyec+Ff77qlu:xs9N90/mTmpEPLd5c+FfXKu

C:\\Users\FD1HVy\Documents\2wUnbqg2S8\vITwu3q-QI.doc.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Documents\2wUnbqg2S8\vITwu3q-QI.doc (Modified File)
Mime Type	application/octet-stream
File Size	90.93 KB
MD5	9802981e16649133806a7c201d276102
SHA1	df661badef98870aa6d1e09cfc995ffbcb072342
SHA256	7c38b70977ba56efcc504a18845d1ff752cc2ba65bb30b9ec27f1b630331176c
SSDeep	1536:t10t/PgVK5dgJziFQ579y0VmAwm4HVmWt6GfT2AtamBtPhjcnqS7ZZQFEfltFJpQ:t6t/ndtQK7nLPgGfT2u1tJsB42lXzs

C:\\Users\FD1HVy\Documents\Outlook Files\kkcie@kdj.kd.pst.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Documents\Outlook Files\kkcie@kdj.kd.pst (Modified File)
Mime Type	application/octet-stream
File Size	264.90 KB
MD5	91f0e2a4774dec2958e3db04da41fbb4
SHA1	9ba28e2136839e308a5f8fa6fafc953c6a9926ef
SHA256	865988d6a4db88eaf3d1f8dab5af59d47d47227d714995d89428141517f1aa38
SSDeep	6144:74Juq38pHI5sWb7CbhMaaKMQ353GbH1Tq222P/91LiGf:0Juq95sE7CbKU53uJx/98Gf

C:\\Users\FD1HVy\Documents\q_iuFLA6D3NMerXQD2O\hD19.doc.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Documents\q_iuFLA6D3NMerXQD2O\hD19.doc (Modified File)
Mime Type	application/octet-stream
File Size	9.26 KB
MD5	9808067c6202412286d51667277efb16
SHA1	076a45f312ce978e015b1b464cdb8ca6b2a14f7f
SHA256	4d9c7c6565d5c385cc52c534292807a4d32fd2d59c930e861c16d6b86daad66f
SSDeep	192:3FTkaLn5GljICQ8rg31byVD0bJqsmL5Ih9FqhfGNQiBRtkNnON:yG5JCrghyVDKqfS9FqhfO7

C:\\Users\FD1HVy\Documents\q_iuFLA6D3NMerXQD2O\2_OtWxW85zHSDtq95tl\1oOs1IYrL6FEBmbSgR7.pdf.ch4x0

Dropped File

PDF

Unknown

»

Also Known As	C:\\Users\FD1HVy\Documents\q_iuFLA6D3NMerXQD2O\2_OtWxW85zHSDtq95tl\1oOs1IYrL6FEBmbSgR7.pdf (Modified File)
Mime Type	application/pdf
File Size	43.55 KB
MD5	25f0920e1e6b0e6ceeb1fa278dec0b17
SHA1	cb0ef322fde30c29eb1d25a596f60a391a23d116
SHA256	c770022aaabe0c362fba4ba6822a587880c35555839c0223fdfad4f239b27672
SSDeep	768:73D5cZHPfw0f+yEDS8y4XTrWXYsd6Sma330OxsQPI+gtc0CLjdfsu2e2p0uR5:73DmHPfwqEDS8VTrRsx30OxPPtgtYdGP
Error Remark	Could not parse sample file: No /Root object! - Is this really a PDF?

C:\\Users\FD1HVy\Documents\q_iuFLA6D3NMerXQD2O\2_OtWxW85zHSDtq95tl\Yh3ofWzIAEkvC8B9wcoe.pptx.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Documents\q_iuFLA6D3NMerXQD2O\2_OtWxW85zHSDtq95tl\Yh3ofWzIAEkvC8B9wcoe.pptx (Modified File)
Mime Type	application/octet-stream
File Size	27.35 KB
MD5	14eb33e175ae1f88702f415e49b14f09
SHA1	ce07d7784ddf7edfd035a9358be39945bfab883e
SHA256	8f202c4df16272d4e1dc1ce6d4465356651ea45fbbf2ecf75a352b568d76bac8
SSDeep	768:Mx72gF6gnPWDWWE7mSAp16XAsq5SR0LRnbeLk9:Mx7ygPWNrSAX6XAsq55NnaU

C:\\Users\FD1HVy\Documents\q_iuFLA6D3NMerXQD2O\75aoRo_JhUow\jp3IwT2eeqFfyJXXVy2\P0uh_TPl-yn\Jn3gSn.ppt.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Documents\q_iuFLA6D3NMerXQD2O\75aoRo_JhUow\jp3IwT2eeqFfyJXXVy2\P0uh_TPl-yn\Jn3gSn.ppt (Modified File)
Mime Type	application/octet-stream
File Size	69.57 KB
MD5	9367cdd78d9de73694952a85351ee93c
SHA1	7aef4845bbc37299bcfe71c683402efc503801a1
SHA256	9d0416892ce0dc6a647abc9d6963a4ab06095aa1b2f42cef4d1fbc1aa2156ac4
SSDeep	1536:WDyXCQqcXQCFhC10bzdDNWdwAkY/uob1C7bHp2PjLU2:WWyQdgwha06dwAhTbqF2rA2

C:\\Users\FD1HVy\Documents\q_iuFLA6D3NMerXQD2O\FQCQHP\b bwd9k.odt.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Documents\q_iuFLA6D3NMerXQD2O\FQCQHP\b bwd9k.odt (Modified File)
Mime Type	application/octet-stream
File Size	31.18 KB
MD5	a0b6f6dfd044914434d0a3ed887644f6
SHA1	842e60c39f94d4ab13617854020b6855e97ea54d
SHA256	c9a664fc4eb81b07d03a33126cbeb631485370e30e989f7a54062af73ded0887
SSDeep	768:Fpzqn8mHpcXISIq81mVQyWhrVlDaK0xgX9+rYjix64edMaWhtehz6jQmo:FVqnvnsQ12RE9KRw/Whtehzvmo

C:\\Users\FD1HVy\Documents\q_iuFLA6D3NMerXQD2O\L980QzW9fizhEEr\3exSwEhZrtqz9uNox.doc.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Documents\q_iuFLA6D3NMerXQD2O\L980QzW9fizhEEr\3exSwEhZrtqz9uNox.doc (Modified File)
Mime Type	application/octet-stream
File Size	22.87 KB
MD5	0778c34ace337205a9634d2636a43d12
SHA1	205dc97698e4296f93cf31f912148eee4d7f0d95
SHA256	44e9c6d131796eba96951f5eae877d68c49dc2d3447aca333e220b1ca39d4c6e
SSDeep	384:UB/f8mNFCXH+QMBJK7aZcXtCS2a5dp7IJkki7Q/WqoGivoP4zqyRfNliV0XxUYxr:UBV+z+bAtFHp7IWkkQpTigPGZfPkUfxr

C:\\Users\FD1HVy\Documents\q_iuFLA6D3NMerXQD2O\L980QzW9fizhEEr\b7yb7HbFabQa1E2BJHW.pdf.ch4x0

Dropped File

PDF

Unknown

»

Also Known As	C:\\Users\FD1HVy\Documents\q_iuFLA6D3NMerXQD2O\L980QzW9fizhEEr\b7yb7HbFabQa1E2BJHW.pdf (Modified File)
Mime Type	application/pdf
File Size	53.27 KB
MD5	f9549f02320de8db1a9966bc95c09c31
SHA1	a70708bcc87bb09cc8d06c2ca36b6c5739088ac5
SHA256	96b3d006936fd8ebc96c7a53f913d113af88fad5a3b9d57eeb25822e8d8bfdf1
SSDeep	1536:gBxq0qZ8cqrTSsh9zQkXNCIrcauANaCRSNHqADM6lA:gBMcTzQ6CIrcaFRgf4mA
Error Remark	Could not parse sample file: No /Root object! - Is this really a PDF?

C:\\Users\FD1HVy\Documents\q_iuFLA6D3NMerXQD2O\L980QzW9fizhEEr\wAudWC7s.pptx.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Documents\q_iuFLA6D3NMerXQD2O\L980QzW9fizhEEr\wAudWC7s.pptx (Modified File)
Mime Type	application/octet-stream
File Size	27.51 KB
MD5	7a863408fe839574bae3bf3f05112821
SHA1	9f86db2a74371f546cd9b5b43684be1bb0c154d3
SHA256	2ffce74702f59f91408c6978e617215b58d5dda2d535de5550317626d559de85
SSDeep	768:SX3hcpKIsWn7Y1X9O7y2zHXtG5RBUG+RPN5iEpjY90JA:SXyIann7/d8qVHpFY93

C:\\Users\FD1HVy\Documents\q_iuFLA6D3NMerXQD2O\L980QzW9fizhEEr\sbIk86s\9A_jvCELgzmWz-Uel.ods.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Documents\q_iuFLA6D3NMerXQD2O\L980QzW9fizhEEr\sbIk86s\9A_jvCELgzmWz-Uel.ods (Modified File)
Mime Type	application/octet-stream
File Size	42.51 KB
MD5	6c68a85b0673441b65a82483c0cd0636
SHA1	47fd787e3dcfa7e31ea2a34ab6fb8a687a416da9
SHA256	b4c15628aac617f9b4fafd91ff2e8af48008562a96991cf175e478a43235ecee
SSDeep	768:evb0+A/OqoaHSme821TtT1LLwIOhRq3t1VemRi0lF1jaWvvK10:evbNA/Oql6RdtTpwq3XNoY1jHx

C:\\Users\FD1HVy\Documents\q_iuFLA6D3NMerXQD2O\L980QzW9fizhEEr\sbIk86s\tW7uZjy4MgrEP8.xlsx.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Documents\q_iuFLA6D3NMerXQD2O\L980QzW9fizhEEr\sbIk86s\tW7uZjy4MgrEP8.xlsx (Modified File)
Mime Type	application/octet-stream
File Size	17.65 KB
MD5	ccd69b1c35b3060cc912799009aed422
SHA1	70edc6769c4b8fb8cfc49109db3a8ece3035b52b
SHA256	c0261b43efcf7ad45379dcaaaea1cc1982adb0e87613d5494dfca75b6049b44e
SSDeep	384:btPd5UyYO8CmkNgpBZXyUZ8srsZOf82TgUJxE:FXt8C1gpB1K4YO5TgUJe

C:\\Users\FD1HVy\Documents\q_iuFLA6D3NMerXQD2O\L980QzW9fizhEEr\sbIk86s\x5YqhGwKaGy_T875gci.odp.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Documents\q_iuFLA6D3NMerXQD2O\L980QzW9fizhEEr\sbIk86s\x5YqhGwKaGy_T875gci.odp (Modified File)
Mime Type	application/octet-stream
File Size	67.74 KB
MD5	9c2ebbf842ea4aec42a2bb8bab6cae42
SHA1	d2a97b587e2cf10469163ba8c304e27f017c2a97
SHA256	8828b76a5c27724a08f86654dcb6ce3cac0cb718c96e71ebf4796d289981d7f5
SSDeep	1536:f6F7KsPOnAXWIh9bWSeknYTHTlXCsljUNy1gHjMQQE7J:f6Fxm5Ih9bWSe5BXC5y14wQD7J

C:\\Users\FD1HVy\Music\5qA9vop4 An.m4a.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Music\5qA9vop4 An.m4a (Modified File)
Mime Type	application/octet-stream
File Size	52.15 KB
MD5	cf2bc7746cb360d636d3805539d261c4
SHA1	d9b3cc2fcd0f5a7df09ac717703e406391161385
SHA256	26931c87f211479f0d3e7d54ba9bc23f244b620220431022b55e816c6a9b39e3
SSDeep	1536:vInyQORR6s/nbE//4biwbrHXQZpKuZ+FfDXPwZm:vJ+s/HbhbrHXQWLF7oZm

C:\\Users\FD1HVy\Music\hzljuwM0b_56EStPz.m4a.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Music\hzljuwM0b_56EStPz.m4a (Modified File)
Mime Type	application/octet-stream
File Size	86.58 KB
MD5	8c9c68a1d033a289cd822d893864e95c
SHA1	f6394939d00786218ac761c4a42fcadcf2164c53
SHA256	c35afc234c4a74aaeab6874d1c7f11cd14734bb98420f44fa755f7ec69e6e43f
SSDeep	1536:vSTVXufWVafxnNHkGOTDf9cm6DxxK+Zw8bIG5zyxbPRv9QrvOPfBXZuA+26:v6cpnNEh9R6DVIG5+xTRv9qvOHrT+26

C:\\Users\FD1HVy\Music\VZk6c1S4WssYkc.m4a.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Music\VZk6c1S4WssYkc.m4a (Modified File)
Mime Type	application/octet-stream
File Size	10.73 KB
MD5	4478801e05cd3b43c96fec3ac642a59e
SHA1	daa0d80d00dbcf1f8d54537ee283a774f5955211
SHA256	26ac9482f761b23aa39067fde837a66aa40de1edbe6f049df1be0e1ad4ba9bfa
SSDeep	192:pVgqNfCSdjnLSGHZkoD8VHXCJOI4Az85ExDX66jPcA4bu56Jqgy//+mG:pVV9HDy3LExOWc26JqrmmG

C:\\Users\FD1HVy\Music\ZBQplhKd0q0Az0h.wav.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Music\ZBQplhKd0q0Az0h.wav (Modified File)
Mime Type	application/octet-stream
File Size	56.58 KB
MD5	4b9bf541d1b3a50da92cd9b7bbcfee56
SHA1	b125e7a2003ce2638e6799d5ab51135da5c72bf8
SHA256	4743f9405c3b48bfd97c1725989298cc1f6a74e05484049f5e92ff54f59c1f98
SSDeep	1536:wr9ViXtroEs3Tow6K4+Lp4vOcdHehWaZBLzlMGGkq5L8LLG:wr9Ktro9EJcLp4GcAhWaejLL8LLG

C:\\Users\FD1HVy\Music\bywZN LZbW\HawHtnhaU.m4a.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Music\bywZN LZbW\HawHtnhaU.m4a (Modified File)
Mime Type	application/octet-stream
File Size	39.99 KB
MD5	35782cc4c213c43569bfb424005984f8
SHA1	c88daffcd1d593c3ace4ad5e89dac9cb04bb8dff
SHA256	069228b6096df37c9d513aa55ad479828d7e70926cc74599727c30afd78e1b31
SSDeep	768:vmh+mAFQEp+c7P6V1/aUEdTqj4NPeoEd3JF2h+xPXnl8jKgnY1n2q2tydpmdABF:v+3A+EwcTaNEdmj2na5F2kvnUYtSydp

C:\\Users\FD1HVy\Music\bywZN LZbW\Ljg3V.wav.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Music\bywZN LZbW\Ljg3V.wav (Modified File)
Mime Type	application/octet-stream
File Size	5.05 KB
MD5	a382f7154439fea4a40eded4940f5a87
SHA1	939be78eb7b79221ed2d9f478d5f6a60b1dba074
SHA256	9ef5a7c85b0632d5f2c7ce1f1ce24145a1d4eb5b7d5f9b3bceb23d599127109b
SSDeep	96:oIKOW8eGfPBhaIJ+OUnYFDP94QSwpI/XtoZayqWbn4SSqvd:lxzaIrU6OQSwpmXtonqO4SSqvd

C:\\Users\FD1HVy\Music\bywZN LZbW\MDADJtH-.m4a.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Music\bywZN LZbW\MDADJtH-.m4a (Modified File)
Mime Type	application/octet-stream
File Size	12.66 KB
MD5	adf695d41c9604fbd8b28584f7b2d681
SHA1	ccb4cfa497bec43500f604697d9d25ef7a103f78
SHA256	19042d340f2b20d5b53449e52cfe16e18b2c9877abc997aec94f2ff382652153
SSDeep	384:pVPTyp7XVDkEBsHIYOKjhrymg/tIoiZNj40+al47c7+Ni:vPTyFbBsOMymgFtoNE0Nl4o7+Ni

C:\\Users\FD1HVy\Music\bywZN LZbW\uHC1JO8WzKZ9R.mp3.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Music\bywZN LZbW\uHC1JO8WzKZ9R.mp3 (Modified File)
Mime Type	application/octet-stream
File Size	58.40 KB
MD5	0f50a4716390ddb87472b226a3b9fa86
SHA1	3536fe2849b4e72b2b9466d3bed6ca26b93189e0
SHA256	2e7c510e4f12cd034d2d3f1a49bd9262800e08d735b73647ff6ae17335f1f337
SSDeep	1536:E60Sqw/+WGpR+iLZq/vj6TQ05UuZL3I/xMBL:oSD/BfaEO5UuZzISN

C:\\Users\FD1HVy\Music\bywZN LZbW\EodBRfGb4L7-hgf\uxU4XWxNONg.mp3.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Music\bywZN LZbW\EodBRfGb4L7-hgf\uxU4XWxNONg.mp3 (Modified File)
Mime Type	application/octet-stream
File Size	55.10 KB
MD5	9700bff08a66a04b33f6fed0e212e05f
SHA1	3c081e2ef11728dc694114ec7f06539d9c99137f
SHA256	1fd789e7cbe257d9a24f2f1465a737ebd246a1723225589e24e3f858241ebe06
SSDeep	1536:zFhYE/dT7y2M+W0Y/ecWkJc7dD+BLj8o160jn:rF/VRMD0Y/HJG7dD+BLAo1v

C:\\Users\FD1HVy\Music\bywZN LZbW\EodBRfGb4L7-hgf\wQzX.wav.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Music\bywZN LZbW\EodBRfGb4L7-hgf\wQzX.wav (Modified File)
Mime Type	application/octet-stream
File Size	48.77 KB
MD5	582c74a11baa04202d855479cd5bc751
SHA1	45761c3c4f897b9f52431c16de818a54f448a351
SHA256	43186e9740c550e324d2bdfb6c5ebb1f66993e562b9192e29423a7d1c2bd5f8b
SSDeep	1536:5c5idS9CktwzXnXxCUox0dwdS71+DvGaD6Xn:CYMjGcUo+6dzB+Xn

C:\\Users\FD1HVy\Music\bywZN LZbW\EodBRfGb4L7-hgf\zLbA5W_Z_Ov.mp3.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Music\bywZN LZbW\EodBRfGb4L7-hgf\zLbA5W_Z_Ov.mp3 (Modified File)
Mime Type	application/octet-stream
File Size	19.01 KB
MD5	7c40f14939e0be339982954b79305416
SHA1	feaf95f483ae1dd16bb9f787cfcae7a22fbc1a7e
SHA256	69d2b5329ba7f411909024db6a6825df731f2d984b32dc79122aa43e30dc6e7b
SSDeep	384:t+1jI32IBfKG/77gICYfV9yxJDBmWIUFV2+WU7WX6pZp2pLSW2o9xP:X3Bf9T7TCYfV9aJDEU6U7WXyZpeLxH9p

C:\\Users\FD1HVy\Music\bywZN LZbW\F7gf-\9M60zi.mp3.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Music\bywZN LZbW\F7gf-\9M60zi.mp3 (Modified File)
Mime Type	application/octet-stream
File Size	57.54 KB
MD5	0d115fd31546494d265f19cbcad0e3e3
SHA1	a74fb492fe671a70a98de3840d998d32a28fd3b0
SHA256	45fd3f6079efafe2b7937de2d0a379c25cf061009b72514f0aa096b0702ae901
SSDeep	1536:RhjMSY37jVL2M0XLd76s2jtMWS5nFjdzmEFBF4isLjaN:RhjMN7J2FLksCG57F4ilN

C:\\Users\FD1HVy\Music\bywZN LZbW\F7gf-\opwtLkxW-5WGKl.m4a.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Music\bywZN LZbW\F7gf-\opwtLkxW-5WGKl.m4a (Modified File)
Mime Type	application/octet-stream
File Size	46.35 KB
MD5	e67580acce160bcb4adfdd9647e1b783
SHA1	6ac9db3479970814b1a9c9d8d5e92e45b3002619
SHA256	45d0ab43c4febda7345d9dab1be4d1732649827775ed0359e7595d0a3e22fd40
SSDeep	768:v0QWmsUc6zgO1DaPeV1ITWGMIbqyd6jhV84V2Ffm3RZPTV/VDX/EMoXfxh0i+Dll:vrWRZ2DVV+MgqeKhuQ2d6RZZNsnvxW7

C:\\Users\FD1HVy\Music\bywZN LZbW\F7gf-\OzuZtzPO.mp3.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Music\bywZN LZbW\F7gf-\OzuZtzPO.mp3 (Modified File)
Mime Type	application/octet-stream
File Size	23.71 KB
MD5	3b11975aa5a0c527ce317e566d791225
SHA1	f4cc1f05700a863e6337a54622bd938ff496a7f0
SHA256	5adb55ca3a19b5449bbafd6360f5da8c1caf22a51addfd85236ced1ce7893795
SSDeep	384:pe/418VA6+/vPGUQSSgBtcbqslWmEV22fxqf7N0i6vGp3G5yYlc+fKlSIorwxIgK:pW41866+vGU7Z0qsWsYQ5sO8UrlSIoGW

C:\\Users\FD1HVy\Music\bywZN LZbW\qBI5h8N7PTmwQn8GJ7WA\1B00W_x_7wl4.mp3.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Music\bywZN LZbW\qBI5h8N7PTmwQn8GJ7WA\1B00W_x_7wl4.mp3 (Modified File)
Mime Type	application/octet-stream
File Size	22.51 KB
MD5	fa36ca56c3bf06e72450ee12d564e3f6
SHA1	b5212299904ccf2e6f249111121c76dadfb0a61e
SHA256	bf854cfd955f2e995227e5b8e4eb51673e9a0942f001ed95aa74f4801b2d64a2
SSDeep	384:g2lceBIv+QOrtR4lzTe4CJ9p8oM9FBaPNmTz/AlVc4LP1uiR9CvG/4Ic6rIJLz:nVBK+RxRuPOmoMIPTNBuiR8+gImJLz

C:\\Users\FD1HVy\Music\bywZN LZbW\qBI5h8N7PTmwQn8GJ7WA\iqLOUXtQuD40 Y.wav.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Music\bywZN LZbW\qBI5h8N7PTmwQn8GJ7WA\iqLOUXtQuD40 Y.wav (Modified File)
Mime Type	application/octet-stream
File Size	70.98 KB
MD5	a030cff95f1edd077bcecb2b97a47ae2
SHA1	e81290ad493481838b2a9851ac30e00774c9d979
SHA256	54e66f65089a8c105cb6fd675895e13f710e62c28aaff4c8b8d7cfd4de656735
SSDeep	1536:qJOqMAM8YBjsHIV9kXh+bu9stma6aKzy1LY9dwhDof9NDJsnY:qscjoV9kUDtR/K/whDofNsnY

C:\\Users\FD1HVy\Music\bywZN LZbW\qBI5h8N7PTmwQn8GJ7WA\__AdBBRqj WXhzjtqktp.wav.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Music\bywZN LZbW\qBI5h8N7PTmwQn8GJ7WA\__AdBBRqj WXhzjtqktp.wav (Modified File)
Mime Type	application/octet-stream
File Size	79.99 KB
MD5	0cc7c5a632bcfa2c9d3770cc41ed1438
SHA1	016880a064da19ac5630ee6d86fcbb873ec3aecb
SHA256	e4da9606f5faf94fa252b80b8a94b76b2746d6926d3b95acc61aac093768567c
SSDeep	1536:EgCMcgOETifapf7LeyWznm/WBKNSYKVz58HekHH0k5iw5PAQe4d:EMniSJeyVeBKNa15mechTPAK

C:\\Users\FD1HVy\Music\bywZN LZbW\V26Q89\f0yrUmzX63uitcF.mp3.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Music\bywZN LZbW\V26Q89\f0yrUmzX63uitcF.mp3 (Modified File)
Mime Type	application/octet-stream
File Size	66.77 KB
MD5	7d4c4a64322b96939aa97f7a1a6ce7ab
SHA1	1b9decdb1b24582c7b9ae368a5da229264fc9578
SHA256	6d197e0677b5cd46736438de780ab30eca6172197f3c5c26cf7e3990ec4fba56
SSDeep	1536:4entabLwpR1GUJLacKj0yayrwC/MjANDlgxs+6trjsHO7aCYGC:dt1pRgeryaysuFlsn6tUutYGC

C:\\Users\FD1HVy\Music\bywZN LZbW\V26Q89\JHOrRiYn.m4a.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Music\bywZN LZbW\V26Q89\JHOrRiYn.m4a (Modified File)
Mime Type	application/octet-stream
File Size	19.19 KB
MD5	96f4efd9fa601db54dd4a7d769854710
SHA1	83a0bb5ceb7cee01ebbe901948396110cd544b88
SHA256	d44722d7164b2add6489bbd9b3641b5b70748ada7a82b1fc1283f19d9b4d4028
SSDeep	384:pV0AHU3fAwAGjSEb907jzxhbh/OORTRKgZ5K3eZmF8EJlaTvUBdAM898FeV19sm:vnU3fA0jJc/tTRLj1mF3QzUBuM8CeV1R

C:\\Users\FD1HVy\Music\bywZN LZbW\V26Q89\S-sj.m4a.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Music\bywZN LZbW\V26Q89\S-sj.m4a (Modified File)
Mime Type	application/octet-stream
File Size	63.85 KB
MD5	5555fd249f6fc7d4b3b3c5284aa03643
SHA1	c2537ab4d63866fa468f105fde782d8e54ef723f
SHA256	d90bd11c8ea2cdb32495f20e955bd3257c719161fcecbcaacb5de9454808457d
SSDeep	1536:vryng37JsYJmdLKPdbFCjDgAyT8UBqAxmyIg9rte:vX7JsomBKPhFCjDZe8UkANIKe

C:\\Users\FD1HVy\Music\bywZN LZbW\Zc8Y\koK2rjZRMOBDu2m.wav.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Music\bywZN LZbW\Zc8Y\koK2rjZRMOBDu2m.wav (Modified File)
Mime Type	application/octet-stream
File Size	37.27 KB
MD5	163d01b5f9f5a60ae63a1814180665d7
SHA1	03c87f349174781c0ca107bbdcc0f68ce3f3ee06
SHA256	1a0fe3ace330e84f9984415bf6ebcfba3b43389d9c7df6242e355a412ff4734b
SSDeep	768:L7z1pXNNPL/JPBlxlyQ409bOHzRj9Z47hhYz6Bdk18Q6L6ax/NZDK:L7z/zz/JJlxlN3uNjDK8z60qFVxlE

C:\\Users\FD1HVy\Music\bywZN LZbW\Zc8Y\XbLhzsg7WdeOkUH.wav.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Music\bywZN LZbW\Zc8Y\XbLhzsg7WdeOkUH.wav (Modified File)
Mime Type	application/octet-stream
File Size	67.23 KB
MD5	0012d54e45de61bb7148d1685acac863
SHA1	90f3a2b6ba0ff073db303795dd3e83df75512c08
SHA256	3065228a37740eca8acd3b73ec28fad1b946ec09b0e44cad6c3ef2ef57bb5c9b
SSDeep	1536:bLsMB63ETrV9vdx/mkS72f4t2XJJWFoRJ9QBl9YCHAW6fD9D:fsMscvXmf72f4toJJ72KZW6fDd

C:\\Users\FD1HVy\Music\bywZN LZbW\Zc8Y\7jr0lVxJU3WD\QII9BbbAu4ivCyz-M\H8fiT3wbr063XD8lUDdW.m4a.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Music\bywZN LZbW\Zc8Y\7jr0lVxJU3WD\QII9BbbAu4ivCyz-M\H8fiT3wbr063XD8lUDdW.m4a (Modified File)
Mime Type	application/octet-stream
File Size	21.88 KB
MD5	710b17e46d93ea60ae98d3141ad8d057
SHA1	b9f2fe2e5246fb80d880b0ddeaf716d813026564
SHA256	506e216f50c1ce4f52714c508503221c5df07702576e6ba5306ffc0a5f53c30e
SSDeep	384:pV/l8N6nicirSIjtiHz8YFsbF2flwHmqkRrCQA0vlWOam5KRAK9oLSEi:v/m4icoV4T5mbINwGqkIQAAllV5ZKl

C:\\Users\FD1HVy\Music\bywZN LZbW\Zc8Y\7jr0lVxJU3WD\QII9BbbAu4ivCyz-M\O3YpXzvilFAr.m4a.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Music\bywZN LZbW\Zc8Y\7jr0lVxJU3WD\QII9BbbAu4ivCyz-M\O3YpXzvilFAr.m4a (Modified File)
Mime Type	application/octet-stream
File Size	27.21 KB
MD5	dbb1db8faf51d12b2f0f05fbac798c45
SHA1	5335077e9d2087337705f152e1fdc9e867577768
SHA256	2ee258418d5e1c03b82c3372930c81a142f1fa90f54139690c8c165858c1e4b2
SSDeep	768:v9TuaLc4xzZNH2m1wl+czM0fj4ztPa8hbC94Stg1hHr:vdxPxzHTyM0r4RPfhGcHr

C:\\Users\FD1HVy\Music\bywZN LZbW\Zc8Y\7jr0lVxJU3WD\QII9BbbAu4ivCyz-M\pVjEx6Hqaso-gSFpt8Q.mp3.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Music\bywZN LZbW\Zc8Y\7jr0lVxJU3WD\QII9BbbAu4ivCyz-M\pVjEx6Hqaso-gSFpt8Q.mp3 (Modified File)
Mime Type	application/octet-stream
File Size	58.01 KB
MD5	d12ac24372cc4a9f78fd22fd23192f81
SHA1	30ecf3a061cb085d5e8e0f4e074583a9b689aa59
SHA256	380ae74ec52f64edaa3435e113ab6db7b53c60d9c6a3382de40a773ce8acbbe2
SSDeep	768:YPkYMThERqn4EvzGuiIioAWbT+H50gBHy3a/U52DVzFTfMTL1nW1n+PNs04du7eE:YkheAjvXxA5Sgya/UWJFTfMsdSeB1UW+

C:\\Users\FD1HVy\Pictures\2cx-lwZ0F12zNqaR.bmp.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Pictures\2cx-lwZ0F12zNqaR.bmp (Modified File)
Mime Type	application/octet-stream
File Size	78.91 KB
MD5	f653f192676f18a6eaeeade2e1ad0335
SHA1	d468910b3401937e4d7a092ae544a7cdf20c50c6
SHA256	e149f28d765756e9bae3bc47985204c7f0fc6d8371cae1db2038ce5655460611
SSDeep	1536:wWiA4qA2hsAzS+NBTLHj4DO4foSLcHrE3RlBgfUgAz6GRNbR9ltq1f0A:eEBhVu+HTszfpIHwl+XAPG

C:\\Users\FD1HVy\Pictures\3BsW.bmp.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Pictures\3BsW.bmp (Modified File)
Mime Type	application/octet-stream
File Size	5.51 KB
MD5	a43b247e365affcdb5b4d6d74e96395b
SHA1	75aa83bdec33f6da6558e0f2811831bfdd4fc9e2
SHA256	04f9312f15c0d6dc59d9d8e368d632409ea54b193ab88bb77b6bff915488c168
SSDeep	96:09PQye1NhrfPd0IeDFGpUVc7snhbsl2KZnY9GMcfHc2BaK17IViuliYCu:0fYNhrfP2nBLc4nhBKWw82IK8iuQYL

C:\\Users\FD1HVy\Pictures\dqJV.gif.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Pictures\dqJV.gif (Modified File)
Mime Type	application/octet-stream
File Size	50.30 KB
MD5	e243711dd778cc8033e4434f8b74706b
SHA1	c82ee80393b245f9e2b6638fcdc1503b5d147d02
SHA256	f2eee6b91a82da4285e634aa0a40907d48946e50b8240c305fd8563af5fa9029
SSDeep	768:93oR5tcrePtzWHGXKHrkr3VIrlquTUOTZeUVmmwg4BlcAiIxQDdxDCEMxs8OzxaW:1C5UszaQrFIRpUOVewP8PDKhxWEKwIVI

C:\\Users\FD1HVy\Pictures\G4lQTNZL5V9a.gif.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Pictures\G4lQTNZL5V9a.gif (Modified File)
Mime Type	application/octet-stream
File Size	85.58 KB
MD5	848c7d02197502ab30d9995a8553bd76
SHA1	b8829ab29ba375598d3409802e67da6c27572761
SHA256	521b23b2fe5c59c4e21cd42db5c6de64f9b449bcc456ad33db49e77b23e2e7ed
SSDeep	1536:1KgkNTBVOhkxsZQgW84c2tEgFQzhpqKYqswlcamQf4cysMOUNz4q6irGdNcvr:1KgoxEQgW84brMOKlNlL3qNzaXdOr

C:\\Users\FD1HVy\Pictures\HFoTn.gif.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Pictures\HFoTn.gif (Modified File)
Mime Type	application/octet-stream
File Size	25.94 KB
MD5	be63f64b85e5b79ba89457027ca55949
SHA1	ab878b61cb1f9356bf59bd0d0b9ff009acb88609
SHA256	11f7b3169afd15008616c6e8c80a53572b63f5a9a647c54b6f04841b737fd759
SSDeep	384:VL9F18oTAH/1A6ggUEFFvskdYfM5dh13Yd7jCB3ps7rNy+BIZDyJUv:VLztAH/SMU4PYFjCBH5yJUv

C:\\Users\FD1HVy\Pictures\hZ gFm.jpg.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Pictures\hZ gFm.jpg (Modified File)
Mime Type	application/octet-stream
File Size	60.69 KB
MD5	9aeeff4bd1f734fcfcd77ec63cd05ac4
SHA1	d2882aad48e8b5f3e874e3bf45420f40f9bd883e
SHA256	8c2173aac09044c31d70502737498e8bb03c6c3dcf64d40720ed569e2a9366dd
SSDeep	1536:iPRXef8GpOBNVPLt9YGPqJ7gPNry5M9TYagXPr+OYND9NIbxGIp:iPRX9G0BTIGi2J8cYagXPONDIp

C:\\Users\FD1HVy\Pictures\jHqXLgbnTW5oKBa-Evd.jpg.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Pictures\jHqXLgbnTW5oKBa-Evd.jpg (Modified File)
Mime Type	application/octet-stream
File Size	49.12 KB
MD5	5044eeae5be8174e04b297dffdc1cdec
SHA1	1b4dba1add0d674860dd9f9d7747a4281771f57a
SHA256	4fedeff7ad074dace85ec9ec50efdd01d96b5402a1cb7303540f4f8ba2a2788a
SSDeep	768:VvC/3Tz/bvVGQFbzLRw9GeMvcN4Y+tWgCiPKQLC9RUQQmP+R4+XpWVIHn:VGz/gQFf+BolY+BtLSvP+Rbp4IHn

C:\\Users\FD1HVy\Pictures\jWwYNsDwAEp3Q.png.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Pictures\jWwYNsDwAEp3Q.png (Modified File)
Mime Type	application/octet-stream
File Size	77.19 KB
MD5	d3bbc07934ebfec09b646855cadf8502
SHA1	7ac32a95130dd9d75f6d6eb198c68cf628afd844
SHA256	d247266e40a7e7ac754f8b929947c9f2e4397c0be8ee34456bb3132e52662360
SSDeep	1536:Gk9JxWDcSl9HFvFLqIp62XDoRiEFr+WLuvRcM:rJoPvdMFVyvRB

C:\\Users\FD1HVy\Pictures\L9xWNUI mom mKlP b-7.bmp.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Pictures\L9xWNUI mom mKlP b-7.bmp (Modified File)
Mime Type	application/octet-stream
File Size	80.71 KB
MD5	a00255dca70a2f41e7624096a1685736
SHA1	aa2570d4a9e219390f92522dd467d452a6434045
SHA256	36203611c5735f572d288c6fcfa53f2c2197a0f9cb77d3f61fb0b2c0e7882a18
SSDeep	1536:qPKr/ghuJWhOPBF1jxJJzFmPdpSeWtaLkfTFB8L02v:qPKr/ykEs31xJJRmPaLfRO04

C:\\Users\FD1HVy\Pictures\N- I3cPr.png.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Pictures\N- I3cPr.png (Modified File)
Mime Type	application/octet-stream
File Size	78.05 KB
MD5	38ebf03ac18ba2b9fee44817970f36f6
SHA1	5de720c4acd2f8b5c83118eac1e5d678e40ddfe4
SHA256	d822aa92c6f8970a6d9ab952070bd90cbe774d4f50e61c0415cb146f0ee59ee9
SSDeep	1536:Y/4fz7lStRKGvUJkZl0TLKaZn6dEmfYackb3/QalYhwEk1sP2AfmyYKfQc+Zxk0+:Ywz7MMOZl0HlZ6dEmfYBkbvQaChVN/fZ

C:\\Users\FD1HVy\Pictures\Ncb14E25FL8K8.jpg.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Pictures\Ncb14E25FL8K8.jpg (Modified File)
Mime Type	application/octet-stream
File Size	43.69 KB
MD5	3552f1eb74f8418824047fc7b3cee4cd
SHA1	1afd1fa453f3daa24e4aaa5cfbca1da59a84e6e0
SHA256	3c16ce47f84f54f607697a51c9d7619ad16aeba9fcad0cf986279dc4ed568f99
SSDeep	768:0Z/6VbwprHHgdg0SO3bvDrXBahi/xcquJ6uLvv1ITCxgbTCWDV9va3gr2aE:0Z/UbMrO337DrRaYF86uLvaTlb+WDVpe

C:\\Users\FD1HVy\Pictures\ndV4txWDroXPS5dMlC.png.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Pictures\ndV4txWDroXPS5dMlC.png (Modified File)
Mime Type	application/octet-stream
File Size	4.93 KB
MD5	6bccbe843ccee6ac919d4b09ed08cb9e
SHA1	5693802ffa8b411dc6744498301a506965b9dc38
SHA256	39d8f3effdf75ffcd514fe8d9e29fb2592dc692388a6da9769b3700ac52eda48
SSDeep	96:+o7cJK+dIK+wwhpBK+zWjGTvG+ag0ZFiZw4LLA9ASd8o5a2KLReXz9xvGGJDf4:+o7c0+dIrl90CTsvinZQ8aa2KleBxv9Q

C:\\Users\FD1HVy\Pictures\On95XMBbL4KR1.bmp.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Pictures\On95XMBbL4KR1.bmp (Modified File)
Mime Type	application/octet-stream
File Size	65.62 KB
MD5	cf002414b10afffa1d26cf21c326d27e
SHA1	7a1dd5cc7fe2dc79dd949dbc061ff65c8474851c
SHA256	23232ccc27653fde6a731a35d40713d62640fe55e66153262cdc503a82704eb2
SSDeep	1536:V2jPT6X5k6hN3KXsjy7TvU5SikIx1m6AWmujUMGd4AcbI0:V2DTaVX3KXse7pJIxQ6jhxGdz0

C:\\Users\FD1HVy\Pictures\RLqRayeZihM1myYUn5a6.gif.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Pictures\RLqRayeZihM1myYUn5a6.gif (Modified File)
Mime Type	application/octet-stream
File Size	3.24 KB
MD5	47b91d800b5a9adbd0c9a43018b83809
SHA1	dfc349b346bb6614a45c0ff86e63a237ae57c391
SHA256	0df71c1fb3d8d5d4be6ea3233181ffcd63bc2b267686e4c711f4a0f90efc3af2
SSDeep	96:rWXru5P+IGD3jUYgs0Y5C5UFcKtGHvFkP:KX6Z+Jzlok2DmGHyP

C:\\Users\FD1HVy\Pictures\voA K.png.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Pictures\voA K.png (Modified File)
Mime Type	application/octet-stream
File Size	46.15 KB
MD5	fdd5049151cb3286fcf01fb494f54fc9
SHA1	af4c601325a49d54d13c5be75c161ced8528a0c8
SHA256	4850ed7874d7d70ad57bd6c1a56536cb9acff895a25d5bb61bb2c1896fdca381
SSDeep	768:wJsnxy9KT5J4S/Ah9VAjhBPRQQf0dVL+N69/4GPMoc+ZSZAPUaNSn8:wJsnxy9KTDVIhXetQ3dVaigG0nCuYl

C:\\Users\FD1HVy\Pictures\WpO0PCf3tF-0UZ.bmp.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Pictures\WpO0PCf3tF-0UZ.bmp (Modified File)
Mime Type	application/octet-stream
File Size	67.43 KB
MD5	22f9ffe8b68e4be69d16794173d85ee5
SHA1	8a43aad70f44949a873d08d56d662e7b17e91a0b
SHA256	b0e1402b56ba29775a4fbdf1a0184af01352152a6a954c49aa1b7eb267a93170
SSDeep	1536:UoRuZkACD1AxDCZgkWUOQNpN90LH39YVzBjojS9FCM+RD:pRu5+1AxDCZmpQpN9a39U+jK+h

C:\\Users\FD1HVy\Pictures\_z6 4.png.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Pictures\_z6 4.png (Modified File)
Mime Type	application/octet-stream
File Size	49.33 KB
MD5	d88d3f74ba59d1c552f73276eb1d2d9f
SHA1	3cadff9299ef0d48e4d5c3ba27ccd272ee466459
SHA256	0f4454367322477de8d3820181426587591a7564fc314ea3c8fa546dfcdd6c90
SSDeep	768:qt07oIbO/1fHrCiJJ3OptPnY67QdF9Lq5cLIvH0GxVc9HYq0wfVSeDQzBbcMCy80:Y0UgO/xfYnY67uFhjnfVSe0yyL

C:\\Users\FD1HVy\Videos\g9W4Le\BsTn3W4x95EZNq8l.mp4.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Videos\g9W4Le\BsTn3W4x95EZNq8l.mp4 (Modified File)
Mime Type	application/octet-stream
File Size	96.15 KB
MD5	243b1ab39fac133c85efd0243b09050c
SHA1	70285f21c57b5b420b42bfd6957cd9d0850b499b
SHA256	e0e92df7c80ab115ff6caab237018bed3942385dbfbd4829ede193b0a3187012
SSDeep	1536:kbBteeEbKPkynrYPSoE0RU43/+5NEKH8JjyG7ix6vWW4Ne3jmHb30JPIC:ybebbKPnnrYPvF3xKH8JHevNEk0JPt

C:\\Users\FD1HVy\Videos\g9W4Le\Dh-0Gz7ZY.flv.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Videos\g9W4Le\Dh-0Gz7ZY.flv (Modified File)
Mime Type	application/octet-stream
File Size	77.83 KB
MD5	21d15807bbe6dc11101d427585c018dd
SHA1	5390a3e1060f950e317be2b8ae0fe00fe705111e
SHA256	2caa0f0ba53c7147979651eb2fce98cbcac984fd88774d4d3d12bd66995355cb
SSDeep	1536:S5VSrfaBwr6tQ/vZZBXnVBOUGtIXyQBCMxIolhky9zKiH:KVWvLv/B3VBZpia/hl9zKe

C:\\Users\FD1HVy\Videos\g9W4Le\wQHR0MmS.avi.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Videos\g9W4Le\wQHR0MmS.avi (Modified File)
Mime Type	application/octet-stream
File Size	57.13 KB
MD5	6f56d1f5518f67dda84a9c5d211c522b
SHA1	c8545b250d729849a9c245d5e77c5b71afd646af
SHA256	b776e08ac7998d4655b3c3b4a2b6a017d299fdf1927f26d93ee8a245d5de606d
SSDeep	1536:z1xtQtf28v5C3NqLMIZ0ITRlb5WCU9SmwVzw:zjtQtuN3sn0IT5W/SmoM

C:\\Users\FD1HVy\Videos\GdOxNv0sZKn\F0s4VR4jaiSxUsjT\7MdtJ.avi.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Videos\GdOxNv0sZKn\F0s4VR4jaiSxUsjT\7MdtJ.avi (Modified File)
Mime Type	application/octet-stream
File Size	72.82 KB
MD5	8eb15f60b3aef7e1fea8742b9e8d8bf4
SHA1	fa5e6f29c4cb3b212e1a26556066a86c3e659a7b
SHA256	c35102856254412aa02dce0c75b58a8a7471b490e1bdb48f80c99013f91f928a
SSDeep	1536:Jy2oxr3JOnCg0krWi/OMX/+NWlvToZrYoi23SlhcLRiDq2fBf5mUcL5:JTSOVvgYToZcq30cLd2jo5

C:\\Users\FD1HVy\Videos\GdOxNv0sZKn\F0s4VR4jaiSxUsjT\NSPauty1pChs9qmDoa.flv.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Videos\GdOxNv0sZKn\F0s4VR4jaiSxUsjT\NSPauty1pChs9qmDoa.flv (Modified File)
Mime Type	application/octet-stream
File Size	23.90 KB
MD5	fa227e05547308d3ccec127a1952f026
SHA1	0f77aa8ec255118f315ff15ef5338ff1fb117d41
SHA256	9abaf06182debf644a323c25f84143b119656f682ab2a8345eaea3c063880309
SSDeep	384:+Tp9oK6YEq5urSUNWMMZSsuaQPp+NuqAyZWcrj5pg2TZ2V9puBlrwmWV6J4yioAT:+Tp7eq58B5lRQpAyE+55Q4rgY3ioAT

C:\\Users\FD1HVy\Videos\GdOxNv0sZKn\F0s4VR4jaiSxUsjT\hc1cETuDJlhvcVErLc\zJN6tm3pAEA.mp4.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Videos\GdOxNv0sZKn\F0s4VR4jaiSxUsjT\hc1cETuDJlhvcVErLc\zJN6tm3pAEA.mp4 (Modified File)
Mime Type	application/octet-stream
File Size	31.58 KB
MD5	b82e9bc893141bc070124a60035f71c9
SHA1	6fd0316ad079976fb3951bab552dfacc2df04af3
SHA256	f246b05a08d899152c7bbcde9824b9e1c74b78fec1f6be4989cbff0965a9c5c8
SSDeep	768:bRUZL712lGlPRQ8+efln9T5HGnasVhcCJBa/Y58CwqdlgpXMLD:IL7184W8HXBGnadbYRd3D

C:\\Users\FD1HVy\Videos\GdOxNv0sZKn\Io8nCvBd\2R9uJmm.flv.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Videos\GdOxNv0sZKn\Io8nCvBd\2R9uJmm.flv (Modified File)
Mime Type	application/octet-stream
File Size	13.83 KB
MD5	7126a196ee4b9e7e43487f9d2fbd722f
SHA1	37fb2935d56c9ba331ea3c4540c8857624d57751
SHA256	63134923b3ca89afab60f28229d935040b0d19ecbc0d5178075eb1a3b4d320ca
SSDeep	384:zAGTjc0tCmv+X4utMN49EITUNsrH4QM0PQ+J8PHH3ql:zAGLt5vqFa0JmP3ql

C:\\Users\FD1HVy\Videos\GdOxNv0sZKn\Io8nCvBd\_AvJXhc.avi.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Videos\GdOxNv0sZKn\Io8nCvBd\_AvJXhc.avi (Modified File)
Mime Type	application/octet-stream
File Size	39.76 KB
MD5	bc4a380a14758f1d5a045b941c549180
SHA1	712483f67fbbf9df782685460a83ab90674043a3
SHA256	5f53582e59b7af96320faf9b303b709aa164fba14c2de4f152614d17c72525da
SSDeep	768:z/prAlWoM0a/6vQFZkJiu2IJF+K82e7o0g5sJRbupJ/3JJoG5L42p17pEUlfYw:jpuMbesZkJiLIXPve7o90NG/3ES0a7fp

C:\\Users\FD1HVy\Videos\PaAGsz4bWU6f\-lU0t7jOBXRDuk-f8 EX.flv.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Videos\PaAGsz4bWU6f\-lU0t7jOBXRDuk-f8 EX.flv (Modified File)
Mime Type	application/octet-stream
File Size	27.91 KB
MD5	75da518c12d7e00c4933380e21f40be2
SHA1	39d299aa33fa2313f383fdcff8a3bb7a7287f87b
SHA256	a2b6f5e7c6ff1f78b85f554d229503a730f6a84a41e9ed47dd62f73985919342
SSDeep	768:7U/dfJLFFcvQfU7b4Jf/56Ay2pxBBm3BSqV7HuxSlDCf:Sq1b4J3QCzBYxFuUlc

C:\\Users\FD1HVy\Videos\PaAGsz4bWU6f\ZchWCnDxc.flv.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Users\FD1HVy\Videos\PaAGsz4bWU6f\ZchWCnDxc.flv (Modified File)
Mime Type	application/octet-stream
File Size	34.32 KB
MD5	d37dd60af7d85cde5aacba58e6821ccb
SHA1	6aab838ae5264fc6432d7fa20d55be3667ad82d8
SHA256	c8861184989cf5ee00791c678dacd10b301d7aae104c19b937504512fee4ac3e
SSDeep	768:CWbEneoaLNB8ts7s75W7UJeIXpxxtItVMTUOxXU4MyY/OMHX5xYvrh:QnfaLT8ts47kueCbUOxrQ3HXrY9

C:\\Windows10Upgrade\resources\hwcompatShared.txt.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Windows10Upgrade\resources\hwcompatShared.txt (Modified File)
Mime Type	application/octet-stream
File Size	806.05 KB
MD5	9fd174268a87832619f79a987459175d
SHA1	c4dfae6d212f2a1bb87bc0272bd88fefb0ed3ade
SHA256	0ec21e95e2e728779cbe2af49af258ff1439f02958ae9b3ec211f94fab7998ce
SSDeep	12288:DZHziELVM7xCdKr0a9h2pa47GLhsMLrB2/8n2hu81RNV+4mqR0QkkJj7mh2RA4F:DcEW79bepmhss52uIL+4LukpO2t

C:\\Windows10Upgrade\resources\amd64\hwexclude.txt.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Windows10Upgrade\resources\amd64\hwexclude.txt (Modified File)
Mime Type	application/octet-stream
File Size	2.29 KB
MD5	88829367ad2b35ed0fe32587931b3ea8
SHA1	d5b0d703d6a844fcb3b0c5c7ced026b8e0ec711f
SHA256	98dcda82c95379033324164b0ccb3dfef57aa4dede28fa8c845991ce9d28496a
SSDeep	48:8MqzOr0xUnRT/hku1h7SzMbByzYP5sWIaWR/xgj+R+YL61fsgKVy:SOr0K6uzT8zRfR/ljYUgKVy

C:\\Windows10Upgrade\resources\i386\hwcompat.txt.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Windows10Upgrade\resources\i386\hwcompat.txt (Modified File)
Mime Type	application/octet-stream
File Size	16.15 KB
MD5	8097051761a7dd9689c11f07a023ecc2
SHA1	3db261af80f068f8cc6c8efe89f62e7a3398b5e0
SHA256	0a122a89199750b3f2cfae33c391c3f48fab7e012276ad7893ff925da437b7bb
SSDeep	384:ZDJ7gFAuBx264LRnCx2QAOoFbdL/i/b/etK:FaA82J9nycXbdri/zetK

C:\\Windows10Upgrade\resources\ux\block.png.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Windows10Upgrade\resources\ux\block.png (Modified File)
Mime Type	application/octet-stream
File Size	951 bytes
MD5	028b9638f2a3669aaccea3eb11f853f6
SHA1	e547f03fc483fd3da15785869337983fea3154f5
SHA256	bc907dabf0343821710d040cc2c4b061827f155cf472f42d5b256e15f809fa4e
SSDeep	24:8NCGgI6GwbDutlOW3bMuie9yzDVq6KsmjtvJ67ryF:8wGgI6GdPOW3bM1kyzRqfTB6iF

C:\\Windows10Upgrade\resources\ux\default.htm.ch4x0

Dropped File

Text

Unknown

»

Also Known As	C:\\Windows10Upgrade\resources\ux\default.htm (Modified File)
Mime Type	text/html
File Size	61.10 KB
MD5	3fe5ff8e9aff945bd243767f88d7db41
SHA1	1fbd0f8c0772c7aa79209ab1fa6cf855d89379d6
SHA256	af6a686d038a7401274d4afe2f745b3b461fe10b6f8c32323408e2af599dbdc3
SSDeep	1536:6sKnt/oIWSlQbF7DdbxH+mxhDnBqXUM4M4Ljbm4r3KCzqN/Uw:0FoMlQTZTyUM4MEt3zCUw

C:\\Windows10Upgrade\resources\ux\default_eos.css.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Windows10Upgrade\resources\ux\default_eos.css (Modified File)
Mime Type	application/octet-stream
File Size	6.57 KB
MD5	45088b6873c04018d518ddc6d1075d59
SHA1	283ab4cd6a11a068bc7f59ebe95819a8f5d9e6b2
SHA256	abe7774d9f07b69aba148855c43f1c4c45cf1b68f16f87b15a4d61a69fb94861
SSDeep	96:5yRpBp+lNy/wIBdA7aG+vPBd4MD6oQc/Zlp9qvNXy+/WFsRywatb6HcUIwIaSw:QFC2HGqBd4MD6Y9EJVRjHpl

C:\\Windows10Upgrade\resources\ux\default_eos.htm.ch4x0

Dropped File

Text

Unknown

»

Also Known As	C:\\Windows10Upgrade\resources\ux\default_eos.htm (Modified File)
Mime Type	text/html
File Size	54.58 KB
MD5	b6961726c37e26c9df09c5ec68560bf1
SHA1	5a37c3f9f665b830c97c15166e9c46e5e70eba0f
SHA256	d91cc276efa4513542b0a44271fb8f81a8f2e74913cd5435957c0c51b482419f
SSDeep	1536:DGzLbIaSHwKQoyQGHHEn3Y2J/ktKTop5k:+LbIaguo/GHM3VJN

C:\\Windows10Upgrade\resources\ux\default_oobe.htm.ch4x0

Dropped File

Text

Unknown

»

Also Known As	C:\\Windows10Upgrade\resources\ux\default_oobe.htm (Modified File)
Mime Type	text/html
File Size	64.19 KB
MD5	9920e6394411a6d20e961f10c1c535cd
SHA1	92c90f2e07535c30bd0eee111410461c9a5eda02
SHA256	a84bda74d8abdaea40a6cdbe851679aed4f5abd9b876682a38daa9571e6d3341
SSDeep	1536:DGVzTuSMJJZdO4caD4yud1SkagSG1zbCX0xEbjMlki6Kyuwtxfw8Eosfx:aVz/MJJZd/5u7ajG/s04Mlki6KOf/Enp

C:\\Windows10Upgrade\resources\ux\eula.css.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Windows10Upgrade\resources\ux\eula.css (Modified File)
Mime Type	application/octet-stream
File Size	119 bytes
MD5	3ae20bf208ea2a1ffce34cdb94b2265f
SHA1	1588ea2e8adf7819c7d311a2de94d3362971860f
SHA256	fd088a0f48784db36c341225b46842717ecc75ff59a0860fd0d043d24e2c1ad1
SSDeep	3:1rg2s2VIYg4RdFCUP0kbLd6pPVR0MnEQvcQunydD:Vgv2jgk/0kyT1n5EQunydD

C:\\Windows10Upgrade\resources\ux\GetStarted.png.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Windows10Upgrade\resources\ux\GetStarted.png (Modified File)
Mime Type	application/octet-stream
File Size	3.77 KB
MD5	84cfce8a20ecbef0bd8657d32c727820
SHA1	dbb43700c055cd6fa31a6ade03b84f77763cd47f
SHA256	f6a2b742cad84aaf5a57014e23ac917abb0cea0ce165d630fff03a1f8f891e9e
SSDeep	96:juE4Khy9P+bs4qVw1QcpEN39tLetZ468y3ZyFg:juE4Ko+fqVm9EhLetZ468Qt

C:\\Windows10Upgrade\resources\ux\GetStartedHoverOver.png.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Windows10Upgrade\resources\ux\GetStartedHoverOver.png (Modified File)
Mime Type	application/octet-stream
File Size	4.01 KB
MD5	3290f7383ccfc283593f950830ff786c
SHA1	d36a0df1274161efa03e8a6f29e2b40f40a0b371
SHA256	6bbde96ca1db7368cc659072d1040bed64c8d44101d25ed56f337c4ee7023963
SSDeep	96:juE4KPUMYwoDBDW83m6jr2nupy+uzMRgz4vYBx:juE4KPEwoDBDZ2IuISz1

C:\\Windows10Upgrade\resources\ux\loading.gif.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Windows10Upgrade\resources\ux\loading.gif (Modified File)
Mime Type	application/octet-stream
File Size	17.02 KB
MD5	6dec703e00309cfd86f4dffd3ad4a6a1
SHA1	c4114716471aee0dddc660e1ab5092e7bfd8034c
SHA256	e93d1f605c89fe811d07f150ae6f206cf28e094b4755832c51dc718de491d01e
SSDeep	384:OpAQtVnyPbBv8NWiQwqfFQem6+J4gvooO3asIQHdEK/J246:JQuBviqmJamsIyfU

C:\\Windows10Upgrade\resources\ux\lock.png.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Windows10Upgrade\resources\ux\lock.png (Modified File)
Mime Type	application/octet-stream
File Size	3.62 KB
MD5	a532b719f6bdfdd0e533b7f2cdcf2ed4
SHA1	35f85d701c36b2f74deec7d5001ab201406f7d4b
SHA256	1243c1ee6894985e908cbb64da5fc4ac76085ead47307f3b02bc61623f69e925
SSDeep	96:7ncJBe1sP8jv/3WvJ2XEEoOuOqD3MTy7NiQQEFjE:7n6BeKP8b3WvJMEhO3eMTy7kQfFjE

C:\\Windows10Upgrade\resources\ux\logo.png.ch4x0

Dropped File

Stream

Unknown

»

Also Known As	C:\\Windows10Upgrade\resources\ux\logo.png (Modified File)
Mime Type	application/octet-stream
File Size	2.58 KB
MD5	f7691f36aca669caa2ebea7e8fc87265
SHA1	06da03f5b68fe9cc625dd36babb8ec5a76095a35
SHA256	eb7224bd62719248439b2f0f22de48a9376c97b9f9de048c6a00a364b6c2a697
SSDeep	48:8mmrqJpTsj+ObDS4L2WcLbaEjFZDJkAO8RF7LbgSOE0wm4RIn/Id:ZpJp4j7DL2t2EjdkJ8vg/Z3wd

C:\\Windows10Upgrade\resources\ux\EULA\EULA_ar-sa.htm.ch4x0

Dropped File

Text

Unknown

»

Also Known As	C:\\Windows10Upgrade\resources\ux\EULA\EULA_ar-sa.htm (Modified File)
Mime Type	text/html
File Size	107.88 KB
MD5	139825bc35eebe5e2223bad9ec360704
SHA1	141819617d8de2533642875efa33aecc4fa093e5
SHA256	9903a8f64037dff87e412e9373890a8b55f33d86552a25f048cd48e2adb17008
SSDeep	3072:pvsWRvefgZ84JzMaw5JSJ2mt1k+UXtrHygyRc:pt6g2CzMZ5YZvk+UhJ

C:\\Windows10Upgrade\resources\ux\EULA\EULA_bg-bg.htm.ch4x0

Dropped File

Text

Unknown

»

Also Known As	C:\\Windows10Upgrade\resources\ux\EULA\EULA_bg-bg.htm (Modified File)
Mime Type	text/html
File Size	247.54 KB
MD5	e4b374aef61fc8a3c122399bcc3da8bd
SHA1	f93efae80f8a7ebfbc329af5cce8c7be6b91f612
SHA256	e829b1738794842346cda8c845b887cd78928b4ce542fa0cefaa68db0a0ebe42
SSDeep	6144:w1L5siXtCeuSfQpNNVvc4MNFua4C0cWa8VvFeDFQ+O8ENR4SR7MP+mZ+krgAh0nI:w5yiX484bN/KFu/C0lYDtUL4C7MP+hkX

C:\\Windows10Upgrade\resources\ux\EULA\EULA_cs-cz.htm.ch4x0

Dropped File

Text

Unknown

»

Also Known As	C:\\Windows10Upgrade\resources\ux\EULA\EULA_cs-cz.htm (Modified File)
Mime Type	text/html
File Size	81.40 KB
MD5	c0a13df41d399686b19777585f9117e4
SHA1	ded1c267026ec968c7d15be75c2509629a18986e
SHA256	f1ed692defbe0e8b46788d3571c23565c14ff0627273752cf41e3e71a56dc3a7
SSDeep	1536:BaITjbldPUp+914NmRJG+LjAQl4xagp8FJHE3CDPV7nyCJoFATKGhYNK:AaX1pLEBEgp8XkyDdIFAOGyI

C:\\Windows10Upgrade\resources\ux\EULA\EULA_da-dk.htm.ch4x0

Dropped File

Text

Unknown

»

Also Known As	C:\\Windows10Upgrade\resources\ux\EULA\EULA_da-dk.htm (Modified File)
Mime Type	text/html
File Size	63.68 KB
MD5	3b76d8bbc0f6cb992bd77391aff8669e
SHA1	6272fd935c5c245c67ac4fa5f499cc8c19ca1846
SHA256	ba9228b4e0c605e153b163a2ba1a78e7fe857102c663b7993b61220557091b75
SSDeep	1536:N6DSoO+MhQF7eHvPZWICpYQyG+/ElmG0OdmHI/Kxwd+zErJy:NDpaF7ePqp+BG0OdmHIpde

C:\\Windows10Upgrade\resources\ux\EULA\EULA_de-de.htm.ch4x0

Dropped File

Text

Unknown

»

Also Known As	C:\\Windows10Upgrade\resources\ux\EULA\EULA_de-de.htm (Modified File)
Mime Type	text/html
File Size	68.83 KB
MD5	eec016a6e3540c8a1b76857fd79903dd
SHA1	788ec567e9c5e89b7c6108c80b9bbcc36dbd4287
SHA256	08c5079e3304012d2522e8492dbe774bff3c1506e303b42ab03492f8ba636493
SSDeep	1536:VBPLovqB/lSYeX/gRDq2gqQNYn5Chb2CItrZ/hGEYsXXSkUQFmJfrPPC:VBPLovqB/lZevgRDqN5e5MaTtlhGEYWB

C:\\Windows10Upgrade\resources\ux\EULA\EULA_el-gr.htm.ch4x0

Dropped File

Text

Unknown

»

Also Known As	C:\\Windows10Upgrade\resources\ux\EULA\EULA_el-gr.htm (Modified File)
Mime Type	text/html
File Size	233.87 KB
MD5	daa085a24a1ba8be166a9967fc3f7436
SHA1	aba2bdcd4f54701069beb72853964a91a69842b8
SHA256	e2ca1fea3f6d1f9b9d088f6c4336861dd94a73c9cf861ff7793de358254b87e8
SSDeep	6144:zo4WlW0M3Luw3kaRqvEi0EtSuYsBVDzfu:s4yMb5UJ1/Vu

C:\\Windows10Upgrade\resources\ux\EULA\EULA_en-gb.htm.ch4x0

Dropped File

Text

Unknown

»

Also Known As	C:\\Windows10Upgrade\resources\ux\EULA\EULA_en-gb.htm (Modified File) C:\\Windows10Upgrade\resources\ux\EULA\EULA_en-us.htm.ch4x0 (Dropped File) C:\\Windows10Upgrade\resources\ux\EULA\EULA_en-us.htm (Modified File)
Mime Type	text/html
File Size	57.21 KB
MD5	86b9c22c277b635b2ece711f48da4b02
SHA1	b9ab2774df0c5b42be6ef87924b11c3a0e05cb4f
SHA256	3dfedf8f5d760a11109837d473959e08a96d88338425446e331a970784304de2
SSDeep	1536:kdFBzBm8XhflPUJ3z7NHS6WKtosZrTmR+Mv:E3h6tE/2rTmRf

C:\\Windows10Upgrade\resources\ux\EULA\EULA_es-es.htm.ch4x0

Dropped File

Text

Unknown

»

Also Known As	C:\\Windows10Upgrade\resources\ux\EULA\EULA_es-es.htm (Modified File) C:\\Windows10Upgrade\resources\ux\EULA\EULA_es-mx.htm.ch4x0 (Dropped File) C:\\Windows10Upgrade\resources\ux\EULA\EULA_es-mx.htm (Modified File)
Mime Type	text/html
File Size	68.21 KB
MD5	8ee0abfbca327d83e39230b32d2b0458
SHA1	a99dd7910387ebbb19f8b1edce0475fd98a7f3cf
SHA256	7477fba91a21e695c2fab5e064af76eedafc77980600c96fae7e6c37d2a83b79
SSDeep	1536:5PJBZPETf6TA/yWZ41E+Nb5XT8pFmDm5kn01t7RtWQvOODBirGm:XBRETf6TsZOP5Tbm5A0rWi6Gm

C:\\Windows10Upgrade\resources\ux\EULA\EULA_et-ee.htm.ch4x0

Dropped File

Text

Unknown

»

Also Known As	C:\\Windows10Upgrade\resources\ux\EULA\EULA_et-ee.htm (Modified File)
Mime Type	text/html
File Size	61.65 KB
MD5	c142116e191f6893a5380459abf7e67a
SHA1	a6fb658f653d047670773cc1fb07458657557721
SHA256	46a60449f4fb93e9c9747ae113e1e2b37bac68df5526d767f275bba56f2e22f1
SSDeep	1536:5/w2oUT4+cuvcWkAz6jQ7YEfiz8cYxzMDrwxtvXGS:BNoquMWTsMXC7

C:\\Windows10Upgrade\resources\ux\EULA\EULA_fi-fi.htm.ch4x0

Dropped File

Text

Unknown

»

Also Known As	C:\\Windows10Upgrade\resources\ux\EULA\EULA_fi-fi.htm (Modified File)
Mime Type	text/html
File Size	69.12 KB
MD5	b58c7af2cbfdbce90c7da168c8a445b6
SHA1	1747f0625fe9afe34ba9eda58860a97dcaf61376
SHA256	197e4496b770cb4aa46ef8e53ffd669026a35a90fe9501b5c79bfe7a3339c11c
SSDeep	1536:y5HZWUYWDWzcyHUD4u944MuoKxCujQWtQ8BGfYGaMMM35VfAFwWFOPMfshjNF:aHXYWDWz/HHuW45T/jQWrGxaMM6bNOSt

C:\\Windows10Upgrade\resources\ux\EULA\EULA_fr-ca.htm.ch4x0

Dropped File

Text

Unknown

»

Also Known As	C:\\Windows10Upgrade\resources\ux\EULA\EULA_fr-ca.htm (Modified File) C:\\Windows10Upgrade\resources\ux\EULA\EULA_fr-fr.htm.ch4x0 (Dropped File) C:\\Windows10Upgrade\resources\ux\EULA\EULA_fr-fr.htm (Modified File)
Mime Type	text/html
File Size	67.79 KB
MD5	2a0ceab2217309d35c7e1e6e4a6f72db
SHA1	1d060c7a6af1092106d8f4ed8be16ba6e1d47e2b
SHA256	f199c12447ec5922e340eaff279871378e1eedaab6f9d23c5de5f19020c8c4bb
SSDeep	1536:Zf8nKDVrqyE3M1dG2YZP20/MQ/Vy728+9Fut:B8KDVdEWG250T/Vy7Kut

C:\\Windows10Upgrade\resources\ux\EULA\EULA_he-il.htm.ch4x0

Dropped File

Text

Unknown

»

Also Known As	C:\\Windows10Upgrade\resources\ux\EULA\EULA_he-il.htm (Modified File)
Mime Type	text/html
File Size	844.41 KB
MD5	e47b9b95e27b47317b7df3735aefc761
SHA1	3b76261ba3e4e8cd187f1de011073c8cc23be672
SHA256	6c79e9bdd4ea0876ac98bf89f133563e5e0df49c19cba6c7e67d14f2a9446461
SSDeep	24576:Lr/4olEIqcVpX1gOUEm/610QAIU0fTwLPT6e12N7ScG9JSqDDL/WnR:Lr9+cBUEm/6101eYKCSqDPWnR

C:\\Windows10Upgrade\resources\ux\EULA\EULA_hr-hr.htm.ch4x0

Dropped File

Text

Unknown

»

Also Known As	C:\\Windows10Upgrade\resources\ux\EULA\EULA_hr-hr.htm (Modified File)
Mime Type	text/html
File Size	63.38 KB
MD5	99399e6e84fcc535b72d2e5d51c95220
SHA1	2e27b6668c8dc9db573c8d65940a58d62860b2d3
SHA256	29b6c780d51c34102036109e6d281c2f71517c09b3a36e64992683a456526907
SSDeep	1536:2Mw396O1V1pclDmkSBF3NATcJCqNZ/Gm82HS7khhm/f:2M2TqQkSXAgJCq3/GmFaUo/f

C:\\Windows10Upgrade\resources\ux\EULA\EULA_hu-hu.htm.ch4x0

Dropped File

Text

Unknown

»

Also Known As	C:\\Windows10Upgrade\resources\ux\EULA\EULA_hu-hu.htm (Modified File)
Mime Type	text/html
File Size	82.62 KB
MD5	d27541151034a838438876f1acbd0e3c
SHA1	fd4314561ffacb8760094da11312a17fd558e42f
SHA256	f2f79b50992fb78b5ae755067e36bb9fbd2b0038999d1df72770175d5176b205
SSDeep	1536:lBP93va8NAQurKDQGA4N2Lfrlv68SpbpaP68Zh1DsVtAsbQ8:lPvhurKDQGZN23R6pyHha1bQ8

C:\\Windows10Upgrade\resources\ux\EULA\EULA_it-it.htm.ch4x0

Dropped File

Text

Unknown

»

Also Known As	C:\\Windows10Upgrade\resources\ux\EULA\EULA_it-it.htm (Modified File)
Mime Type	text/html
File Size	67.88 KB
MD5	f239424cd87ff99209591daab28c7da4
SHA1	8263a9c3900d6cf6dea9bc100c4049543cdf9161
SHA256	e9cbca2c0c40dbfe16b93ac478bd00afb629e8860e7ce7594f35bc09f44415df
SSDeep	1536:94i9m+cX9j31nZMfBD8vbZWykHhzEN294SwxWJOnJtCNx+veg:iCmrR3fMf2lWykHo25vOHCN+

C:\\Windows10Upgrade\resources\ux\EULA\EULA_ja-jp.htm.ch4x0

Dropped File

Text

Unknown

»

Also Known As	C:\\Windows10Upgrade\resources\ux\EULA\EULA_ja-jp.htm (Modified File)
Mime Type	text/html
File Size	205.35 KB
MD5	7162aa4ee958e0e155252fdb8bc48915
SHA1	4a8354a1920ebdb32b97f860b86afd9cf194f70f
SHA256	e896aa5657b868a4bf45d9654de6f28b35cdf3d4cc10d6a3fb44899eee0b2aec
SSDeep	6144:Jn07hUchQL2w0b12R13qyMSOLfDWLCbWxFvlRwyk5yS:J0VVhQa12R1aylAqLc8NwykF

C:\\Windows10Upgrade\resources\ux\EULA\EULA_ko-kr.htm.ch4x0

Dropped File

Text

Unknown

»

Also Known As	C:\\Windows10Upgrade\resources\ux\EULA\EULA_ko-kr.htm (Modified File)
Mime Type	text/html
File Size	619.26 KB
MD5	f025299354523edc9d8139ea355582ee
SHA1	435527cfad97c7900cc72828dbdb6592b2beb142
SHA256	dc63ca38366a2113a8a153da8b4912c1159610c0b324698f6330f95f148a1d1b
SSDeep	12288:6wCVwd/YbCWQN9yjFCLIO8dTXTY9+7aMfb0RH7+UQ8cSO:6wCGdQzo90FCLOT09YaMj07VDu

C:\\Windows10Upgrade\resources\ux\EULA\EULA_lt-lt.htm.ch4x0

Dropped File

Text

Unknown

»

Also Known As	C:\\Windows10Upgrade\resources\ux\EULA\EULA_lt-lt.htm (Modified File)
Mime Type	text/html
File Size	74.33 KB
MD5	ee64df0f4e22f5f01e2b8dc026b7a5a9
SHA1	cda5329e191f5e270de7093b735d42f3a52e5602
SHA256	92b0365d3d00b0a96e0e03791780677fbb7f9df04a06a4123f3ae4eed46c0e7f
SSDeep	1536:IP/yZ2eag7FxL5mkwDT3Oapx6eYAR6tIc5bsA+6/fJFawId+o0tL:IPxZS9mkM3OapxT56uc1sC/hnI6L

C:\\Windows10Upgrade\resources\ux\EULA\EULA_lv-lv.htm.ch4x0

Dropped File

Text

Unknown

»

Also Known As	C:\\Windows10Upgrade\resources\ux\EULA\EULA_lv-lv.htm (Modified File)
Mime Type	text/html
File Size	81.98 KB
MD5	09533fae0a4b8e0e3966e84b048ac4bb
SHA1	4889abb322f4ac58a0bdd563c2ae3b6fde241fa8
SHA256	3f3fb0a903f7fb33e053c17c7c0cdf8752fd2765218cf8bf5cbbae8115b52581
SSDeep	1536:IbRkW/UFWI00AsqUG1RzcH++YajF52YJCW1qjMQM4kYt74o/moQAY:IlkWWysfGm+r24LkW3mo3Y

desk.bat

Dropped File

Unknown

»

Mime Type	application/x-bat
File Size	704 bytes
MD5	f75fd3ea44c0022e1753ac797711f930
SHA1	6e71bc00fa7b8062ea547da705950c73a92788db
SHA256	e4872ff8700d90b1d721a9b30148d8a48510b5e63d25b5f0918024bd27ce7b22
SSDeep	12:bBzFyjRHrdo1yjRHrdFrgrhwtxDeyjRHWx7d11KV+EVTKaFnzHpomIbo2oCdnIL3:/kh5kkh59wExikhWxJ+9/tp92YCdn1u

des1

Dropped File

Image

Unknown

»

Also Known As	C:\Users\FD1HVy\AppData\Roaming\des1.jpg (Dropped File)
Mime Type	image/jpeg
File Size	424.23 KB
MD5	2cecdd72325a24a468ef66037dab094e
SHA1	db98144940916c64cd37815c427134d0194ef832
SHA256	8331afb29af322ab4a5a450f1067facac8b95bc4260eb7b102b224ed3c219d25
SSDeep	12288:zEPyZ65JnsKrYQc4UIa+ilbuAphvLB3vBP1QuY:FZ65KeYQrUjBrpRLB/B6uY

C:\\588bce7c90097ed212\watermark.bmp.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\588bce7c90097ed212\watermark.bmp (Modified File)
Mime Type	application/octet-stream
File Size	101.66 KB
MD5	0040ce28859b43ef93e0bd406c6c09b1
SHA1	32bf6971b10a58499112d31be197ce375ef9f3ad
SHA256	f4adff8871925ef47ac57d96f21856e08a6c486e532ce03571aadbaf0335408a
SSDeep	1536:aNxRAdBi2XchKIr3/C9EHW5ElI07Q792Dh2gQbBebXCtAdt1Q:QXUBArKX5ErQx3gQ1iXCiVQ

C:\\588bce7c90097ed212\1025\eula.rtf.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\588bce7c90097ed212\1025\eula.rtf (Modified File)
Mime Type	application/octet-stream
File Size	7.41 KB
MD5	fa5b2e727a580716486203b15f85aedf
SHA1	f8bcb2ee58b809f4baf78e5efab30785ad1c9959
SHA256	e479e864da6dca43520504efdef3175c31ef504aed9c61581d1445333cb23ca5
SSDeep	192:3y5MLMXyVUXuvhEdnxizkB4+lm8OLW8LAc1NMoD+xB2AY:3y5ML1VUXUhEIkB4+lZE/LlTMlEl

C:\\588bce7c90097ed212\1032\eula.rtf.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\588bce7c90097ed212\1032\eula.rtf (Modified File)
Mime Type	application/octet-stream
File Size	8.69 KB
MD5	f08d908ae7ae0f62a5ef23a80b4b375b
SHA1	851d5bd22b6405fdc22718bfdd57e66e8fa230fe
SHA256	91e20a1107cfdac5e3794dc6aa6ef9b4ee2f09270a074665a2843b58a62c4847
SSDeep	192:JoE7NMjkk9Vl1UDKOlobVq02OiQqptSGlT/t5EoZkCBEL/NiJyPllOW8dXnqn:JoyNMD9TOAPgpR7KYy12CllOtdXnqn

C:\\588bce7c90097ed212\1033\eula.rtf.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\588bce7c90097ed212\1033\eula.rtf (Modified File)
Mime Type	application/octet-stream
File Size	3.15 KB
MD5	68b1a0bf63b6b72830a56bc67ec73c93
SHA1	e7a11e45b200e431fba0fecf194eeceffc65f1b7
SHA256	c1c51cfac10faaf15763a0a4c4b6efd9e8a0604a8128a81f331436988748bab5
SSDeep	48:8ooGD5TXfq234YYpDdRMJAo/yYOyJiA9UKOg6RrFPLWrg4uMpRh:JoGDd1vyP+ypOlOgq9H6J

C:\\588bce7c90097ed212\1035\eula.rtf.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\588bce7c90097ed212\1035\eula.rtf (Modified File)
Mime Type	application/octet-stream
File Size	3.65 KB
MD5	4751195f44d1bc4306a82e7120e2affd
SHA1	7e9341df0a447dc358c8350a83975a0cffe3dadf
SHA256	dec7547339b01700cef97c4f178ec480d75e33627f8333ae3d34710f0311bffd
SSDeep	96:JoGDHGXui3UnsXvXFgDumz23wEzWjjK/rQJJ:JoIuUnsvbE23ByjMQ7

C:\\588bce7c90097ed212\1036\eula.rtf.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\588bce7c90097ed212\1036\eula.rtf (Modified File)
Mime Type	application/octet-stream
File Size	3.48 KB
MD5	bc9c3d3bd8acf0ba255ab0a741800576
SHA1	3702bf4bebe956269fe2bbdadda124fde2eeed05
SHA256	ba9c4fea1bca1e4f9a8d1d78d5dac89739f773b0fee4958ab76f025cbc44366f
SSDeep	96:JoGDwNjH2eV8tnlnr9KUszzRkyHtJdrYAfg9cTY+Ev:JohHB+nxrmR7YAfgo8

C:\\588bce7c90097ed212\1040\eula.rtf.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\588bce7c90097ed212\1040\eula.rtf (Modified File)
Mime Type	application/octet-stream
File Size	3.58 KB
MD5	c83921cc89a1add57035abcafaefa1b5
SHA1	70c32f22ed6175ff1042fdebac6ac756df41d085
SHA256	b80da70d41419cd31f1d935f8d90d6bc13d299aaab37cd0f7fcfc26bee035071
SSDeep	96:3TykQs5M8Re9979XtvpmRF3AGSfB84YOD:3mhP88n7TYECjOD

C:\\588bce7c90097ed212\1041\eula.rtf.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\588bce7c90097ed212\1041\eula.rtf (Modified File)
Mime Type	application/octet-stream
File Size	9.91 KB
MD5	ab5a9b178ce68863ef027740b3153c2f
SHA1	f8c70a477133be3bd78bbcd26b7d11556ae6fd61
SHA256	f9062b1f997afb0037af0410a29559746a70538656be5051ebe9fc9846b43e2c
SSDeep	192:3VtbAoWfGOPcoe+8xHTzTRMC5Owuot8/ZzAvQRmz9wXj5KAqHS/bmOUL:3b8Lx4zFH5OwXuzAvQRmKXcAqyDmOW

C:\\588bce7c90097ed212\1043\eula.rtf.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\588bce7c90097ed212\1043\eula.rtf (Modified File)
Mime Type	application/octet-stream
File Size	3.49 KB
MD5	069e517fe298dd2b3462b9b725a77d09
SHA1	f3533b90446ff59cf88cd6e312a000fde713e47b
SHA256	5803ae096a7b130d5b9cf7023917e938abe043bf98f3309112f4f9bc55789af9
SSDeep	96:3k6S70K+mIDdkyo7M1cnAvjYj9OAD6cSJFr9:3k6SFCdR51GAL09ZXAr9

C:\\588bce7c90097ed212\2052\eula.rtf.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\588bce7c90097ed212\2052\eula.rtf (Modified File)
Mime Type	application/octet-stream
File Size	5.73 KB
MD5	55b9232081af24c656bb8cd739feb592
SHA1	2bb9bb4eee0cb295d97f98ebf155e02755d790da
SHA256	ea3507d05714d8be06c190bd4dce335eb7c15dfe4cdba9e0ff9efa547660f21b
SSDeep	96:JoGDSDWTgrJTrfcK74zDJGZ3tb4DCxk5leMDV99Mo6rRBM5E+jochFS:JojyUZ4zsZ3taCUbP9MLriphFS

C:\\588bce7c90097ed212\1028\eula.rtf.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\588bce7c90097ed212\1028\eula.rtf (Modified File) C:\\588bce7c90097ed212\3076\eula.rtf.ch4x0 (Dropped File) C:\\588bce7c90097ed212\3076\eula.rtf (Modified File)
Mime Type	application/octet-stream
File Size	6.19 KB
MD5	b242b5737382ea92cb6c1ba1f5f6f452
SHA1	8099373efedcbbc66cdd47896223f72a8d2da998
SHA256	efc8227742facf76d6a720c85ef4e7cd418a67255474803c0663ed872e6ff3c7
SSDeep	192:JoCG4MFgudnj+JQ0sBOa7cEZn7toublZWX5bqGmw:Jov4Rudafbyci7Sus2Gmw

C:\\Users\FD1HVy\Desktop\0C2E42di.m4a.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Desktop\0C2E42di.m4a (Modified File)
Mime Type	application/octet-stream
File Size	57.55 KB
MD5	3e2cea17f0c949b708edd985cf54079a
SHA1	0c826b325b9e30148d60eca0de3944708a5bcfe8
SHA256	4f1fd5b6934d7f64489e27013c095f18cf1894a46f2151f619c24d0125f8ff37
SSDeep	1536:vhKB5tSuzBq/xJKJdSrG9GUxtP8FrbdU+wAx:vhKB5dBqZcJdSr2nxNWrbdj

C:\\Users\FD1HVy\Desktop\1PA8b.gif.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Desktop\1PA8b.gif (Modified File)
Mime Type	application/octet-stream
File Size	8.43 KB
MD5	34249e727bad5bf804d09b0c50c3c7e9
SHA1	c4b4a20cc230a1e1f610be34b609e75a7ba0fc8a
SHA256	08fb98bcbc68ad2c8626eb9a78cd8318de6a86a55a395bfeaea330a253bf3b61
SSDeep	192:YFQXwx8jfQrj+9HY/6CuDsLIpt/zR4TIPf62pdumnXvY57o5:YFQDIO94/6fgLIpt/F+s6A5XvA7o5

C:\\Users\FD1HVy\Desktop\B81-uUv-lh3m3Bh.mp4.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Desktop\B81-uUv-lh3m3Bh.mp4 (Modified File)
Mime Type	application/octet-stream
File Size	37.96 KB
MD5	78463452591fcaf884cc60b39038ef11
SHA1	4fe5fd285fed2338175d71ac3adbd6e685c8c916
SHA256	49e3124849ffbd42f369d61f314b1630030dc151670b8571d8bd46f0bdd83056
SSDeep	768:PDl0jnOOsZjOq2OTmiHPYRSBkcjuUbc3pSzKfwTiXY0hQyveaf0R0WpGc93KyVtr:PDlmnOOSjOq2OTmQBA3IMf/h3F2593KS

C:\\Users\FD1HVy\Desktop\fjI57alJsr ZEYQ.jpg.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Desktop\fjI57alJsr ZEYQ.jpg (Modified File)
Mime Type	application/octet-stream
File Size	64.08 KB
MD5	f412948559f39b5a53d2f96ec2a07743
SHA1	0f70dc6d9c3b817e5ba7b1c17b12e7929f72a61d
SHA256	5c13514638224b2f261830df4d04a3eb52c1cc11509e5a584931a88afe8db2a3
SSDeep	1536:inIxtWnsP9aC2epDKycJ06vCFxxbxJaqqPDhOQEYsYaey:inIjtP9alepedCTFfuPDkQEYsV

C:\\Users\FD1HVy\Desktop\g35bORH9mFwe6v0wa.pptx.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Desktop\g35bORH9mFwe6v0wa.pptx (Modified File)
Mime Type	application/octet-stream
File Size	55.62 KB
MD5	8ecc5ae65d1ffa88efac7ba4c9b197ba
SHA1	882168de23db536a5ce28c72b748dc4ed6b46055
SHA256	a26762ea428c7a7af64a8fee3966254697936e936291735b544c26b6c1f73a95
SSDeep	1536:b13ocu/jkn3RS97JyWPPujXFOQC8EohRdM6HVJu2:x3ocu/YnkdycPujXFO7+e61Jl

C:\\Users\FD1HVy\Desktop\gbWireWsdXQG1kQ1bE.wav.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Desktop\gbWireWsdXQG1kQ1bE.wav (Modified File)
Mime Type	application/octet-stream
File Size	88.05 KB
MD5	fecc97535dab26837ea8f20d5007c0e2
SHA1	536ebd8ac2765828fbd9a182841fe5c21ac25c2e
SHA256	3fe180b35f902638b31c412b9660b884f39eefa97f9a4f325a7f611ede7bf75f
SSDeep	1536:CxVMaCDsvyreAbGX18DF6YHDVbk1zVJelP1XpNtlFAYLJ34Zbi:Cwa+eMGXkHDVIolPp7t4OJoi

C:\\Users\FD1HVy\Desktop\gf_Lu9Pd s7.xls.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Desktop\gf_Lu9Pd s7.xls (Modified File)
Mime Type	application/octet-stream
File Size	46.51 KB
MD5	d706f77f0fe28fe686ff951669343d88
SHA1	27e1d207982f471be4abdc38279b584b99d63b1e
SHA256	edd47c1b687342984dc4af9d376af25c8c6f32eb2c4177279ee4412061ab3910
SSDeep	768:Ey3KKJNjR1KanJQzondTK0FHcXtsrPjnqKbb2x51r0aJMFwHiVf9cnivnCFK4:SKfKaJkAlFWtsTjqZcPbvc6n14

C:\\Users\FD1HVy\Desktop\H11vUJLE.docx.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Desktop\H11vUJLE.docx (Modified File)
Mime Type	application/octet-stream
File Size	11.66 KB
MD5	0a2c6450deac57a766e19e4db9e85e1f
SHA1	81ea31801e12b223b5fa96cfdfae16deae1e44be
SHA256	a412236cd2432688667cc9110e8c1e8ae9831c0f87a32342d0baaefa88edcb24
SSDeep	192:adYwcd6uR+MMi1n9mBUPxRKpXzsuX56uK2DWEUrlOQ5aJyOipTDaQyleP2Br3s5B:adYZ6uR+m9tPx1u5KYWDrlOQiyxRDpyg

C:\\Users\FD1HVy\Desktop\inYQu-0cAlcHEAqZlcdw.flv.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Desktop\inYQu-0cAlcHEAqZlcdw.flv (Modified File)
Mime Type	application/octet-stream
File Size	93.57 KB
MD5	60684dbbf4d737641e5424a5da281250
SHA1	9baf59b21ad9c5691d70229e7539c4ac9ab716e0
SHA256	87fa07f572c3a7866a02fe08a1cd0699d9ca7a55cd38590f2234514722454d6b
SSDeep	1536:YYKUgYscWoTt12WYgPXbilYyXx7C++1I1wRDjNnzAXR8IoN0vyclq8imMkDoyEBE:oUAe17YEXmxx7Cxx9jNzGoO6vdFAwh8

C:\\Users\FD1HVy\Desktop\iu8kVqZD1q0_iC6.avi.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Desktop\iu8kVqZD1q0_iC6.avi (Modified File)
Mime Type	application/octet-stream
File Size	89.37 KB
MD5	ad0f639d1d2248fe29b3b3665b458195
SHA1	e8d630dbaa380f589268da54359a0f331cf9185b
SHA256	cfa7e2751050911560f3aff7ffc86df1726f66420555835b9b01fdc28d0547ec
SSDeep	1536:SauDyc+n3cj0Knp/CwaA3cRv1URTL2LGsz+p/Ga33czRye3LnvMLKv6:rMPZtCwaAsR9MWLEpb3MbjMj

C:\\Users\FD1HVy\Desktop\oeT5FQAvjHLK9SixiTC.mp3.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Desktop\oeT5FQAvjHLK9SixiTC.mp3 (Modified File)
Mime Type	application/octet-stream
File Size	44.16 KB
MD5	e8a1fd5b8181bab2dd92d35c5fb4eb57
SHA1	b16637e4f6d5c0cd50406a0c4450f70997604256
SHA256	f1b5512016831a7bea0a702fb15e8ac3965a45ff097bdfeb6c57568b2011a62c
SSDeep	768:AYA7nnrB9mH2iXa0HusPBG82JppB/9EV8xdvoG32IyK4OZuctmkeqOVdNW:Av7rYT75PmJpHL3n32IKOZu1q+d0

C:\\Users\FD1HVy\Desktop\OWDi.png.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Desktop\OWDi.png (Modified File)
Mime Type	application/octet-stream
File Size	46.85 KB
MD5	f7eb9e832674add43eeae01f7c0e9791
SHA1	373c17c051117f6baa91c9cac8a16d7a4daf2fe0
SHA256	4dfb4dea041f7386fca415e495973a9eed9367114e4aa4dcefdd23208dfe2ce4
SSDeep	768:mZ3TNgwS5ZiJMMFUnhTVMPvfSLUAhtmbJ1xoXHuHb6osuDqImOl9BjtDdlq3m02E:m1NgtnIMMFUnhTVMPXSAxuX6II9Fjt5g

C:\\Users\FD1HVy\Desktop\stF6lD9NYvzZ7bhDBvft.m4a.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Desktop\stF6lD9NYvzZ7bhDBvft.m4a (Modified File)
Mime Type	application/octet-stream
File Size	24.02 KB
MD5	0618649f697ba2ddb0bfaaa3b177a5ac
SHA1	4634b609d96a970b0d320b5c0991c27afdf6f0e2
SHA256	30779e543d8d903e12ea8096aa1766928fb2a8cf0500537e86962a22522f7584
SSDeep	768:vevHftWRxUjQe7uxMUT8mKunIj3KK0274O:ve3tWRxf0aMUT8m9RK0M4O

C:\\Users\FD1HVy\Desktop\tK5XUlBJIo8f3HbA-Qv.avi.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Desktop\tK5XUlBJIo8f3HbA-Qv.avi (Modified File)
Mime Type	application/octet-stream
File Size	74.24 KB
MD5	ba1e57b196f6b218c07309441f8a2ae3
SHA1	d3d4b7e105748d68ff7b64aeca931e80502b69b5
SHA256	edc7c3999e4d0d563e1875508de49866be87fce8b66b700c09a410c94ef9be7e
SSDeep	1536:4KwRVDCQxXgCqTYlhUH5PdaZ3AY34+gfBbkCpwANPOz:fqDBYMhCO5o+EQCpwAC

C:\\Users\FD1HVy\Desktop\W2q3Ml7wsjvdhC.wav.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Desktop\W2q3Ml7wsjvdhC.wav (Modified File)
Mime Type	application/octet-stream
File Size	45.91 KB
MD5	ab1b0e05bd4e88b0266999abb9db1ac0
SHA1	c392dc7a1ec22ff2839bf5212c93a4e661a15e7a
SHA256	8c2ef23de575b6df960855fd739107202397e793f74b86b8f3444d73b27b2573
SSDeep	768:Ls2PTB1r1+osZ2aLDOwqLIG31LmhPLL5z+ASg0uXzPr5jUMDWZdv4Z7ItglOdY:Ls2PT71OlL9w1LEjLZBSg0uXzPr5UtiX

C:\\Users\FD1HVy\Desktop\WlGQ1Su-99HMmFRs.pptx.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Desktop\WlGQ1Su-99HMmFRs.pptx (Modified File)
Mime Type	application/octet-stream
File Size	81.93 KB
MD5	e163a3aebf0b7edc92fddd7e706869d8
SHA1	055e3d3b6bf05a8617b0f61b067a593de2f8d4d7
SHA256	98709df9d8ee644b54c2b785cd1fec87a1dfc5795e2812384c42fcea9f314915
SSDeep	1536:iwhofC0xm9vH5l8Ad3TUlKqwmgCnJzsY7uTVwgwNbc6Apg4OUG:iwhoqSmTT/mPZEwgyApg4OUG

C:\\Users\FD1HVy\Desktop\YCa9.xls.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Desktop\YCa9.xls (Modified File)
Mime Type	application/octet-stream
File Size	18.62 KB
MD5	c6ae1373fcabe525ab8ded33f5c8530a
SHA1	e49008ccc9ab37e597b9f0205549a3af3ad5c122
SHA256	9c89f54257c2b5976668b18527e5cc5aac27c2121e143daf2f681a3d5212e8b8
SSDeep	384:Lqh7ri27eIizxypHhX8T10jzo1jQ9hoLm6hbs5YoHTksn28CrIUxwHzCt:Lqh7riSsyBsTEzo1UroSEbsajaCr7wHA

C:\\Users\FD1HVy\Desktop\ZjLFdEqQ jNZ.ppt.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Desktop\ZjLFdEqQ jNZ.ppt (Modified File)
Mime Type	application/octet-stream
File Size	53.44 KB
MD5	80d2613b14735eccf1d5b6fe44322bb3
SHA1	2b7a7ce9eae8229edba982d802203059f449c183
SHA256	b38ca69d76ae8e6f3d7b0120ca513bf9117a0c7a7e06128244c410505cebb778
SSDeep	1536:uP+eNL5iy05Or5TlFlWxisD6bZDJIqzP5oG4R:uP+sMywOr5FWj67pzPW

C:\\Users\FD1HVy\Desktop\6yNY_ug\23OjMM-UDhK0.docx.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Desktop\6yNY_ug\23OjMM-UDhK0.docx (Modified File)
Mime Type	application/octet-stream
File Size	15.85 KB
MD5	278cdfd4c1ee18976eea8ec4ef1637a8
SHA1	82c05b4e2ce2fabfc316c7414292780509e14437
SHA256	4da2948d005deed509acadb3db631c0362d588571ea0ec582dc33be374414566
SSDeep	384:pEHCNSi9BZD8HUuCb5hGVvxqEfqPCPINYWxk6w:2I1dQUu05g5fCCPCk6w

C:\\Users\FD1HVy\Desktop\6yNY_ug\6ZwVHXD9.avi.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Desktop\6yNY_ug\6ZwVHXD9.avi (Modified File)
Mime Type	application/octet-stream
File Size	91.99 KB
MD5	0ecc3a508237fe7cdf6e162832c584fa
SHA1	2224c7a91f662310ae533c3f7e027e39c9e030c4
SHA256	b6defd2f57c18a3d94a363bcd703eda352373ccbd9f86e4974c3ad97637eb24f
SSDeep	1536:9MMsvXMsGnxjIFQlgFle5Wzsvl4Xm848R7wVJRdIwjMlry8gvhgUCegfWCc7cgFr:yMaXLMxjIFQiFg5mglCx5R7wV3dtjMIJ

C:\\Users\FD1HVy\Desktop\6yNY_ug\J-66.wav.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Desktop\6yNY_ug\J-66.wav (Modified File)
Mime Type	application/octet-stream
File Size	24.76 KB
MD5	c3bc257b7a784db1416473269644f743
SHA1	70353d526272d837a589ebe19f7665360a104053
SHA256	b04be3d3a8fd0929e1f6364a459b6691ee0be7d1faa65ce8f52555cfd817970d
SSDeep	768:AVxfphCugk5uir+RwPPUHHynCp5e9AKVjko:AVxRALk5uirSk1Cp5w1

C:\\Users\FD1HVy\Desktop\6yNY_ug\v6C9yQsvKzpETmC3_uL.bmp.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Desktop\6yNY_ug\v6C9yQsvKzpETmC3_uL.bmp (Modified File)
Mime Type	application/octet-stream
File Size	83.87 KB
MD5	365e8fadebf4db35f98b3bc6942377d6
SHA1	c9e7fa335da2d65df4026c14af9226f21bfa2ac0
SHA256	bb30ab9be13aef875c467cbad7055ce09744f5ca89b4f9058867a70490ae90fc
SSDeep	1536:1gUdXyZqfePhPirv9KHghw7aicNdX9t7gxWQ3S9FbAw5LHAY9oNpY/tKDqo7ykOv:1ldXyZqWpy/heVUdbe13o9J5L2NCFKDs

C:\\Users\FD1HVy\Desktop\6yNY_ug\ZD9OyIiK_HSNbXA.mp3.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Desktop\6yNY_ug\ZD9OyIiK_HSNbXA.mp3 (Modified File)
Mime Type	application/octet-stream
File Size	93.07 KB
MD5	dc93ab7da7c8c6df8367a4fedd63e9ab
SHA1	dacb607ca41a6b2dfc91f8273308c32ec892e397
SHA256	8495239fb48c5839aeb74cba1792d324f595bfbb384e1d6c77b496373b000c64
SSDeep	1536:e/JQFzOztbGkcK3GZBXzkpmxBKn1OYSxBgKlPuU/BVumWiw99paubx7ynHnsMVYp:e/JQFs53qzkpmO1OYSxCKlPugVumW9xb

C:\\Users\FD1HVy\Documents\0kGPmiyPtUY2n.pptx.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Documents\0kGPmiyPtUY2n.pptx (Modified File)
Mime Type	application/octet-stream
File Size	90.40 KB
MD5	5027aefd1bdfe6e03c287712d353037f
SHA1	868b9d4fc49b02180b542c9f64fb4af1e6f7377a
SHA256	c8f04fb7d29bc99a2e0aaa3a1717eff06fac8964174ceee0656b84aa16b589cb
SSDeep	1536:M8xrr01gJ23f2s4dHWiDKL/hrE1TdYLfFeZOHVMf+WGU8sJc1IApRB05TaGakvjo:M8xfw7vYbDY/hrE/YLEeMWWP8sJaIATv

C:\\Users\FD1HVy\Documents\5bIvFkOxcuwW.docx.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Documents\5bIvFkOxcuwW.docx (Modified File)
Mime Type	application/octet-stream
File Size	93.08 KB
MD5	b2542865d95a8850dffe478e96957ca9
SHA1	78b6ea4e50a5afb9a97d29d5603b9e02d300d9ab
SHA256	1060e1e9b362b4da2e715ce65561d771f35b2eb486808ea415c2419a9788e967
SSDeep	1536:/uS9fjQxMXqI/CFvBzaAHmYgeueryVZkM8XLvRUI5Tzvm6vMFvCQExFH:WS5KHapYgwryV+UI9vrrx9

C:\\Users\FD1HVy\Documents\CODii2haKeIIkzw89m.pptx.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Documents\CODii2haKeIIkzw89m.pptx (Modified File)
Mime Type	application/octet-stream
File Size	65.04 KB
MD5	9d2833f3e7b9f4476c831cdcfa10d60c
SHA1	cf140474b5628f11241b6cf96f4023a03650c148
SHA256	b496bd0161af7ab46e6b2e4c4ebe32d9e0951dc7f686fd2e151c3a3e490c9b57
SSDeep	1536:dIibGTZKlh5Nftg7t9RONiGJe3Xxi6NCq/w4MhCeZS1/esS2b2TrrK:kUlhvftsJs6S4M4HesD6S

C:\\Users\FD1HVy\Documents\Database1.accdb.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Documents\Database1.accdb (Modified File)
Mime Type	application/octet-stream
File Size	339.90 KB
MD5	ee9bc2609eedd161238912c87b1d7e8a
SHA1	63faf6140f740049a09e27ccbe99b6be5b3496f5
SHA256	cdb6741b0c063976d02e094d606e9830f9f18e87ee06b69e27233eb4b6e4c92d
SSDeep	6144:7LjucEvnD6g6fG57+prscunzVdSK0Ww3+Rl0DDClu8WZbGjX:7Lm/DUA7MAnBIK0v3RWu8WZbGjX

C:\\Users\FD1HVy\Documents\GqX0jqP-w9ZLy.docx.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Documents\GqX0jqP-w9ZLy.docx (Modified File)
Mime Type	application/octet-stream
File Size	78.37 KB
MD5	6d81e29c0a1f31156cd5feb0eb9f6ef9
SHA1	3e18e6b5c317e4fbb41703fb0ac3f6f570dec1b1
SHA256	f19d20966584e5dacc8329604b6fca68503fb754aa15ccbbac67c98c9f054759
SSDeep	1536:O4l/NyQp5JOf9PasrprfWNd+K2aDssGP+/zuQwqOzSZ8Y17esC:PNhp5JOlysVOSqnGPyz6qOzSZ8Y1C

C:\\Users\FD1HVy\Documents\htyVQh74c_fSRyTb9tWM.odp.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Documents\htyVQh74c_fSRyTb9tWM.odp (Modified File)
Mime Type	application/octet-stream
File Size	19.65 KB
MD5	7fed06de53d43b85975ed2c820d9dd5b
SHA1	74ee9523dbdbefb73c600575166ba063b8e2e1ee
SHA256	9322ca9abed2342f5e4086369e60aa4eabc168357254ce66ce77cc71b89445be
SSDeep	384:WwPCMLKT2N/MFN7wB9DjtlERFhoATn6MxqT+31kTbsAFCqvTPX:WwPCM0FCb7UFhoBpWy3sAFXTf

C:\\Users\FD1HVy\Documents\Y1PG2K.pptx.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Documents\Y1PG2K.pptx (Modified File)
Mime Type	application/octet-stream
File Size	33.12 KB
MD5	69cf12a4b210c33666088d13734d00fe
SHA1	46d6ad7c5ea29cc9da7e8ee58d34bb6967ea93b4
SHA256	29744df6b523535d4f64c72e71aae5fcd86b8cb7a499459139d154109ac11d76
SSDeep	768:pqhQSX6sa0PtLbWkcU88mOu88G/tr6ve+ADzwlmOVj9pRVL1U:pEXYetP/cU88088reXE3NXRVL1U

C:\\Users\FD1HVy\Documents\YvlL_pOaGso7Z.docx.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Documents\YvlL_pOaGso7Z.docx (Modified File)
Mime Type	application/octet-stream
File Size	51.80 KB
MD5	dc5a7dca5090fcab3bc8e8d7848c71af
SHA1	049b533856cc35f5c631f3db9003968107a6efc9
SHA256	d1c66f16e510a89209d6414daef44c16c414a6804c95d0cc6ce9c9b60a340d9c
SSDeep	1536:1X1jZ1bvCrE2Vd7lp9OiZrbmbyZLYp1kNNDTx:XZFvCr/d7lpMiZrbmb6YnkNFF

C:\\Users\FD1HVy\Documents\ZDiyWYvwlk.docx.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Documents\ZDiyWYvwlk.docx (Modified File)
Mime Type	application/octet-stream
File Size	47.96 KB
MD5	2213516f2dc3ff5bd203f02c6bb43ff3
SHA1	203993692348d65157453e994b62c762ecd58483
SHA256	c9915cbcddfd3d29727d2687dbb10419a09b2f460dc479ef0f42daa6f771a0d0
SSDeep	768:N2Czfn945iWbWcoP9NL5PeLTe2TMDgBc9i+qkE2UxfyRGKWm3vaD:sx9oP9NLpKOi+HE21GLm3u

C:\\Users\FD1HVy\Documents\2wUnbqg2S8\2rmqFSk3U.xlsx.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Documents\2wUnbqg2S8\2rmqFSk3U.xlsx (Modified File)
Mime Type	application/octet-stream
File Size	70.23 KB
MD5	b13151a7e07e640c715d383ed4ff2ede
SHA1	cc65466295b84cdb3a5498bb15fd79e4282ee1ca
SHA256	c8f8c50bb6004f6348f9ecd63a5c10509c6cfa0ac86a90aa0353ed0cf2f83b2e
SSDeep	1536:SWWKJLLZ3Jg8QQE0FdQECdLmfWhxTSpC3otEMz+rw3XE:ZLZJefSfwxTavkJ

C:\\Users\FD1HVy\Documents\q_iuFLA6D3NMerXQD2O\srT-feO3M0zE.odp.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Documents\q_iuFLA6D3NMerXQD2O\srT-feO3M0zE.odp (Modified File)
Mime Type	application/octet-stream
File Size	30.19 KB
MD5	40d0a795b67b24c505946ce148810a7c
SHA1	41932425d1f4cf6dbfec7a1cdcb07cf1bb1dc4fb
SHA256	9cb70da2ada123fc1e7e4358c147124bf825b6e63ba78e938c34b41231fad61b
SSDeep	768:rnqk7iCPs6RAbIZme+C4FqkQBRUgzMdK8SyV6MkGixHU:ek7iCU6KksC4vpdVSyYMkn5U

C:\\Users\FD1HVy\Documents\q_iuFLA6D3NMerXQD2O\x_i_p P6L0aRHnZlT-E.xlsx.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Documents\q_iuFLA6D3NMerXQD2O\x_i_p P6L0aRHnZlT-E.xlsx (Modified File)
Mime Type	application/octet-stream
File Size	92.29 KB
MD5	32189029bf8012a323b288c84656e1a2
SHA1	08a3439f3cc45a9d328ee36780265f50df8e1026
SHA256	8e8ba7073abead48a04d32b285eae019881345e77d8b70d2080845a7103adf14
SSDeep	1536:YTxO5UxxoNyHqWr6ieM07K+sLV+IWvtZGSPMYyyAoE9+Ht2vBX6KNaVoI8HOvTgn:YTzxrmcrsIsr5XE9+N2vs9pGM8OCx

C:\\Users\FD1HVy\Documents\q_iuFLA6D3NMerXQD2O\2_OtWxW85zHSDtq95tl\20yCu.ppt.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Documents\q_iuFLA6D3NMerXQD2O\2_OtWxW85zHSDtq95tl\20yCu.ppt (Modified File)
Mime Type	application/octet-stream
File Size	16.98 KB
MD5	35667b7ddd653c61659225dd6545bd5d
SHA1	cddd643bc0970f43ab6a89dddcdc60b89aa0e4cf
SHA256	e35daac9221ad6e4c89c96b68758ae5d065fb6428259f745ce911c0d2ea7d908
SSDeep	384:usObJPghQrUPEoCTLU9Rf4xC73C742g5LV4na9BBA2mqyOscI0iU3:ulFoyAstLU9Rfl3C72ua9BiYiU3

C:\\Users\FD1HVy\Documents\q_iuFLA6D3NMerXQD2O\2_OtWxW85zHSDtq95tl\5LG1QMrXAYbASh 7a.odt.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Documents\q_iuFLA6D3NMerXQD2O\2_OtWxW85zHSDtq95tl\5LG1QMrXAYbASh 7a.odt (Modified File)
Mime Type	application/octet-stream
File Size	55.12 KB
MD5	bf9d87659e37aecafbf319232c6a9b2b
SHA1	9dcab2cb3c13e9335dd7e70bb0872f0c18ee51a5
SHA256	5f9e367d45cc2937114e4c71b5ced8327089b320d7ee811fd23b7f69065ab912
SSDeep	1536:uhO6SqgstlNT0t6S05sOg16JybzqiJv4M+fKT6JqnZIY:uhoeRT0ty5QEJGXJ4X6nZZ

C:\\Users\FD1HVy\Documents\q_iuFLA6D3NMerXQD2O\2_OtWxW85zHSDtq95tl\nvlDCfIPznk.pptx.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Documents\q_iuFLA6D3NMerXQD2O\2_OtWxW85zHSDtq95tl\nvlDCfIPznk.pptx (Modified File)
Mime Type	application/octet-stream
File Size	46.69 KB
MD5	01f7e3c450ed7620abe3eba5f3a8c3a6
SHA1	a3d67b5210b054a3815fb5a68e380aed01b46ec9
SHA256	0cde61dcf90ed3de23da480b2dd506be3fc54f4060a4d4d6b5deb659e737d05f
SSDeep	768:osPg+15XPj6nu2ynioEOK4IErCfnOe9wVaZj+bCFuEjoAhUsL9R2XjInG+Pkp6Nw:oqgmb6vynioEOh2OOZj0iuEjTh1xMIGD

C:\\Users\FD1HVy\Documents\q_iuFLA6D3NMerXQD2O\75aoRo_JhUow\VjvWCC-7AET31cU.csv.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Documents\q_iuFLA6D3NMerXQD2O\75aoRo_JhUow\VjvWCC-7AET31cU.csv (Modified File)
Mime Type	application/octet-stream
File Size	5.85 KB
MD5	0490f7f1d6b3fa78db9d135b721b840b
SHA1	b2a0fbb55e560c8fc0861e4d545ba8a6ecc6276e
SHA256	e9449111143ac170dc2e22a490dd396a2e54ad2050b83c7d5760e2ab2c05d020
SSDeep	96:uZeW33rXQezwxOIioTc3yF/AvTQkCh5zqUJE7pJt6MY/ibJ9pAv+4EAaLTY:ut3zQe8tOskCh5zqUJE7pJttbVl4EAa4

C:\\Users\FD1HVy\Documents\q_iuFLA6D3NMerXQD2O\L980QzW9fizhEEr\6_Y0KF.docx.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Documents\q_iuFLA6D3NMerXQD2O\L980QzW9fizhEEr\6_Y0KF.docx (Modified File)
Mime Type	application/octet-stream
File Size	28.94 KB
MD5	f79520904eff6dc5b76db6064d1e6e17
SHA1	ba7cbbc6a7f6dade7094e477bd014e716e875e6e
SHA256	15f3966135660345bf590ef6fcdcd486232452dd389fc485793c91068c0f9bae
SSDeep	768:x2CrsHq65F2ip2+IinujMnbdUlW/GedRaXjfa/:x2CrIq6CijI0xsW/GSa6

C:\\Users\FD1HVy\Documents\q_iuFLA6D3NMerXQD2O\L980QzW9fizhEEr\gRVX_ApB33NCbmVv.xlsx.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Documents\q_iuFLA6D3NMerXQD2O\L980QzW9fizhEEr\gRVX_ApB33NCbmVv.xlsx (Modified File)
Mime Type	application/octet-stream
File Size	66.58 KB
MD5	810a8f8f759e7756c67e80d153685194
SHA1	7b9d8a435ee3da3cdc838ae69a928ead9452798a
SHA256	d5f2ecc13b2370e24a986a6d71a612dea362f893bdcdc9de58cae010c4db81a9
SSDeep	1536:gEl8fhBT3FYeS5NdjeIhXCV4w7uyChw1v+J49JtpkWKTJ:gEyffT2HFPQKy+wSTJ

C:\\Users\FD1HVy\Documents\q_iuFLA6D3NMerXQD2O\L980QzW9fizhEEr\ncPacmc.xls.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Documents\q_iuFLA6D3NMerXQD2O\L980QzW9fizhEEr\ncPacmc.xls (Modified File)
Mime Type	application/octet-stream
File Size	64.66 KB
MD5	8bfc21f1be6ce82ea0ce01ea859016d5
SHA1	5243543accab876e053d74e5328b6c802cedd25d
SHA256	be40ccae30b79df3a7db9739c102efeabc5127b12ac6949e5606849eba606575
SSDeep	1536:zZ1d2wy43mlQZOTkO8vhmgBWiq9QNPzhhBC/O:zR2jkO8JmgUYNPzvBP

C:\\Users\FD1HVy\Music\SM9yBDWGNbMhdP6oGru.mp3.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Music\SM9yBDWGNbMhdP6oGru.mp3 (Modified File)
Mime Type	application/octet-stream
File Size	25.35 KB
MD5	09323b908a3c26cfcd43e56562a50b39
SHA1	a8542ca78fd39d2554024c64da172fb95c0501a4
SHA256	831338fce7b5106011b64fe3be6dc3116c44ae615871c514b0e58b1bffacb20b
SSDeep	768:9FtjQhgqJuxyDglwqc8Olwu3TGbSLH21Fg1:h0hgKDgeV8OtKbSbGFg1

C:\\Users\FD1HVy\Music\bywZN LZbW\mMDF5WmTaGmY7hmJY4b.wav.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Music\bywZN LZbW\mMDF5WmTaGmY7hmJY4b.wav (Modified File)
Mime Type	application/octet-stream
File Size	77.48 KB
MD5	cdbf9dd23d3455f3dee4953454a58634
SHA1	2179f44301835997f7b282d353a8bc4be3e45ca8
SHA256	1c9a06099abf5fe11067c2aa0c7d989f94ceeeb7215b6b30d10024042fda10e6
SSDeep	1536:RpQYtf1ZrHHaDa/6qytx2U3t7UHyk1OHGZYBRMWzatUGlWJkxE:R1R1ZrH6AnytR3t2Om+CCGMJkxE

C:\\Users\FD1HVy\Music\bywZN LZbW\EodBRfGb4L7-hgf\_DMgPgPh37eH.mp3.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Music\bywZN LZbW\EodBRfGb4L7-hgf\_DMgPgPh37eH.mp3 (Modified File)
Mime Type	application/octet-stream
File Size	8.41 KB
MD5	43e2ef0e5d8e3f1496312a3609316b34
SHA1	753d9792497c4a13e5e07fdba3dc5fac121d8e11
SHA256	c536d4e50feb7f5539c81f4daed6cefd98476f79309e858906cd7a8ac61806b6
SSDeep	192:x/uZ5l3QnSiVtcAgTqWEy5eWBOd/ygNLc1bkTcmlcxgVECcpcfZ8o:xuZXQnSi2buWXOBxNYAflcxgffZ8o

C:\\Users\FD1HVy\Music\bywZN LZbW\F7gf-\5zSYmedrc7XyMOcpr.m4a.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Music\bywZN LZbW\F7gf-\5zSYmedrc7XyMOcpr.m4a (Modified File)
Mime Type	application/octet-stream
File Size	90.10 KB
MD5	311012e5b94a654030daa4ae19bec55f
SHA1	c76fe01e31cde66a8405d54a934462708b9b989d
SHA256	d188673af3e7643cb0f019ba2b7625cf1bfd50df3fc6e8388ebe86ca7764c9fa
SSDeep	1536:vQOAm9N2KQa/B/NvKhd5GtU1uhbjAspFlJM/D9KjqFSvkkrEL1yol:vya/BJKmUEAspF49KuF9krq1yU

C:\\Users\FD1HVy\Music\bywZN LZbW\F7gf-\A OmlmPwdvhry0F6ltzA.wav.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Music\bywZN LZbW\F7gf-\A OmlmPwdvhry0F6ltzA.wav (Modified File)
Mime Type	application/octet-stream
File Size	48.74 KB
MD5	9df5c85914ee28ea239b17e37342c667
SHA1	0280110954dbbd934be1657b79636e39f017ad51
SHA256	42cf235ae544ee52738911ff0cce8e06f1a500b7f3658d407a7d113b0d4adc1e
SSDeep	1536:m9NE9tXFgJ4SToELWu049MdzMcIUaaW1KZnWOCoBRo0Yg:m9atXanoErUAUYkVvRoG

C:\\Users\FD1HVy\Music\bywZN LZbW\F7gf-\soj_tpyWaDRHC0.wav.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Music\bywZN LZbW\F7gf-\soj_tpyWaDRHC0.wav (Modified File)
Mime Type	application/octet-stream
File Size	23.01 KB
MD5	e67bf5eaa481850189e72cf2d1c6f7a9
SHA1	e24445113cd721e68d1144ab32b705454144de08
SHA256	0ced31984b3498f18c02bedef922544d8dd0b4df0ebb87f1fa24c0f1bd9bb7ab
SSDeep	384:9LR6yv+vVHjYMGglFu+YCZXHt+nAKgVELxoGJSXdv1eogCIG8YApyD+nkIgvumh:+yQVHGgK+YCZXigyLxoGJSNv1zbIN8Dl

C:\\Users\FD1HVy\Music\bywZN LZbW\F7gf-\Zaf7bV2.m4a.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Music\bywZN LZbW\F7gf-\Zaf7bV2.m4a (Modified File)
Mime Type	application/octet-stream
File Size	65.24 KB
MD5	77e759eede5314b9a881e9cc2b5be93d
SHA1	414813d40e6667771ef26674d27cd4192941a0dd
SHA256	c2d6c28f9ea8a8aee83d39e66c0d50822beeaf85464be258761a39578e800da5
SSDeep	1536:vbaocaQNJyBUCCLjAfLFUBCK8lBqSM0ex7OZywUQtJWCeu8J:vbaoBNWwfLFVK8a30C7wUML8J

C:\\Users\FD1HVy\Music\bywZN LZbW\V26Q89\npO1Oq9YLVFj.wav.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Music\bywZN LZbW\V26Q89\npO1Oq9YLVFj.wav (Modified File)
Mime Type	application/octet-stream
File Size	28.77 KB
MD5	ad7e6935d7f214b51ffd76251fcc0a67
SHA1	fe49607d527170fe4620e1ab92e639be169c5edd
SHA256	da15ac67fb8ebd20c345c36e21af69f60c0f973b84d69adf16ade1d47ce53f30
SSDeep	768:7QYT3zFu0Z/+PIWtZSU1/0nGk46BJ9DbG4C0lU:zzzl+dTSa0n746f72

C:\\Users\FD1HVy\Music\bywZN LZbW\V26Q89\ZmZg-csHiiChtxw4ni.wav.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Music\bywZN LZbW\V26Q89\ZmZg-csHiiChtxw4ni.wav (Modified File)
Mime Type	application/octet-stream
File Size	37.91 KB
MD5	0441c5e10c322da9334500de786445a5
SHA1	3d381e272b6246507a1f0c1dc1187cacd13be7d6
SHA256	8c4648f19a71f734cb2ab5d11c6a4704ea42d4ba998968bab0aca47c5cc12f0d
SSDeep	768:vsiitDGoCo6Exi7RXjW3sR1TkNn6DsTxA7LtRzWX7T65n6b02aOgg:MGoN6v7RXjOsAN9kRzo7TuIeW

C:\\Users\FD1HVy\Music\bywZN LZbW\Zc8Y\7jr0lVxJU3WD\-aUxWsyPc_g54WIP.mp3.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Music\bywZN LZbW\Zc8Y\7jr0lVxJU3WD\-aUxWsyPc_g54WIP.mp3 (Modified File)
Mime Type	application/octet-stream
File Size	46.80 KB
MD5	3130ea79a022e38fecf0c299f1b6b0ef
SHA1	1ec51b3bd62ecc399b8789cb99610a7efa259c6a
SHA256	0b743625cbffb2c7486f8045f5bc54e2392c2ab1cc0ba33c520e64bc299094e9
SSDeep	768:kWw9DX25f5+r7ElBKZM3TGWHhSW2Umn6kPmeEr0IRVR0/UwVC2jbheqg+n84zvlD:8Dm5x+r7ElsEqAz2fnJeehq01lbnLitG

C:\\Users\FD1HVy\Music\bywZN LZbW\Zc8Y\7jr0lVxJU3WD\a1z_Jq7KA20p7GJnfy.wav.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Music\bywZN LZbW\Zc8Y\7jr0lVxJU3WD\a1z_Jq7KA20p7GJnfy.wav (Modified File)
Mime Type	application/octet-stream
File Size	18.48 KB
MD5	9e3e9c36a87528df3006ee89eaadfeb6
SHA1	01b6fc3e692e51892b594302e98d999d86364aa7
SHA256	7e2cccf693e09db3cfaad29b0712a47f48acfe42318b25ac81479b8647a7d623
SSDeep	384:wiTqUbYPYWuPwN9g2sUzoQPbzY4vueWgz3kkrrwnW9D8nRdO:12nw7y7zrbdgK3FkYEDO

C:\\Users\FD1HVy\Music\bywZN LZbW\Zc8Y\7jr0lVxJU3WD\mVawsZq\wRIRBd8T9SA7d.wav.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Music\bywZN LZbW\Zc8Y\7jr0lVxJU3WD\mVawsZq\wRIRBd8T9SA7d.wav (Modified File)
Mime Type	application/octet-stream
File Size	9.32 KB
MD5	e71c87f32ca48eef4ad672e3c9deb285
SHA1	a0bc81a30f7c33fa1474e553745fb8acc31183ed
SHA256	cb74021a4e0e5e350b22e05b410fffcfde9d5e41b3b96488f1590da6f61f98a4
SSDeep	192:H2oh/Ac4pW2hMgyec1qDWVPBQ6XKjoyWmpq7VmNsAEapxiMjizdS3pckscZEV:H2o54pW2S9ejAxKjZWmpqZmsAEapxiES

C:\\Users\FD1HVy\Music\bywZN LZbW\Zc8Y\7jr0lVxJU3WD\QII9BbbAu4ivCyz-M\iIzv6pooxHiWi1.wav.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Music\bywZN LZbW\Zc8Y\7jr0lVxJU3WD\QII9BbbAu4ivCyz-M\iIzv6pooxHiWi1.wav (Modified File)
Mime Type	application/octet-stream
File Size	7.60 KB
MD5	993d0ec884256ab7273d9cfce54d95d6
SHA1	7935946816a77807ceb3c933ae3bcc84fd0d99e7
SHA256	e9520f73313c8c62c63b8e040eabea28d003b6d336bc39e33dce1d0e0f636455
SSDeep	192:RDLydyj5cgLSvo2MTCuMnlk37vn7k3iHH2IsoF+OS6u0jzJQkwbvd:RDV51LtBCDqLvISHHzqsylrd

C:\\Users\FD1HVy\Pictures\AIX608y4xaWT xvuXZd.jpg.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Pictures\AIX608y4xaWT xvuXZd.jpg (Modified File)
Mime Type	application/octet-stream
File Size	64.93 KB
MD5	de3b1c530f1683eb6b475896fdf263a0
SHA1	d8c2e8c8a07c3f57f6b09c49a5466c7f906e5ee2
SHA256	352de95d58464af70810d76de1c67186d7c3c9ab35668f13859a54ce3d54762c
SSDeep	1536:DSJ+3MNEhfzImJKl7LFfL76wl7Czot7ErYqxoq3Hj:Dg+8NEhfE8Kl75fL5Czot7ErYqxoq3Hj

C:\\Users\FD1HVy\Pictures\aT1vItu3oznAjz2qR.gif.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Pictures\aT1vItu3oznAjz2qR.gif (Modified File)
Mime Type	application/octet-stream
File Size	22.91 KB
MD5	86fba3165d346bf4351a14444e7d8a06
SHA1	0dc1cafd17b5e62d94c9624087fe9f87f7189ece
SHA256	9af7630219271c5b25d84fdb5b0766b58a6692c6c95b4bd06981377d8ef0c946
SSDeep	384:EPmH3U2/dNCO3dVD28JJc98iyC1oi3DW+41oDu2BBSrvCYH7V:6mk2/dNCO3dRTJ+9nvodBVuMKI

C:\\Users\FD1HVy\Pictures\cUfmIVg7KhMJ8.png.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Pictures\cUfmIVg7KhMJ8.png (Modified File)
Mime Type	application/octet-stream
File Size	56.23 KB
MD5	516bdf3cec2762b5da05d9df2232d27b
SHA1	836b70f62f7c2645162b0fbb1107b7b0370dfb1a
SHA256	6bd76d038a4dd37b613549c7dcc1fb9ad2eb77a3150e354b6ff073b03004d439
SSDeep	1536:sjkL2u1zKLDlMYFTGHxQpyzHpndcKmUldC1yvbBOZns3sjOWH69:sjknJGDb1GWpeFOsdCMvbCs36Xe

C:\\Users\FD1HVy\Pictures\eH9X4EI0t71sz7Lt1y02.bmp.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Pictures\eH9X4EI0t71sz7Lt1y02.bmp (Modified File)
Mime Type	application/octet-stream
File Size	5.71 KB
MD5	b0eb57039c090354027de47eb83c24a0
SHA1	bfad98d2becedd7f6ce0cea1ccf8980d8bbc1502
SHA256	749ecda3baf24e2789451e5e24746febbf93fbf2c9fa551d1f88fbffa599a5ef
SSDeep	96:A2KPnlYPzHBJ63fRwnxs0he4F0fwtHmeV/LBRkNFKJ8B3C5FR0o2MZe16frBf299:A5noL63fRes4ew0ItDIsOSbWnIVfy8s

C:\\Users\FD1HVy\Pictures\EQ 2foN_4CEjuw3GIxWv.jpg.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Pictures\EQ 2foN_4CEjuw3GIxWv.jpg (Modified File)
Mime Type	application/octet-stream
File Size	35.51 KB
MD5	6ad38b1d192128686f82a64e8d604214
SHA1	f6150e0c6306ea0012902239291191b14da778cf
SHA256	05a636614a0cb822b564f98739b7b3a689fb28578c8eabd275fcc8db75dea83a
SSDeep	768:9fA3YX+ngsss7pndzzguWevtG+fwmvp3LJzopqMnOERsoeAIkYcsz4ebNA3UcHp3:987gsssndTlRvpVMnOLo6VconYr

C:\\Users\FD1HVy\Pictures\g0S TLTn4ioDU3rM.png.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Pictures\g0S TLTn4ioDU3rM.png (Modified File)
Mime Type	application/octet-stream
File Size	99.65 KB
MD5	40543c4a618e277a9707e000308df79f
SHA1	33ee3ed3fdd15878bb3deafe83c3eae6ec8b8d71
SHA256	a655d4d8db3511e85f509dadf3879212645d60129616580a6d2a1b0363c7b5c0
SSDeep	3072:vUQjQ7BOshfs00qLQ9PhIaSBg6dj/h+bQwPYcWM:vu8a9sZIaSgQWucj

C:\\Users\FD1HVy\Pictures\guqVybHpC7dhO P5ht.gif.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Pictures\guqVybHpC7dhO P5ht.gif (Modified File)
Mime Type	application/octet-stream
File Size	6.43 KB
MD5	b44de95c471e8250c20e7f92066d78fe
SHA1	0c5cc0257a46d6d1295dbec8fa2e870c1cf3d186
SHA256	07171740a3ad928b7dd4e862901145da007f5b4d60fa53acefba4f99e860acfa
SSDeep	192:Ewu1fkp+zj9jauAxEhZcYYoX0JK0JKmp+:Ewu1fkpyBjaVxEhZGoze+

C:\\Users\FD1HVy\Pictures\inEKci2.bmp.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Pictures\inEKci2.bmp (Modified File)
Mime Type	application/octet-stream
File Size	17.07 KB
MD5	3afb6566fd55d07693c86085bca8be38
SHA1	bef25ca4f3dc01c701c40f14eb08ac408120fd4d
SHA256	096ea29aec000d4de0aa9dc84507b7e8be7a4b776d7b5dd4952fe0baf33fb963
SSDeep	384:JdwhmM56oLz/YjCOyUSp1jb9A+X1K9Iz9XdmYZE6ETOlF/N/k4g22Gt:XYmM5H/Y+xUMxhAY1wiXoN3TOlF/hxBt

C:\\Users\FD1HVy\Pictures\JEf-cT3Bi_pogSn9op.png.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Pictures\JEf-cT3Bi_pogSn9op.png (Modified File)
Mime Type	application/octet-stream
File Size	40.60 KB
MD5	a7e2f997406bba302f11fd5a87aab602
SHA1	9b6c51d00f124f289f33b25e125794c4aa2f60e0
SHA256	cd0a18aa1c03b20c638db9303182916da03ba0871c99a4a514414824b9cabb06
SSDeep	768:b9WQgJB0MUKur+Y2hnY2j2+d0S3YsUgMojMG5/8PnXo+VEgAPItuRGrBJ7ZK:b6Jafb+Y2z28ITsM88P4+VTmItuR0JA

C:\\Users\FD1HVy\Pictures\JW9uOA2jroybFkWO.png.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Pictures\JW9uOA2jroybFkWO.png (Modified File)
Mime Type	application/octet-stream
File Size	77.63 KB
MD5	67f49c046aeb6e77ba5753f96325b010
SHA1	8235b83c9d5d82a2c46ae89148f7126830a795f1
SHA256	1cd4f06fa0cfd365e6cf8b7bb08ff4832dc138111e4fc98f9467d2501a68c643
SSDeep	1536:gJu2gVMYjoiM95AgtBwUdPLjheuPOhXXS7WnXGU8kxGIOWZ6gi8DJ:gJJsPjoicAwmgPQhXiQWU8DO6CJ

C:\\Users\FD1HVy\Pictures\Jy2cBjSX Zkiu.png.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Pictures\Jy2cBjSX Zkiu.png (Modified File)
Mime Type	application/octet-stream
File Size	87.21 KB
MD5	2a27615683efe46567e4c57bb19b2e74
SHA1	34d334395aabf756fa0bc4dd9eb787ad4ac99171
SHA256	a5091f90f93e1c0d01bf20d51103e3f1a604a1de1a5328f0baaa1925a8b1cadb
SSDeep	1536:HFmFk3PdhL6lMXqCfGp14G/LYzunIJuNUlAx12sZk+B/YaxZlxE8v9dTAVfsDlw:lmFk1clhCf+eoguKOj7S+CEZLE8v9y2a

C:\\Users\FD1HVy\Pictures\jZQDUGxCS.gif.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Pictures\jZQDUGxCS.gif (Modified File)
Mime Type	application/octet-stream
File Size	72.66 KB
MD5	640f0a4f54d5dccba56cd2c905cc21bf
SHA1	5f1453a92e5e6fdfd17121ecaa854fc82940a072
SHA256	b61c4934a40bb91f78288755be9fdc8d23a13f03b15195dc753828138d139ce3
SSDeep	1536:NCra5TbrHG8yCm5esvqQJtz2Nb8uLQXQLhYdyRBm0KU4yrAS00J:waoRJmLM4OoSq4OAs

C:\\Users\FD1HVy\Pictures\K-xAZUJFNk.png.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Pictures\K-xAZUJFNk.png (Modified File)
Mime Type	application/octet-stream
File Size	22.80 KB
MD5	7781dab6c0c9d60d3bc50799f57d3d53
SHA1	b5a58ea782f4c3d01776d0c4521c6e10a724095e
SHA256	ed74847dc57d99d79a437a8db30b1026797f791acc5895de9edbb7f37e7e7393
SSDeep	384:BYqytubJVZ7WLz6gTEVLaCMJoqrdQY8meO03RvWMldzRUPSDG4vDFAmxI0HX+ZUV:q3+tWLz6gTElaCM+JYRP0BO6dzRUUzFd

C:\\Users\FD1HVy\Pictures\mmqZlST4k7MA-8Ff-.jpg.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Pictures\mmqZlST4k7MA-8Ff-.jpg (Modified File)
Mime Type	application/octet-stream
File Size	4.87 KB
MD5	0650e54f17bcb435f4b15faa84e2be80
SHA1	2193326bcb34f36f13c8b2dd76e789206b7a17a5
SHA256	92938eab41c97756a197a43d43190bf41c6c1e82d5e0415bb3d535591798e149
SSDeep	96:S5As4DgfJENiy83jGfFrIrORTFcD0VUqZpCQxaQlR++T7EIo:SUDQEYJzM5IrORTFc8d9xaYRTT7No

C:\\Users\FD1HVy\Pictures\N1ihTDM.png.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Pictures\N1ihTDM.png (Modified File)
Mime Type	application/octet-stream
File Size	46.96 KB
MD5	fe81fc475bf8b835bca6699dca8923a1
SHA1	a1b0551f1ecd35f8b6a85edfdd4e10ff51bc76c1
SHA256	21011f04ec014ac2867d481bcdc0f8916575ce3a1a1f0af909293d9a867c555d
SSDeep	768:Bph42AGfHrnDZZpymROxbGGw0u3RXzfTu5JXjm3Z/9K4zTQYDi0RD9zEqzH8vzF1:BpGzGfHz16mAFLwtTS5h2/9K4zDDiazi

C:\\Users\FD1HVy\Pictures\n2uEDbz0P9Q7Gj.gif.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Pictures\n2uEDbz0P9Q7Gj.gif (Modified File)
Mime Type	application/octet-stream
File Size	42.30 KB
MD5	642c942d1d101e1402754e13d77fb018
SHA1	ec27905e37f5ca900bf28ed4b0142ab7aa3d7cd8
SHA256	1bc6f75610acf76a5dd4db3aba8e717b3e0feb717b82de96efe922d9d5dba90a
SSDeep	768:u5HxzZZNO96PhtYSvPskXZFWb6QvpmlHN+CXTeGvbDyovorIqwTpsAiqONuuWbJM:u5HxzZZlNXXU6Gut+at2a6xqONuuW5E

C:\\Users\FD1HVy\Pictures\sowqP0pG.bmp.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Pictures\sowqP0pG.bmp (Modified File)
Mime Type	application/octet-stream
File Size	89.05 KB
MD5	ed8fce811c9f5f436c5e81fa73103c5d
SHA1	1ca27d26338740d522048b046660f5b9117b7eb7
SHA256	d1a0cae26a96b1f97b133d8977612fe4881f66c76a4c1a3d9832ff628dfa23e4
SSDeep	1536:7uyMQDfGL1dahclzlZbRpK52wuC0wjOZVDvnbqJ7byWkXqJsivwiXMVQ:KHS+ehCxHK52wzgHDPbC7+WAqJHqQ

C:\\Users\FD1HVy\Pictures\VWv8T4yh.bmp.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Pictures\VWv8T4yh.bmp (Modified File)
Mime Type	application/octet-stream
File Size	83.46 KB
MD5	457bb13071f53163aa1d267fd5cc2829
SHA1	ce99851a4568e3072d6310cf7f19622cc79f967a
SHA256	92a6e74f02586bb10fa64e53deeb53e6c7ae427c93806e245cc1e9ede19524c1
SSDeep	1536:FkvZHZbvVc7pJvxrOz+5PdIYbHseOldEzEUCGSOxY7C8smo/iobRtLX:ivZHZbvVIjvxyKbNbMeOldOeGSOxoCg+

C:\\Users\FD1HVy\Pictures\Wap6eIEFPVUgmwKb.bmp.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Pictures\Wap6eIEFPVUgmwKb.bmp (Modified File)
Mime Type	application/octet-stream
File Size	97.46 KB
MD5	abe6f2e2644c0426e7b6a5c2b5e662dc
SHA1	6c9e0b4ef2235bbe70950f591c21fbc482cb0db7
SHA256	df7706127536eb5aa5db3d112865736acddac4669d6b52d8a1dce83ce172de2e
SSDeep	1536:fl7n/47m72Z+qyNUKsoKZ3ShGziVkovDDkADUSBLrefEDMg6RbjGCZDG6RBy:ft/+rzDZizvnLU08Eggyvn5Gh

C:\\Users\FD1HVy\Pictures\Ws_ZaXd.gif.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Pictures\Ws_ZaXd.gif (Modified File)
Mime Type	application/octet-stream
File Size	35.44 KB
MD5	5fbac3ed98f8f67a34ec489c9e22f55b
SHA1	7f234adade7b0d2cddaa9c551db527b0e744abb4
SHA256	ae03667fb24c8622ea67aeefbefad060b0460ec6c0e799209c0d626d27833f0f
SSDeep	768:dDMtp1Z6SRPQQQg5YD6JcQBFMIL8lwmyKJf98YYbAFZso:FMT1gSRPQzsNcsm68IKlYbAFP

C:\\Users\FD1HVy\Pictures\zC9V-J.bmp.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Pictures\zC9V-J.bmp (Modified File)
Mime Type	application/octet-stream
File Size	70.04 KB
MD5	0ee303700a61b9ccadf1c7dfe1cb9169
SHA1	42103450c56dd017b4a90c9471332926cd32048b
SHA256	5c4818bdee5ac359b19524c821a9737103eefac6c152c87837369bec328e2ce7
SSDeep	1536:BfQlOkkHhmVsegkmhRht34Au/VPSlAuPWyDho/5:B4Y5Bm1YhRhRA/VP+ve

C:\\Users\FD1HVy\Videos\fBN3ST.mp4.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Videos\fBN3ST.mp4 (Modified File)
Mime Type	application/octet-stream
File Size	82.58 KB
MD5	1d4836b152ce271a8d1ce9d406df988f
SHA1	ed65d4eff03c634555ba63a00fe5e929820e85ed
SHA256	8075bfc91805a9497b9228b881da4b9de87f11f7f77e84151f5e1516099e75db
SSDeep	1536:D8JXhl3axBMKaI3uo1u+U3A2rDEvUrJOQ4FDx6NkxWxW0/z+r+/66GgxBxaR2q:DCXXaxYI3B1uHw2rsgYQ4L6FxtCroogK

C:\\Users\FD1HVy\Videos\GdOxNv0sZKn\2DKZ.mp4.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Videos\GdOxNv0sZKn\2DKZ.mp4 (Modified File)
Mime Type	application/octet-stream
File Size	82.57 KB
MD5	bc4986be05c0e7a6d1a029b6c7271c3b
SHA1	717ec452e09e9d287a060d34d52b2d8c3a56d294
SHA256	7bba80a554e7135e3650cdd18254e20c91f77fdfeb72175afdf4e5ff43b9fbc8
SSDeep	1536:rP05HLbnJqx4jBgUvm0OXAqgYvMddFj76YgkaNRGiSM+qOkES0UaaJwEQm/w+W7b:SJYmBzFdFH6YgkaN8i7+BEQm/U7b

C:\\Users\FD1HVy\Videos\GdOxNv0sZKn\F0s4VR4jaiSxUsjT\yHgz5iVwI-.mp4.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Videos\GdOxNv0sZKn\F0s4VR4jaiSxUsjT\yHgz5iVwI-.mp4 (Modified File)
Mime Type	application/octet-stream
File Size	66.82 KB
MD5	0ce3922671707ff7e552a66d5cf74830
SHA1	1981459c1006e3e1a725c5b412686f077e9a9f52
SHA256	0c1e01b465ff9478a21f14b5cac791b67b2d433ac3bebdbf280026fcb9f2fa7b
SSDeep	1536:KJnIRW3lq1sEbKWdnENd12i+HKN6Z778PITwSzH7:K1IRclIssdEVZY782bzH7

C:\\Users\FD1HVy\Videos\GdOxNv0sZKn\F0s4VR4jaiSxUsjT\hc1cETuDJlhvcVErLc\7lhMdesnG3PFyH1-E1.avi.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Videos\GdOxNv0sZKn\F0s4VR4jaiSxUsjT\hc1cETuDJlhvcVErLc\7lhMdesnG3PFyH1-E1.avi (Modified File)
Mime Type	application/octet-stream
File Size	64.93 KB
MD5	b0887e5d13d0f37f695a0c64f60fdf4d
SHA1	2e17a1b1151779c15084bf9f078ee1966f90a751
SHA256	0158d86746a76ad4e27223940e4291e5307973e3222749cf41abed5242a9dcd0
SSDeep	1536:UHi6WxHAay3mgeTNe8D8UtUBjhe1O4dab3BBdoQMz:UdlPTn81tg/4dab3BP6z

C:\\Users\FD1HVy\Videos\GdOxNv0sZKn\Io8nCvBd\5X9AUW.avi.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Videos\GdOxNv0sZKn\Io8nCvBd\5X9AUW.avi (Modified File)
Mime Type	application/octet-stream
File Size	99.96 KB
MD5	465eb6b4ada35361ce8e58312e923fdd
SHA1	11e13a737e1d44e3f5dfe6e93efb1e3b1b57c589
SHA256	be6e724512479750422244df4ff87535699a100358d61bc06cc02f92c1735df7
SSDeep	3072:Ednm7etZ8cWcBddH2qpXvFn33U1hefmhqB8J/ds:KpdWqdHJXvFnHU1qmQBe/ds

C:\\Users\FD1HVy\Videos\GdOxNv0sZKn\Io8nCvBd\MSs7zYZdpb1QeLe.flv.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Users\FD1HVy\Videos\GdOxNv0sZKn\Io8nCvBd\MSs7zYZdpb1QeLe.flv (Modified File)
Mime Type	application/octet-stream
File Size	49.68 KB
MD5	6e37314cda5ed91e2e308e384112d85b
SHA1	18e299e4bce70fb7c38deae014a3b0b1307d7c9f
SHA256	811ce7145d1307db5e6816d11ca4b5796e77cc6a80a59bbeced9bf328b903f12
SSDeep	1536:AobD6pU7YxQ1wjfzFcfr/Zz6+AI+uHBn8P0+IYAYadp2:hD6d/zF85D+uhnK0+vAQ

C:\\Windows10Upgrade\resources\amd64\hwcompat.txt.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Windows10Upgrade\resources\amd64\hwcompat.txt (Modified File)
Mime Type	application/octet-stream
File Size	71.44 KB
MD5	fd9778b6afa3ba6d09c32f0438a68f06
SHA1	ffcaa6a093d31606b30e6c3578b6e14404597885
SHA256	0908cd354858cf63d8d6654a06a98b640b69a9a744a3161596300fce66822453
SSDeep	1536:jEB0C146Cnll8ZJbpg+4X/BSIgL9DUpCoLJtEu9rTeD/6hG+LzKmfUaj:90AD0pZ4X/0FhEhJ5RTeD/6hnzKmMaj

C:\\Windows10Upgrade\resources\i386\hwexclude.txt.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Windows10Upgrade\resources\i386\hwexclude.txt (Modified File)
Mime Type	application/octet-stream
File Size	2.24 KB
MD5	70e5460d696712e56fc6b3cd87df868b
SHA1	4140749037ece60f172fc70237440c13a3911ad9
SHA256	044a8f22bb9654e536ebff48779a65bb11f6d5e78c02b2b37703ed059bab0aa9
SSDeep	48:8MqzOr0xUnRT/hku5Edca5f/tNYnSqJ+Q5dupQPbJH2rXW+FXJAG/DzjFWUz8sHz:SOr0K6ui5f/nYphoKDJHRO/DzjFRzRz

C:\\Windows10Upgrade\resources\ux\bluelogo.png.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Windows10Upgrade\resources\ux\bluelogo.png (Modified File)
Mime Type	application/octet-stream
File Size	6.94 KB
MD5	a8c3c6e1bd695140b97541afc27514c2
SHA1	0042309d669830e1a01bf3e16277455e575a890b
SHA256	9d29329e1dd1e79e4c5046df1ecf88ebe6d577b25b9779e35f4609120d13be26
SSDeep	192:8O/lAJePygsWWgnQXNDCfDmUZ7y+f9Jexer7WddHvYk:8yl1tnQ9DFUpy+1JDqHvYk

C:\\Windows10Upgrade\resources\ux\bullet.png.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Windows10Upgrade\resources\ux\bullet.png (Modified File)
Mime Type	application/octet-stream
File Size	247 bytes
MD5	964dc645d7446a4fa70c9a98ad4f874c
SHA1	2f57614fad284e403137648e0813073d0512cc9f
SHA256	e89bebace4cc65a24fce9b4e0b02cbb70812c221ab38803374abbe6c515c2e47
SSDeep	6:Vgv2qnr3JfcsYL5rN8Tacm/BmF/8FAUA1q/YBwgEjzkJcrhkI9NHNM4/d+wz:8N3JqeXmi8F4gQ3QAihkIfi4/d9

C:\\Windows10Upgrade\resources\ux\default.css.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Windows10Upgrade\resources\ux\default.css (Modified File)
Mime Type	application/octet-stream
File Size	5.66 KB
MD5	79e83fe7daa8d7e749ea66af7cdba9a3
SHA1	ab203c475b0f68de754d02c3d41d89ec08fccc11
SHA256	9d4607453019882d977847ec1545f97037feb72c7f8ff7cc3283dc5a817a5d73
SSDeep	96:Or95nUisE6OiFrAvuc43/AaikOjAvbz3Iv7H8fEmAENsNbIDCyXwsexdjb1:OfU1+vz43/AnwTz3IjVmHslaws0NJ

C:\\Windows10Upgrade\resources\ux\default_oobe.css.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Windows10Upgrade\resources\ux\default_oobe.css (Modified File)
Mime Type	application/octet-stream
File Size	5.13 KB
MD5	12deada16c0f9ae0d8721d804156c7e6
SHA1	3dc02ec8e111a04cae900a6f04af0ff85f3c17e3
SHA256	afef3633e6053d110dd81eb797addaa3fede0ad80e9c4c12c6c36cf54b88eb06
SSDeep	96:5/ICmXLoK1sKIrRos4EH7s44v9GL1+t+L1H75apHqSqgu+PeSCoidsKi+U:hIXo3rFR+P+LB5aHqSZTWbd4

C:\\Windows10Upgrade\resources\ux\marketing.png.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Windows10Upgrade\resources\ux\marketing.png (Modified File)
Mime Type	application/octet-stream
File Size	519 bytes
MD5	a11ba270a95b6bdd3d6737fa2197b2bd
SHA1	125da6cf28d0b1be87d6df032eaa08fcfb920d02
SHA256	c057559d6ab1df96daf36f2caeee211ca04f9563f491b815e804d4af88a8de17
SSDeep	12:8N3sJDS00dfyWcVbKnC9LY5K+QD2JzZqOvpG1UD3S9QiZK:8NcJI6mncLOK+82JYMprbSGgK

C:\\Windows10Upgrade\resources\ux\NoNetworkConnection.png.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Windows10Upgrade\resources\ux\NoNetworkConnection.png (Modified File)
Mime Type	application/octet-stream
File Size	2.15 KB
MD5	6405a9def291e3989e52b98b8a93ab88
SHA1	dba39b27ce5d8ffec17c2bbc77c7a8cbd0f91fb5
SHA256	66397f276ca7b50b14323546a41b1c7dfc45df3e8ed06133fd8ea8006224dc85
SSDeep	48:84OrCaIDSZ0fvi4uokfgN94xbXES6lTPmUuF55xCnn:jub4uokIQb0dm1xCnn

C:\\Windows10Upgrade\resources\ux\NoNetworkConnectionHoverOver.png.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Windows10Upgrade\resources\ux\NoNetworkConnectionHoverOver.png (Modified File)
Mime Type	application/octet-stream
File Size	2.19 KB
MD5	1e88881f2c2237e67ea1f2189752f534
SHA1	d8a4c780111b3f8f36b8d5b5bf42cef21f116efb
SHA256	1cf1c7c72f7474c330eb63fa61d96f25a89b945ebf7a58124f66c5cccd91fdb0
SSDeep	48:84OrCaIDSZ0fvi4uo7HWLSG0hoDhATYfiJ+abJ:jub4uo7HIZAsBqJ

C:\\Windows10Upgrade\resources\ux\pass.png.ch4x0

Dropped File

Stream

Not Queried

»

Also Known As	C:\\Windows10Upgrade\resources\ux\pass.png (Modified File)
Mime Type	application/octet-stream
File Size	1.80 KB
MD5	deaccfe73bf200a878da3a1b58ffaede
SHA1	ff2b6c6f67c0a4d27b0ca6152b0b7a514a515047
SHA256	25100f3fd3771e783ca3708d14a94f306680c31c6e4bc3f321bb73ecd5817de7
SSDeep	48:8wGgj9KKSzg6zaW/w8MfpJIWzQGRC+32r:brKK8Wqw8usW8Imr

C:\\Boot\updaterevokesipolicy.p7b.ch4x0

Dropped File

Stream

Not Queried

»

Mime Type	application/octet-stream
File Size	4.58 KB
MD5	b96ca2d9f9901bc9687de3ed344de914
SHA1	df3fe7573faa720a404a675d19262f224466edd8
SHA256	008e44de48087608d6e363d04a698caaca748e2cf6dbc43fc69a74ce7b9921cb
SSDeep	96:Wok+Af16xHjOyZoAgVfVGRq7GHUPOyy75nKWOGxBnYJBUrO9VB6z0ANcQZI/cv:WopY16ljVuA1RCOyyJYJBX9nIcQZI/M

Remarks

There are no files for this filter

There are no files in this analysis

WHOIS Domain Information

Before

After