Sample File:

	MD5 hash:
		02c6bf3ca15457e3e951dc49b704707c

	SHA1 hash:
		d5d5363f7b183d9ed8a73620efa3f2c529dedd1a

	SHA256 hash:
		42dc69a5e31a8cba294b9488d98c415e69925d387bd7b80d637b37c02811226b

	SSDEEP hash:
		49152:YMleTCO4HN05rQw3AfOAMB1OUVy2TCTqGHShW3GUN1e01wks:YMleTCnHN05rQw39AMnhYHyhl81e0ek

	Filename(s):
		UNNAM3D - RANSM.exe

	Filetype:
		Windows Exe (x86-32)


Mutex IOCs:

		WinRAR_Busy


Registry Key IOCs:

		HKEY_CURRENT_USER\SOFTWARE\Microsoft\.NETFramework\XML
		HKEY_CURRENT_USER\Software\Microsoft\Command Processor
		HKEY_CURRENT_USER\Software\Microsoft\Command Processor\AutoRun
		HKEY_CURRENT_USER\Software\Microsoft\Command Processor\CompletionChar
		HKEY_CURRENT_USER\Software\Microsoft\Command Processor\DefaultColor
		HKEY_CURRENT_USER\Software\Microsoft\Command Processor\DelayedExpansion
		HKEY_CURRENT_USER\Software\Microsoft\Command Processor\DisableUNCCheck
		HKEY_CURRENT_USER\Software\Microsoft\Command Processor\EnableExtensions
		HKEY_CURRENT_USER\Software\Microsoft\Command Processor\PathCompletionChar
		HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System
		HKEY_CURRENT_USER\Software\WinRAR
		HKEY_CURRENT_USER\Software\WinRAR\Compression
		HKEY_CURRENT_USER\Software\WinRAR\Extraction
		HKEY_CURRENT_USER\Software\WinRAR\FileList
		HKEY_CURRENT_USER\Software\WinRAR\FileList\ArcColumnStates
		HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnStates
		HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
		HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths\mtime
		HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths\name
		HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths\size
		HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths\type
		HKEY_CURRENT_USER\Software\WinRAR\General
		HKEY_CURRENT_USER\Software\WinRAR\General\LanguageFolder
		HKEY_CURRENT_USER\Software\WinRAR\General\Log
		HKEY_CURRENT_USER\Software\WinRAR\General\Priority
		HKEY_CURRENT_USER\Software\WinRAR\General\SMP
		HKEY_CURRENT_USER\Software\WinRAR\General\Sound
		HKEY_CURRENT_USER\Software\WinRAR\General\VerInfo
		HKEY_CURRENT_USER\Software\WinRAR\Interface
		HKEY_CURRENT_USER\Software\WinRAR\Interface\ErrList
		HKEY_CURRENT_USER\Software\WinRAR\Interface\SystemProgressBar
		HKEY_CURRENT_USER\Software\WinRAR\Interface\TaskbarProgressBar
		HKEY_CURRENT_USER\Software\WinRAR\Interface\Themes
		HKEY_CURRENT_USER\Software\WinRAR\Interface\Themes\ActivePath
		HKEY_CURRENT_USER\Software\WinRAR\Interface\Themes\ShellExtBMP
		HKEY_CURRENT_USER\Software\WinRAR\Interface\Themes\ShellExtIcon
		HKEY_CURRENT_USER\Software\WinRAR\Paths
		HKEY_CURRENT_USER\Software\WinRAR\Policy
		HKEY_CURRENT_USER\Software\WinRAR\Profiles
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\AddArcOnly
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\ArcName
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\ArcRecBin
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\ArcTimeLatest
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\ArcTimeOriginal
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\ArcWipe
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\BLAKE2
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\Background
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\ClearArc
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\CmtDataWide
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\CmtFile
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\CmtTextData
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\CmtTextWide
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\Default
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\DictSize
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\DictSizeLZ
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\EmailArcTo
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\EncryptHeaders
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\EraseDest
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\ExclNames
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\FileCopies
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\FileDays
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\FileHours
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\FileMinutes
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\FileNames
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\FileTimeLimit
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\FileTimeMode
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\Fresh
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\GenerateArcName
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\GenerateMask
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\ImmExec
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\Lock
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\Method
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\Move
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\Name
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\OldVolNames
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\OpenShared
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\Overwrite
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\PackDetails
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\PasswordData
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\PathsAbs
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\PathsAbsDrive
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\PathsNone
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\ProcessOwners
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\QuickOpen
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\RAR5
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\RecEnabled
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\RecSize
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\RecVolNumber
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\Recovery
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\SFX
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\SFXElevate
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\SFXIcon
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\SFXLogo
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\SFXModule
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\SaveHardLinks
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\SaveStreams
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\SaveSymLinks
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\SeparateArc
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\SeparateArcDoubleExt
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\SeparateArcSubfolders
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\Shutdown
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\Solid
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\StoreNames
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\SyncFiles
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\Test
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\Update
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\UseRAR
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\VersionControl
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\VolPause
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\VolSizeMod
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\VolumeSize
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\WaitForOther
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\WipeIfPassword
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\ZipLegacyEncrypt
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\atime
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\ctime
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\0\mtime
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\AddArcOnly
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\ArcName
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\ArcRecBin
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\ArcTimeLatest
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\ArcTimeOriginal
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\ArcWipe
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\BLAKE2
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\Background
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\ClearArc
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\CmtDataWide
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\CmtFile
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\Default
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\DictSize
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\DictSizeLZ
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\EmailArcTo
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\EncryptHeaders
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\EraseDest
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\ExclNames
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\FileCopies
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\FileDays
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\FileHours
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\FileMinutes
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\FileNames
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\FileTimeLimit
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\FileTimeMode
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\Fresh
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\GenerateArcName
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\GenerateMask
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\ImmExec
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\Lock
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\Method
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\Move
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\Name
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\OldVolNames
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\OpenShared
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\Overwrite
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\PackDetails
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\PasswordData
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\PathsAbs
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\PathsAbsDrive
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\PathsNone
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\ProcessOwners
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\QuickOpen
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\RAR5
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\RecEnabled
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\RecSize
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\RecVolNumber
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\SFX
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\SFXElevate
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\SFXIcon
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\SFXLogo
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\SFXModule
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\SaveHardLinks
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\SaveStreams
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\SaveSymLinks
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\SeparateArc
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\SeparateArcDoubleExt
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\SeparateArcSubfolders
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\Shutdown
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\Solid
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\StoreNames
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\SyncFiles
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\Test
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\Update
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\UseRAR
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\VersionControl
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\VolPause
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\VolSizeMod
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\VolumeSize
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\WaitForOther
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\WipeIfPassword
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\ZipLegacyEncrypt
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\atime
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\ctime
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\1\mtime
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\AddArcOnly
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\ArcName
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\ArcRecBin
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\ArcTimeLatest
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\ArcTimeOriginal
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\ArcWipe
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\BLAKE2
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\Background
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\ClearArc
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\CmtDataWide
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\CmtFile
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\Default
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\DictSize
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\DictSizeLZ
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\EmailArcTo
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\EncryptHeaders
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\EraseDest
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\ExclNames
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\FileCopies
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\FileDays
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\FileHours
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\FileMinutes
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\FileNames
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\FileTimeLimit
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\FileTimeMode
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\Fresh
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\GenerateArcName
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\GenerateMask
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\ImmExec
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\Lock
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\Method
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\Move
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\Name
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\OldVolNames
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\OpenShared
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\Overwrite
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\PackDetails
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\PasswordData
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\PathsAbs
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\PathsAbsDrive
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\PathsNone
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\ProcessOwners
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\QuickOpen
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\RAR5
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\RecEnabled
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\RecSize
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\RecVolNumber
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\SFX
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\SFXElevate
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\SFXIcon
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\SFXLogo
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\SFXModule
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\SaveHardLinks
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\SaveStreams
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\SaveSymLinks
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\SeparateArc
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\SeparateArcDoubleExt
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\SeparateArcSubfolders
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\Shutdown
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\Solid
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\StoreNames
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\SyncFiles
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\Test
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\Update
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\UseRAR
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\VersionControl
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\VolPause
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\VolSizeMod
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\VolumeSize
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\WaitForOther
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\WipeIfPassword
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\ZipLegacyEncrypt
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\atime
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\ctime
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\2\mtime
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\AddArcOnly
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\ArcName
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\ArcRecBin
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\ArcTimeLatest
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\ArcTimeOriginal
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\ArcWipe
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\BLAKE2
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\Background
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\ClearArc
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\CmtDataWide
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\CmtFile
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\Default
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\DictSize
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\DictSizeLZ
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\EmailArcTo
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\EncryptHeaders
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\EraseDest
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\ExclNames
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\FileCopies
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\FileDays
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\FileHours
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\FileMinutes
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\FileNames
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\FileTimeLimit
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\FileTimeMode
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\Fresh
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\GenerateArcName
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\GenerateMask
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\ImmExec
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\Lock
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\Method
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\Move
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\Name
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\OldVolNames
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\OpenShared
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\Overwrite
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\PackDetails
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\PasswordData
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\PathsAbs
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\PathsAbsDrive
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\PathsNone
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\ProcessOwners
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\QuickOpen
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\RAR5
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\RecEnabled
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\RecSize
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\RecVolNumber
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\SFX
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\SFXElevate
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\SFXIcon
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\SFXLogo
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\SFXModule
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\SaveHardLinks
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\SaveStreams
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\SaveSymLinks
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\SeparateArc
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\SeparateArcDoubleExt
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\SeparateArcSubfolders
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\Shutdown
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\Solid
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\StoreNames
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\SyncFiles
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\Test
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\Update
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\UseRAR
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\VersionControl
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\VolPause
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\VolSizeMod
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\VolumeSize
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\WaitForOther
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\WipeIfPassword
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\ZipLegacyEncrypt
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\atime
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\ctime
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\3\mtime
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\AddArcOnly
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\ArcName
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\ArcRecBin
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\ArcTimeLatest
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\ArcTimeOriginal
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\ArcWipe
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\BLAKE2
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\Background
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\ClearArc
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\CmtDataWide
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\CmtFile
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\Default
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\EmailArcTo
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\EncryptHeaders
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\EraseDest
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\ExclNames
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\FileCopies
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\FileDays
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\FileHours
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\FileMinutes
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\FileNames
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\FileTimeLimit
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\FileTimeMode
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\Fresh
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\GenerateArcName
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\GenerateMask
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\ImmExec
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\Lock
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\Method
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\Move
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\Name
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\OldVolNames
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\OpenShared
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\Overwrite
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\PackDetails
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\PasswordData
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\PathsAbs
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\PathsAbsDrive
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\PathsNone
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\ProcessOwners
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\QuickOpen
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\RAR5
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\RecEnabled
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\RecSize
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\RecVolNumber
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\SFX
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\SFXElevate
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\SFXIcon
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\SFXLogo
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\SFXModule
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\SaveHardLinks
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\SaveStreams
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\SaveSymLinks
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\SeparateArc
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\SeparateArcDoubleExt
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\SeparateArcSubfolders
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\Shutdown
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\Solid
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\StoreNames
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\SyncFiles
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\Test
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\Update
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\UseRAR
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\VersionControl
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\VolPause
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\VolSizeMod
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\VolumeSize
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\WaitForOther
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\WipeIfPassword
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\ZipLegacyEncrypt
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\atime
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\ctime
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\4\mtime
		HKEY_CURRENT_USER\Software\WinRAR\Profiles\5
		HKEY_CURRENT_USER\Software\WinRAR\rarkey
		HKEY_CURRENT_USER\Software\WinRAR\rarreg.key
		HKEY_LOCAL_MACHINE
		HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\AppContext
		HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\XML
		HKEY_LOCAL_MACHINE\Software\Microsoft\.NETFramework
		HKEY_LOCAL_MACHINE\Software\Microsoft\.NETFramework\DbgJITDebugLaunchSetting
		HKEY_LOCAL_MACHINE\Software\Microsoft\.NETFramework\DbgManagedDebugger
		HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor
		HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor\AutoRun
		HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor\CompletionChar
		HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor\DefaultColor
		HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor\DelayedExpansion
		HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor\DisableUNCCheck
		HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor\EnableExtensions
		HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor\PathCompletionChar
		HKEY_LOCAL_MACHINE\Software\WinRAR
		HKEY_LOCAL_MACHINE\Software\WinRAR\Policy


Domain IOCs:

		- None -


IP IOCs:

		- None -


URL IOCs:

		- None -


File IOCs:

	Filenames:

		
		-3PSVPdo1rq8.docx
		-mQiD8fm.doc
		0KL2Gz9JGd.wav
		0RRIlXg9.xls
		17Kei.bmp
		1GbClcrwPdCacbM-.png
		1Uee5Fu 2XCwi8fG.gif
		3 58nW.pps
		4WmeXcoy8E.gif
		5YJHRW-JZoT5E S09D.pptx
		5okJ0wdSjHps.docx
		5qnTEjfG9KjtBUIojvlC.png
		6u_EXsIYn4N.jpg
		6xi8hATC8ep.gif
		7I1yC6W53.doc
		7ZwWGMcIaUjWjMVJAe.jpg
		8CFpoZ DqeCI.doc
		8eYKFrOBbq-TuX.bmp
		9BtQRHA1y.gif
		9EMbKuPh551l7_WJZv
		9EMbKuPh551l7_WJZv\-4NjCVEIvkCBj.docx
		9EMbKuPh551l7_WJZv\WKv89hDvOzA.pptx
		9EMbKuPh551l7_WJZv\l7Td5TRgfXzOW kF6H0.docx
		9EMbKuPh551l7_WJZv\qfqeMqDF
		9EMbKuPh551l7_WJZv\qfqeMqDF\-mjM.xlsx
		9EMbKuPh551l7_WJZv\qfqeMqDF\35mJ-.pdf
		9EMbKuPh551l7_WJZv\qfqeMqDF\3jMLs-qdS.docx
		9EMbKuPh551l7_WJZv\qfqeMqDF\5HLd-s
		9EMbKuPh551l7_WJZv\qfqeMqDF\5HLd-s\BTQU2WOZsFUjw.pdf
		9EMbKuPh551l7_WJZv\qfqeMqDF\5HLd-s\Q9 7uahS
		9EMbKuPh551l7_WJZv\qfqeMqDF\5HLd-s\Q9 7uahS\1q4uHOxj.odt
		9EMbKuPh551l7_WJZv\qfqeMqDF\5HLd-s\Q9 7uahS\Kin6ms4WyJhH.xlsx
		9EMbKuPh551l7_WJZv\qfqeMqDF\5HLd-s\Q9 7uahS\KzP2.csv
		9EMbKuPh551l7_WJZv\qfqeMqDF\5HLd-s\Q9 7uahS\_fBJ yDh9e.ods
		9EMbKuPh551l7_WJZv\qfqeMqDF\5HLd-s\Q9 7uahS\mbQ0b7o.ots
		9EMbKuPh551l7_WJZv\qfqeMqDF\5HLd-s\Q9 7uahS\ww2bCvn.csv
		9EMbKuPh551l7_WJZv\qfqeMqDF\5HLd-s\XGIfB05FTyHqB.xlsx
		9EMbKuPh551l7_WJZv\qfqeMqDF\5HLd-s\XXRZ1Ntz_m owLhUomX.rtf
		9EMbKuPh551l7_WJZv\qfqeMqDF\5HLd-s\XiqWm6izl6v FQ5Q.doc
		9EMbKuPh551l7_WJZv\qfqeMqDF\5HLd-s\cA7tY- cuM.pptx
		9EMbKuPh551l7_WJZv\qfqeMqDF\5HLd-s\rDvRexnp0.xls
		9EMbKuPh551l7_WJZv\qfqeMqDF\5HLd-s\xZQ7e8.pptx
		9EMbKuPh551l7_WJZv\qfqeMqDF\QrQLcl.csv
		9EMbKuPh551l7_WJZv\qfqeMqDF\R2r4mFlAna2enKE.odp
		9EMbKuPh551l7_WJZv\qfqeMqDF\eSCikz2YIWaDp58m1bY
		9EMbKuPh551l7_WJZv\qfqeMqDF\eSCikz2YIWaDp58m1bY\2NOJ5
		9EMbKuPh551l7_WJZv\qfqeMqDF\eSCikz2YIWaDp58m1bY\2NOJ5\DLaLU5Np1FYR8L.ods
		9EMbKuPh551l7_WJZv\qfqeMqDF\eSCikz2YIWaDp58m1bY\2NOJ5\Qx eo7HW.odt
		9EMbKuPh551l7_WJZv\qfqeMqDF\eSCikz2YIWaDp58m1bY\2NOJ5\iOBweAZSY.ods
		9EMbKuPh551l7_WJZv\qfqeMqDF\eSCikz2YIWaDp58m1bY\2NOJ5\lIHAtSXy
		9EMbKuPh551l7_WJZv\qfqeMqDF\eSCikz2YIWaDp58m1bY\2NOJ5\lIHAtSXy\5S3P3.csv
		9EMbKuPh551l7_WJZv\qfqeMqDF\eSCikz2YIWaDp58m1bY\2NOJ5\lIHAtSXy\9NEdDu7cj0FPBRK.odt
		9EMbKuPh551l7_WJZv\qfqeMqDF\eSCikz2YIWaDp58m1bY\NHc9hBVFvdQ5Z
		9EMbKuPh551l7_WJZv\qfqeMqDF\eSCikz2YIWaDp58m1bY\NHc9hBVFvdQ5Z\3k35ZmjoIQgYRoHKpmkK.pdf
		9EMbKuPh551l7_WJZv\qfqeMqDF\eSCikz2YIWaDp58m1bY\NHc9hBVFvdQ5Z\99y9.odt
		9EMbKuPh551l7_WJZv\qfqeMqDF\eSCikz2YIWaDp58m1bY\NHc9hBVFvdQ5Z\K qThybav
		9EMbKuPh551l7_WJZv\qfqeMqDF\eSCikz2YIWaDp58m1bY\NHc9hBVFvdQ5Z\K qThybav\L_jtuZX b2fVSoNPf.docx
		9EMbKuPh551l7_WJZv\qfqeMqDF\eSCikz2YIWaDp58m1bY\NHc9hBVFvdQ5Z\K qThybav\XCn-HpOwlmV9G3Gdf9O.ods
		9EMbKuPh551l7_WJZv\qfqeMqDF\eSCikz2YIWaDp58m1bY\NHc9hBVFvdQ5Z\K qThybav\l 4nHi8sklRbErgBL.pps
		9EMbKuPh551l7_WJZv\qfqeMqDF\eSCikz2YIWaDp58m1bY\jLF_V3JmdmbQkD.ots
		9EMbKuPh551l7_WJZv\qfqeMqDF\eSCikz2YIWaDp58m1bY\jfYQRF.csv
		A4ii4MOpBgpQwQBT.jpg
		AG0E6OHBnNCn.mkv
		C:\Users\FD1HVy\AppData\Local\Temp\Settings.reg
		C:\Users\FD1HVy\AppData\Local\Temp\WinRAR.exe
		C:\Users\FD1HVy\AppData\Local\Temp\WinRAR.ini
		C:\Users\FD1HVy\AppData\Local\Temp\winrar.lng
		C:\Users\FD1HVy\AppData\Roaming\WinRAR
		C:\Users\FD1HVy\AppData\Roaming\WinRAR\Settings.reg
		C:\Users\FD1HVy\AppData\Roaming\WinRAR\Themes
		C:\Users\FD1HVy\AppData\Roaming\WinRAR\WinRAR.ini
		C:\Users\FD1HVy\AppData\Roaming\WinRAR\version.dat
		C:\Users\FD1HVy\Desktop
		C:\Users\FD1HVy\Desktop\UNNAM3D - RANSM.exe
		C:\Users\FD1HVy\Desktop\UNNAM3D - RANSM.exe.config
		C:\Users\FD1HVy\Documents
		C:\Users\FD1HVy\Pictures
		C:\Windows\Microsoft.NET\Framework\v4.0.30319\Config\machine.config
		C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
		Camera Roll
		Camera Roll\desktop.ini
		Cg4L5J0Hp5g.bmp
		Database1.accdb
		Desktop
		Desktop.rar
		Desktop.zip
		Documents
		Documents.rar
		Documents.zip
		EKbd9czGD.bmp
		FiPd_4qvOx8j.jpg
		FoGmW sbJbVrE-.pptx
		GAXF44R72SInzUMj.mp3
		H6PwCN3oyZKOwFQ.png
		H7Jzn2.png
		H9Q00myyEZo.mp3
		HBzA3ifwtSZxE.avi
		HPs4cKd.bmp
		Hx3Tlhe_5jId0OJhP6.pptx
		IaWqKnXFr.m4a
		Jil3P9aQS_.avi
		Kd7Nt21v7fSUs0ibbZr.pdf
		KmDsFaqbjMnNn4BN.jpg
		M6unjbqHC6Vi.avi
		MZgybshM.pptx
		My Music
		My Pictures
		My Shapes
		My Shapes\Favorites.vssx
		My Shapes\_private
		My Shapes\_private\folder.ico
		My Shapes\desktop.ini
		My Videos
		NdfE2nFSq.xlsx
		Outlook Files
		Outlook Files\kkcie@kdj.kd.pst
		P1f3eP0sOin1nUyy.csv
		Pe_4G6TNHBiw7.gif
		Pictures
		Pictures.rar
		Pictures.zip
		Q00ZHL.bmp
		QX41YSfi6.bmp
		Saved Pictures
		Saved Pictures\desktop.ini
		Sn MlQKdcUAQKuOMiL.mp4
		Vtgh45Nfdq0.pptx
		W-jIjn6.gif
		Ww lmr4coeaZVkLVzHS.jpg
		XvD0nTrkTg7W8h.xlsx
		YBodpCQ1OYUO B.gif
		Z8PEjH5b.jpg
		_jIR7aHVEY1Y7.docx
		_wLo_T-_xHQoQCx.mp4
		aHz4Hx-PBeuX.png
		awTUht89JcK2K D7j9i.png
		c9ZaReaCiTG.png
		cdf 0O.avi
		chO6xvKC4SuwQxTe.rtf
		d8N7eT8cGeAbq0mZ CKY.xlsx
		dRR2.wav
		desktop.ini
		dw0z-rObH0-zF2.png
		eBvOtmtGs9oVXiPynY.xlsx
		g6r96fa7GyN6.gif
		g9y9 K 4j.pptx
		gG_HZ-HV.swf
		gTXyE1NkEEb.jpg
		hh1Bz.png
		hh4lRnb.ods
		hqk1KnpsNtd.mkv
		jYH_Ha3VQR8eB_bONWr9.pptx
		jkHmqBwZLlx L8N.m4a
		job -V_cE7uVrHssoWW.jpg
		k5qtEIg5teHIWg.png
		kVcraZcrAD.png
		kZvsWRlw_Unl_4-z2.png
		m3Vfo.png
		m3ksaTaVuXM_ADoCvA.jpg
		mwUpgAicntsdXOa.wav
		nt5k6gcCx.pdf
		oOWu_URf4xodTCzItb.m4a
		q0 y.bmp
		qBs_.docx
		r 8Z60WGh0PY-Uxk.gif
		rhEg_RUaix7K66ZWCFGd.xlsx
		rnJlU.swf
		sKJ-dBYfyDB.swf
		sj6 1xhDAi0ypw.jpg
		svWwwq0D.png
		t1UTy
		t1UTy\0jOnjZop-702GRg.png
		t1UTy\P4m7gaW ZT.flv
		t1UTy\rjFeGvlijme.swf
		t1UTy\x ddEQMGCa7.ots
		t1UTy\y04cYW4-8JsL5Y8T29Y.xls
		ttLWBUDVomotx85.gif
		uGw1_n9EtC7y-G8.xlsx
		vZ5hUHAIiw4NGepftsf.docx
		vmwN.flv
		yWEcS.bmp
		y_QmYlvwtNWjwI0tZ.bmp
		yo39-hWsdk Kwqd0cHA.flv
		yova8.bmp
		zdKqdR.png
		zoYWy0tnNuqg-Zdh4.gif

	MD5 hashes:

		02c6bf3ca15457e3e951dc49b704707c
		1529f351c2fa6e418339daccb62c82e7
		1e3a2a966f593ad33125f26916267008
		370e8acf7a8d836e91d6f1a593bfad56
		86d13c755ee816538758ea7aa2942899
		b1f9c831833501f54d2ed24d14059c07
		efa4ac54e99fdd29a9c5edf45ddaaa54

	SHA1 hashes:

		2bc649ed0171190ae9d4a76a399a2c82310c4c2d
		37e9071cbb2494217c8382a49909cb44aa588d04
		38b1a547ddee671edeee7385cac138458a6a6858
		624bebba8d39ce5f887f41d51e66160f4c3596cc
		7d248783bb8ff1b88458ebd21c9ec8fd56275281
		8553fc21b935c408f801bc2080da58f1bff66f69
		d5d5363f7b183d9ed8a73620efa3f2c529dedd1a

	SHA256 hashes:

		012fb962c6ff6e5153eb240c019c139c5bfb95c1bf664d5750b102b6058057ab
		1dcf06035130cacff7d4ff78c0337532eacb190647b9e1633d247fc69e34d62a
		378a82cced38ad1e6ed184b5a477d4e4f8693214ae4cb7cc9c53893f0d365be0
		41290334b1e39a052138f7397495cccebc4675f3fd5a49b0a28ea015d768e5cc
		42dc69a5e31a8cba294b9488d98c415e69925d387bd7b80d637b37c02811226b
		799c8d082fe7ee8bd2094495e17edd836ff1680e185d8297eb5da5a5a1ce8c3e
		b18c9b9200e354f81882b29dc8143ec5d6f2b731cf4c7da3800e339ffb3c8827

	SSDEEP hashes:

		3:bJvudhiAWOS4Ol:tvujFJS4Ol
		3:bZi:4
		49152:QJODSx4QT/yfmAl/gencu3YT/woKEo5HKOqA0A5JOGKwOyVCN:QJ9ufmLhwb5KAa5
		49152:YMleTCO4HN05rQw3AfOAMB1OUVy2TCTqGHShW3GUN1e01wks:YMleTCnHN05rQw39AMnhYHyhl81e0ek
		49152:eZJE7juqkEOpR7YAjDh1+n65Q/6qChell8dlKffN48iRFTxrT5g:eZojKpLb+iy8hof21xe
		49152:m2IoCBtJnxlyU/mWhRcQYhie6/UIdjjQuctXnFDu3nAzNjteyUHBdH3y2:xrCBrtcy/lfkD0nANte9BpC2
		98304:sqq9/v6ZTjRW6S8TP7PaTxncuJf6fVc2hnfzbOrTPg8X4p7Y8b:9q9cA6FTjnLKrD7Xw7pb