7a06c328...adca | Files
Logo
Try VMRay Analyzer
VTI SCORE: 91/100
Dynamic Analysis Report
Classification: Riskware, Ransomware

7a06c328733d43e19debcd3c045d35eed48538415de5f21c66885a4994eeadca (SHA256)

tzbtqw.exe

Windows Exe (x86-32)

Created at 2019-03-01 21:19:00

...

Notifications (2/4)

Some extracted files may be missing in the report since the total file extraction size limit was reached during the analysis. You can increase the limit in the configuration settings.

Some extracted files may be missing in the report since the maximum number of extracted files was reached during the analysis. You can increase the limit in the configuration settings.

The maximum number of reputation file hash requests (20 per analysis) was exceeded. As a result, the reputation status could not be queried for all file hashes. In order to get the reputation status for all file hashes, please increase the 'Max File Hash Requests' setting in the system configurations.

The operating system was rebooted during the analysis.

Remarks

Some extracted files may be missing in the report since the total file extraction size limit was reached during the analysis. You can increase the limit in the configuration settings.

Some extracted files may be missing in the report since the maximum number of extracted files was reached during the analysis. You can increase the limit in the configuration settings.

The maximum number of reputation file hash requests (20 per analysis) was exceeded. As a result, the reputation status could not be queried for all file hashes. In order to get the reputation status for all file hashes, please increase the 'Max File Hash Requests' setting in the system configurations.

Filters:
Filename Category Type Severity Actions
C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\tzbtqw.exe Sample File Binary
Unknown
...
»
Also Known As C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\tzbtqw.exe (Created File)
Mime Type application/x-dosexec
File Size 53.50 KB
MD5 c4d3007e0257d80186973632b0d8695d Copy to Clipboard
SHA1 9e42b167057ba76976747baabfaee1e721000e91 Copy to Clipboard
SHA256 7a06c328733d43e19debcd3c045d35eed48538415de5f21c66885a4994eeadca Copy to Clipboard
SSDeep 768:J66vuye1kVtGBk6P/v7nWlHznbkVwrEKD9yDwxVSHrowNI2tG6o/t84B5yrJk:J64eytM3alnawrRIwxVSHMweio3IrJ Copy to Clipboard
ImpHash ba2ce247fa49357770ce28f139e2f1ab Copy to Clipboard
PE Information
»
Image Base 0x400000
Entry Point 0x409f20
Size Of Initialized Data 0xc200
File Type executable
Subsystem windows_gui
Machine Type i386
Compile Timestamp 2018-04-02 16:47:20+00:00
Sections (1)
»
Name Virtual Address Virtual Size Raw Data Size Raw Data Offset Flags Entropy
.rdata 0x401000 0xd088 0xd200 0x400 cnt_initialized_data, mem_execute, mem_read, mem_write 6.04
Imports (5)
»
KERNEL32.dll (45)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
SetFilePointerEx 0x0 0x401024 0xcb54 0xbf54 0x467
CloseHandle 0x0 0x401028 0xcb58 0xbf58 0x52
lstrlenW 0x0 0x40102c 0xcb5c 0xbf5c 0x54e
CreateFileW 0x0 0x401030 0xcb60 0xbf60 0x8f
HeapCreate 0x0 0x401034 0xcb64 0xbf64 0x2cd
GetCurrentProcess 0x0 0x401038 0xcb68 0xbf68 0x1c0
ExitProcess 0x0 0x40103c 0xcb6c 0xbf6c 0x119
CreateThread 0x0 0x401040 0xcb70 0xbf70 0xb5
GetCurrentThread 0x0 0x401044 0xcb74 0xbf74 0x1c4
SetThreadPriority 0x0 0x401048 0xcb78 0xbf78 0x499
WaitForMultipleObjects 0x0 0x40104c 0xcb7c 0xbf7c 0x4f7
Sleep 0x0 0x401050 0xcb80 0xbf80 0x4b2
GetLogicalDrives 0x0 0x401054 0xcb84 0xbf84 0x209
SetFilePointer 0x0 0x401058 0xcb88 0xbf88 0x466
FindClose 0x0 0x40105c 0xcb8c 0xbf8c 0x12e
lstrcmpiA 0x0 0x401060 0xcb90 0xbf90 0x544
lstrcmpiW 0x0 0x401064 0xcb94 0xbf94 0x545
lstrcpyA 0x0 0x401068 0xcb98 0xbf98 0x547
ReadFile 0x0 0x40106c 0xcb9c 0xbf9c 0x3c0
lstrcatW 0x0 0x401070 0xcba0 0xbfa0 0x53f
GetModuleFileNameW 0x0 0x401074 0xcba4 0xbfa4 0x214
CreateProcessW 0x0 0x401078 0xcba8 0xbfa8 0xa8
GetEnvironmentVariableW 0x0 0x40107c 0xcbac 0xbfac 0x1dc
GetDriveTypeA 0x0 0x401080 0xcbb0 0xbfb0 0x1d2
GetTempPathW 0x0 0x401084 0xcbb4 0xbfb4 0x285
GetTempFileNameW 0x0 0x401088 0xcbb8 0xbfb8 0x283
SetFileAttributesW 0x0 0x40108c 0xcbbc 0xbfbc 0x461
GetFileAttributesW 0x0 0x401090 0xcbc0 0xbfc0 0x1ea
FindFirstFileW 0x0 0x401094 0xcbc4 0xbfc4 0x139
FindNextFileW 0x0 0x401098 0xcbc8 0xbfc8 0x145
CopyFileW 0x0 0x40109c 0xcbcc 0xbfcc 0x75
MoveFileExW 0x0 0x4010a0 0xcbd0 0xbfd0 0x360
SetPriorityClass 0x0 0x4010a4 0xcbd4 0xbfd4 0x47d
MultiByteToWideChar 0x0 0x4010a8 0xcbd8 0xbfd8 0x367
WideCharToMultiByte 0x0 0x4010ac 0xcbdc 0xbfdc 0x511
CompareStringA 0x0 0x4010b0 0xcbe0 0xbfe0 0x61
WriteFile 0x0 0x4010b4 0xcbe4 0xbfe4 0x525
GetFileSizeEx 0x0 0x4010b8 0xcbe8 0xbfe8 0x1f1
GetLastError 0x0 0x4010bc 0xcbec 0xbfec 0x202
lstrlenA 0x0 0x4010c0 0xcbf0 0xbff0 0x54d
GetProcessHeap 0x0 0x4010c4 0xcbf4 0xbff4 0x24a
HeapFree 0x0 0x4010c8 0xcbf8 0xbff8 0x2cf
HeapReAlloc 0x0 0x4010cc 0xcbfc 0xbffc 0x2d2
lstrcpyW 0x0 0x4010d0 0xcc00 0xc000 0x548
HeapAlloc 0x0 0x4010d4 0xcc04 0xc004 0x2cb
ADVAPI32.dll (8)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
RegQueryValueExW 0x0 0x401000 0xcb30 0xbf30 0x26e
RegOpenKeyExW 0x0 0x401004 0xcb34 0xbf34 0x261
RegCreateKeyExW 0x0 0x401008 0xcb38 0xbf38 0x239
RegCloseKey 0x0 0x40100c 0xcb3c 0xbf3c 0x230
CryptGenRandom 0x0 0x401010 0xcb40 0xbf40 0xc1
CryptReleaseContext 0x0 0x401014 0xcb44 0xbf44 0xcb
CryptAcquireContextW 0x0 0x401018 0xcb48 0xbf48 0xb1
RegSetValueExW 0x0 0x40101c 0xcb4c 0xbf4c 0x27e
SHELL32.dll (2)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
SHChangeNotify 0x0 0x4010dc 0xcc0c 0xc00c 0x7f
ShellExecuteExW 0x0 0x4010e0 0xcc10 0xc010 0x121
SHLWAPI.dll (3)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
PathFindFileNameW 0x0 0x4010e8 0xcc18 0xc018 0x49
PathRemoveFileSpecW 0x0 0x4010ec 0xcc1c 0xc01c 0x8b
PathAddBackslashW 0x0 0x4010f0 0xcc20 0xc020 0x30
ntdll.dll (6)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
_aulldiv 0x0 0x4010f8 0xcc28 0xc028 0x4fe
_alldiv 0x0 0x4010fc 0xcc2c 0xc02c 0x4f6
_allrem 0x0 0x401100 0xcc30 0xc030 0x4fa
_chkstk 0x0 0x401104 0xcc34 0xc034 0x502
RtlUnwind 0x0 0x401108 0xcc38 0xc038 0x396
NtQueryVirtualMemory 0x0 0x40110c 0xcc3c 0xc03c 0x135
C:\Users\All Users\Package Cache\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}v12.0.21005\packages\vcRuntimeAdditional_x86\vc_runtimeAdditional_x86.msi.SATANA Modified File Stream
Unknown
...
»
Also Known As C:\Users\All Users\Package Cache\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}v12.0.21005\packages\vcRuntimeAdditional_x86\vc_runtimeAdditional_x86.msi.SATANA (Created File)
Mime Type application/octet-stream
File Size 140.92 KB
MD5 6406252f225f9e7973a0cceb7833e6a6 Copy to Clipboard
SHA1 c50b6f2436c45707a6b0e33f0aab65544550508b Copy to Clipboard
SHA256 ae6204f1f0d760544be66653ee9394e29cc0a3210d769662d9a533ae65e0d30f Copy to Clipboard
SSDeep 3072:fMfeo407iSGJv+bcjhcD68MfK2ix8yHhnCIngKSGUrZpJdeXX:k2o407IjhyMC2ix8yBn6en Copy to Clipboard
C:\Users\All Users\Package Cache\{3c3aafc8-d898-43ec-998f-965ffdae065a}\state.rsm.SATANA Modified File Stream
Unknown
...
»
Also Known As C:\Users\All Users\Package Cache\{3c3aafc8-d898-43ec-998f-965ffdae065a}\state.rsm.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.58 KB
MD5 159adabcb32e7d173844f81cd43dad88 Copy to Clipboard
SHA1 6bfa87e81819f4e052e84531393d46fdd5fa7d4d Copy to Clipboard
SHA256 a6354e956429061fcb6fd18fef378230854806fc750b02e5ea3ed1bda160a92f Copy to Clipboard
SSDeep 24:ELWKc8YPKVbz7H9GuGpg9E3JtOTnqUEWxTD2qlw9Nc/tVD4qxfR3GKUhn68IRdZa:ELc8YC17H/9monhEWd5iNWB4qO9iq1 Copy to Clipboard
C:\Users\All Users\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030\packages\vcRuntimeMinimum_x86\vc_runtimeMinimum_x86.msi.SATANA Modified File Stream
Unknown
...
»
Also Known As C:\Users\All Users\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030\packages\vcRuntimeMinimum_x86\vc_runtimeMinimum_x86.msi.SATANA (Created File)
Mime Type application/octet-stream
File Size 148.92 KB
MD5 83f0aaab3af5ce24107b7e58fa90b14d Copy to Clipboard
SHA1 991df8b1bfe87bf915c99582c3a698267854ba35 Copy to Clipboard
SHA256 75defe3b86544e3475ab85b35d37a86011e6709c973b8d2f5245b7be43e70436 Copy to Clipboard
SSDeep 3072:+W9GQr09Nzv3D+V5yBqvacS51j4XBdMmcL8V0:PMqYfqCcS51j4XBK60 Copy to Clipboard
C:\Users\All Users\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030\packages\vcRuntimeMinimum_amd64\cab1.cab.SATANA Modified File Stream
Unknown
...
»
Also Known As C:\Users\All Users\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030\packages\vcRuntimeMinimum_amd64\cab1.cab.SATANA (Created File)
Mime Type application/octet-stream
File Size 791.72 KB
MD5 0592a379370a2c3da72c9755cae228d1 Copy to Clipboard
SHA1 353d707a7556c6916c14ed48a1c72e5fb0885ec9 Copy to Clipboard
SHA256 cc6346c297dce84cc5171250310324689bf90aac44b87c3967a83bcbb3085f9b Copy to Clipboard
SSDeep 24576:dbSZmbaiq334Hoqpn7AhzLtSd+4XzwESjyBSQ:dqmba34HowElZSd+4DwBdQ Copy to Clipboard
C:\Users\Public\Desktop\Mozilla Firefox.lnk Modified File Stream
Unknown
...
»
Also Known As C:\Users\Public\Desktop\Mozilla Firefox.lnk.SATANA (Created File)
Mime Type application/octet-stream
File Size 2.06 KB
MD5 3c1ae7da7f30f11a3cf00186f3d7d66d Copy to Clipboard
SHA1 bab55f239581dc02f9cf604e45fb389b7a7b5d13 Copy to Clipboard
SHA256 70e54a4ac65caa145da36fead6a9ae83a1bf21af7ab01b525a05a96fc743fb8d Copy to Clipboard
SSDeep 48:G5h+UsLRAgRUVsm0MYycewT5CEPo+E+l/6krBiNWB4qO9iq5:GrOAgRH3MlIoV+6RNFqO9iS Copy to Clipboard
C:\Users\Default\Favorites\Microsoft Websites\Microsoft At Work.url Modified File Stream
Unknown
...
»
Also Known As C:\Users\Default\Favorites\Microsoft Websites\Microsoft At Work.url.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.06 KB
MD5 f85a97d98ea0d334596e300b28745792 Copy to Clipboard
SHA1 e7bc5bbe63f1906acb387a201dbbaa5d75c95137 Copy to Clipboard
SHA256 419f037eb8a8656ee8ab2ebbfe5bec207bc9c9fc924a81a9d0a975e1a5c61bfd Copy to Clipboard
SSDeep 24:8/4hQOHGqlw9Nc/tVD4qxfR3GKUhn68IRdZ36HqJqRAu:8kQOH1iNWB4qO9iqGu Copy to Clipboard
C:\Users\Default\Favorites\MSN Websites\MSN.url Modified File Stream
Unknown
...
»
Also Known As C:\Users\Default\Favorites\MSN Websites\MSN.url.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.06 KB
MD5 d73edb78a72d1cd8f13b5321137ee4f2 Copy to Clipboard
SHA1 eb381de9348113d67c84797769485062aa373e28 Copy to Clipboard
SHA256 606ce23ced886b5907f0d1095293df4124e284e39ff39f7aff72d03d354d9acb Copy to Clipboard
SSDeep 24:L87dTE/7iIqlw9Nc/tVD4qxfR3GKUhn68IRdZ36H2Zit:L8tQIiNWB4qO9iqWZI Copy to Clipboard
C:\Users\Public\Music\Sample Music\desktop.ini Modified File Stream
Unknown
...
»
Also Known As C:\Users\Public\Music\Sample Music\desktop.ini.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.50 KB
MD5 7e153adc2c3923e021565711e47f844a Copy to Clipboard
SHA1 7e3401eaca655075e1f637c3ab062887fa38cf64 Copy to Clipboard
SHA256 7bd47166f15750257d3076b3b03e6353d94f5cc78b6904d85d5fda22dd43bbfa Copy to Clipboard
SSDeep 24:qOUB6Q+1Xf8a6remjURZOEtOUW+0pL0Wqlw9Nc/tVD4qxfR3GKUhn68IRdZ36Hug:FUB6Q8OQ/9TWLpL0liNWB4qO9iqcM Copy to Clipboard
C:\Users\All Users\Package Cache\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}v12.0.21005\packages\vcRuntimeMinimum_amd64\vc_runtimeMinimum_x64.msi.SATANA Modified File Stream
Unknown
...
»
Also Known As C:\Users\All Users\Package Cache\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}v12.0.21005\packages\vcRuntimeMinimum_amd64\vc_runtimeMinimum_x64.msi.SATANA (Created File)
Mime Type application/octet-stream
File Size 140.92 KB
MD5 b1e8e603cfbcca96c515428ef9141792 Copy to Clipboard
SHA1 e7cc5d400bf7a12e27cb6a51828f1ae52eaf0972 Copy to Clipboard
SHA256 c2ba064ae2c9aa521f6171f750f178c8f147c3e6d78a41ff6c6e928f967c4f70 Copy to Clipboard
SSDeep 3072:CRQws68pGJvtXUc7r9hxjwiIXpBCIngNPPBN8JA+zmrC8Z7N:Ys68kUir9TwiIXXKncA0mrC8Z7N Copy to Clipboard
C:\Users\Default\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms Modified File Stream
Unknown
...
»
Also Known As C:\Users\Default\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms.SATANA (Created File)
Mime Type application/octet-stream
File Size 512.92 KB
MD5 c190d986df63214b7c07326f8925ffe5 Copy to Clipboard
SHA1 8ed4f852b8bff91f0be43c089476a1933bb9b519 Copy to Clipboard
SHA256 9c0c8f8527a5fbae96ab0b3bd8b271ac100fdf576a819ad48c2b73d7a7db7eb6 Copy to Clipboard
SSDeep 6144:F+V7lapShkOvXfZpPHSuL8ESolR/EEEYNU5NlOjoPD:FU7wQX/PyKlSomPojob Copy to Clipboard
C:\Users\Public\Pictures\Sample Pictures\Jellyfish.jpg Modified File Stream
Unknown
...
»
Also Known As C:\Users\Public\Pictures\Sample Pictures\Jellyfish.jpg.SATANA (Created File)
Mime Type application/octet-stream
File Size 758.45 KB
MD5 6406080c45b516a8d2d58ea1eac4b884 Copy to Clipboard
SHA1 9017dc19c37f61ece97a4561d842fe36b9782a28 Copy to Clipboard
SHA256 8e74da48733d9bd0f062453eed0d026cd6f68d3393fb25e6cc0e8375bdc5838f Copy to Clipboard
SSDeep 12288:dZGwWgNn0OZ1O/rrVbH8x1n9t2qH/YO0AwIY72f1HAUkERytg3S5IPqW9:jGwW60pHSx19t4rB6f1lXRytp3q Copy to Clipboard
C:\Users\All Users\Package Cache\{e52a6842-b0ac-476e-b48f-378a97a67346}\VC_redist.x64.exe.SATANA Modified File Stream
Unknown
...
»
Also Known As C:\Users\All Users\Package Cache\{e52a6842-b0ac-476e-b48f-378a97a67346}\VC_redist.x64.exe.SATANA (Created File)
Mime Type application/octet-stream
File Size 764.48 KB
MD5 892dd791341c6cae660b07f97fe09c30 Copy to Clipboard
SHA1 4d6c6966c8a1bfbea8af958bf066fa460def8fb2 Copy to Clipboard
SHA256 c7bb43f087e42058e30ee488576e018459968300feccd4b8af6847023a2c8f9c Copy to Clipboard
SSDeep 12288:3Vo4016qQxa7vEFfCbNf5TQ8dWmZ9FxtRuPBTwBfHooX2+3Dh6Ha:3VoX1A+8Ffm3M8dWy9Lt0P1Uoo/Df Copy to Clipboard
C:\Users\Default\Contacts\desktop.ini Modified File Stream
Unknown
...
»
Also Known As C:\Users\Default\Contacts\desktop.ini.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.33 KB
MD5 e403e78e6508e1076b1f67b883cb9e9c Copy to Clipboard
SHA1 3cb39aa626a5f4dd53e649042a4211a8995f9a23 Copy to Clipboard
SHA256 10167958e10e47ffc4d53dee6c97ad07e723c8bf357c46551c34c11ef4b90773 Copy to Clipboard
SSDeep 24:EBpSV0tXBLAjUmq2CnWYqlw9Nc/tVD4qxfR3GKUhn68IRdZ36HaVo:08VOlAjkrnWHiNWB4qO9iqco Copy to Clipboard
C:\Users\Default\Downloads\desktop.ini Modified File Stream
Unknown
...
»
Also Known As C:\Users\Default\Downloads\desktop.ini.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.20 KB
MD5 5b025d58fcddbc0b4f52245fc52a7389 Copy to Clipboard
SHA1 b0b3d11f9a8ecfe54cfd37bc660c6f1fa3a837fc Copy to Clipboard
SHA256 26d4ddfae9db9505de9643abe2868fb81005acb11f61461585f4a9b3295bb5a3 Copy to Clipboard
SSDeep 24:FVoopBkqlw9Nc/tVD4qxfR3GKUhn68IRdZ36HoQni:FVooHiNWB4qO9iqIyi Copy to Clipboard
C:\Users\Default\Favorites\Microsoft Websites\Microsoft Store.url Modified File Stream
Unknown
...
»
Also Known As C:\Users\Default\Favorites\Microsoft Websites\Microsoft Store.url.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.06 KB
MD5 a8d7cafdc8e27b07f26b725c393e248b Copy to Clipboard
SHA1 66e54499b5b73d1e4756a6ff8c53c25f9054b29d Copy to Clipboard
SHA256 de34a6ada4e2a70e662a8d36061f28c6560ab448c51770d7cd4c3dc4c60a6dc8 Copy to Clipboard
SSDeep 24:JlSBdsyU0JuZmYqlw9Nc/tVD4qxfR3GKUhn68IRdZ36HH:GLxqIiNWB4qO9iqn Copy to Clipboard
C:\Users\Default\Favorites\MSN Websites\MSN Sports.url Modified File Stream
Unknown
...
»
Also Known As C:\Users\Default\Favorites\MSN Websites\MSN Sports.url.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.06 KB
MD5 ceeacc4d9ced6923cdc0c795c2730a31 Copy to Clipboard
SHA1 223f6b83359368a83038cf29c544f7e6b16d9a96 Copy to Clipboard
SHA256 b3a8bfa0caf711f3ce6b1e906bb732e58640042d64320b2bf510237cac80175d Copy to Clipboard
SSDeep 24:XlBhlOTlEJZrzqlw9Nc/tVD4qxfR3GKUhn68IRdZ36HnC:N8pEJZAiNWB4qO9iqHC Copy to Clipboard
C:\Users\Public\Pictures\Sample Pictures\Hydrangeas.jpg Modified File Stream
Unknown
...
»
Also Known As C:\Users\Public\Pictures\Sample Pictures\Hydrangeas.jpg.SATANA (Created File)
Mime Type application/octet-stream
File Size 582.27 KB
MD5 b9c42e6db4b02b62643f54ab35fd311e Copy to Clipboard
SHA1 cc11ffbe02f840d13cd141e796116854add0454f Copy to Clipboard
SHA256 f6f08fb5b5d38b7d321f525ba0957677d7f358e1a544b7382a96538b2e86574e Copy to Clipboard
SSDeep 12288:Z6NJoQD5bF9iEjyEn3PCsW3um/WqneWYPoo6L8Pa+GlPLwme:cN5bF9zyEnfnWYd16MtIc Copy to Clipboard
C:\Users\All Users\Package Cache\{929FBD26-9020-399B-9A7A-751D61F0B942}v12.0.21005\packages\vcRuntimeAdditional_amd64\vc_runtimeAdditional_x64.msi.SATANA Modified File Stream
Not Queried
...
»
Also Known As C:\Users\All Users\Package Cache\{929FBD26-9020-399B-9A7A-751D61F0B942}v12.0.21005\packages\vcRuntimeAdditional_amd64\vc_runtimeAdditional_x64.msi.SATANA (Created File)
Mime Type application/octet-stream
File Size 140.92 KB
MD5 fd398eafa21fed67c832d011a945292c Copy to Clipboard
SHA1 4dd4107e4e4765136c2fcab41daa58cfb4cac508 Copy to Clipboard
SHA256 7152bbe2fcd487088ad88cf438f26bc265cbb9327b05dad79b9421fa8e9ad4e0 Copy to Clipboard
SSDeep 3072:yqeSPWGJvkgcWGvBnJdiizjLfCIngEQ/RGoeawpFb9yyR3:5nzGxJdiiz3fJQ/8oFSF9yyJ Copy to Clipboard
C:\Users\All Users\Package Cache\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}v12.0.21005\packages\vcRuntimeMinimum_amd64\cab1.cab.SATANA Modified File Stream
Not Queried
...
»
Also Known As C:\Users\All Users\Package Cache\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}v12.0.21005\packages\vcRuntimeMinimum_amd64\cab1.cab.SATANA (Created File)
Mime Type application/octet-stream
File Size 0.99 MB
MD5 bdee88896b05c9e03712faff53522059 Copy to Clipboard
SHA1 7e4c4ec595a0ed4c90675a61d8a169e372a03efb Copy to Clipboard
SHA256 8ed4d17fc585e16f5ff3d7e4ed7cdfa9f039297541142fd23f9b51c5d763d10c Copy to Clipboard
SSDeep 24576:VuZ4cf4ngZN2mYrbH8biWG6vebmXm7T71sBetEpONyOIn:V8bf4ENHYrDsvGkeiW7/kFwIn Copy to Clipboard
C:\Users\Default\Favorites\Windows Live\Get Windows Live.url Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Default\Favorites\Windows Live\Get Windows Live.url.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.06 KB
MD5 a7e7a8a8c9321a162a771f3ca443a056 Copy to Clipboard
SHA1 a32823d8d916ae3d1251a34572e0c913ba8b4f56 Copy to Clipboard
SHA256 7c286537275798925d93d82606412bbefada548f0efa3be88f765446a9d2d14d Copy to Clipboard
SSDeep 24:ENGMaz81Jgiqlw9Nc/tVD4qxfR3GKUhn68IRdZ36HYLpA:EhaziJgRiNWB4qO9iq4LpA Copy to Clipboard
C:\Users\All Users\Package Cache\54050A5F8AE7F0C56E553F0090146C17A1D2BF8D\packages\Patch\x64\Windows6.1-KB2999226-x64.msu.SATANA Modified File Stream
Not Queried
...
»
Also Known As C:\Users\All Users\Package Cache\54050A5F8AE7F0C56E553F0090146C17A1D2BF8D\packages\Patch\x64\Windows6.1-KB2999226-x64.msu.SATANA (Created File)
Mime Type application/octet-stream
File Size 0.99 MB
MD5 ac2e1679fcda410f9bdfa1473247adff Copy to Clipboard
SHA1 58c5e624739a03c4e340c9f175efd0374cba7bb0 Copy to Clipboard
SHA256 dd85647019925f28bcd69d06e148d7ed66723d8e933204e47f073bbd4ea6a4d3 Copy to Clipboard
SSDeep 24576:YzBENL8cHGui4zaNFYzNhBsvFYqt1lGjQ0:YSJH24mIzai3F Copy to Clipboard
C:\Users\Default\Favorites\Microsoft Websites\IE Add-on site.url Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Default\Favorites\Microsoft Websites\IE Add-on site.url.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.06 KB
MD5 23edbf6eed745c358ea08bc5116f3e14 Copy to Clipboard
SHA1 16aa7f77cbbe66861c031ec4feca2250a9dd181b Copy to Clipboard
SHA256 2d3253ca7d034ac2099d322a7d975d2b8538a54279ee2e71b36161d8544c2d00 Copy to Clipboard
SSDeep 24:YwmwSCb/9GA6qlw9Nc/tVD4qxfR3GKUhn68IRdZ36H9Sjg:Y/w1bFGwiNWB4qO9iqdSjg Copy to Clipboard
C:\Users\Default\Favorites\MSN Websites\MSN Entertainment.url Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Default\Favorites\MSN Websites\MSN Entertainment.url.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.06 KB
MD5 24b5625ae9d93b0b33636c25d686152b Copy to Clipboard
SHA1 dc7c91f04db0026b1ebfa94043be154b5b1387ed Copy to Clipboard
SHA256 f9f0ec19d767c1f3587a8690057f4014558f1438668fc58ff049941543ab3447 Copy to Clipboard
SSDeep 24:f6Ei+i594Jwqlw9Nc/tVD4qxfR3GKUhn68IRdZ36HoQ+v:SEi78viNWB4qO9iqIQ+v Copy to Clipboard
C:\Users\All Users\Package Cache\{e6e75766-da0f-4ba2-9788-6ea593ce702d}\state.rsm.SATANA Modified File Stream
Not Queried
...
»
Also Known As C:\Users\All Users\Package Cache\{e6e75766-da0f-4ba2-9788-6ea593ce702d}\state.rsm.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.58 KB
MD5 9a449f919a5e787980f861fee186c68b Copy to Clipboard
SHA1 74937d2df3598868e2da45cc9261d7ec5e563d87 Copy to Clipboard
SHA256 042f309f145843f64c0e7dce6c55f8242f32221c3f5f71f49c896f7c8ce71bef Copy to Clipboard
SSDeep 24:JEaBxFBNDUw21mEhWcOGS1S9I9TZZgwbS8Fqlw9Nc/tVD4qxfR3GKUhn68IRdZ3E:6YDkhhRS108dZlG8miNWB4qO9iqP Copy to Clipboard
C:\Users\All Users\Mozilla\logs\maintenanceservice-install.log.SATANA Modified File Stream
Not Queried
...
»
Also Known As C:\Users\All Users\Mozilla\logs\maintenanceservice-install.log.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.09 KB
MD5 49dbcdad6a181435670bd94ce8c6e275 Copy to Clipboard
SHA1 401258a37c524d76fe66df8e12766f414a00fe33 Copy to Clipboard
SHA256 a6630240df07439efbd17f817041095b4f4490c5f2e54a4418c8505d0618fdfd Copy to Clipboard
SSDeep 24:Wp4bI3Gcgxqlw9Nc/tVD4qxfR3GKUhn68IRdZ36HLK:WlrgyiNWB4qO9iqrK Copy to Clipboard
C:\Users\Default\Documents\desktop.ini Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Default\Documents\desktop.ini.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.33 KB
MD5 6582edae8dead80bd56384ccf81f5b5a Copy to Clipboard
SHA1 0cc21bfdcbfb4fbe11e18836669998876c2c28af Copy to Clipboard
SHA256 e577a1f91958c53f6b581d3753d2d80a8cb610cee5659f4621c5c1d6fa72bdf0 Copy to Clipboard
SSDeep 24:tS4YjFr/heDAAeoe8tlqlw9Nc/tVD4qxfR3GKUhn68IRdZ36HXk:wZtJye8wiNWB4qO9iq3k Copy to Clipboard
C:\Users\All Users\Package Cache\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}v12.0.21005\packages\vcRuntimeMinimum_x86\cab1.cab.SATANA Modified File Stream
Not Queried
...
»
Also Known As C:\Users\All Users\Package Cache\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}v12.0.21005\packages\vcRuntimeMinimum_x86\cab1.cab.SATANA (Created File)
Mime Type application/octet-stream
File Size 974.61 KB
MD5 a1f918fba95338c48dde229589cbe88e Copy to Clipboard
SHA1 5405bdfb1ec4365e9d746cc46e8e7a90f806e54c Copy to Clipboard
SHA256 083747c4698fab7244e79312fc8919272801f2b0c2f394006e13629164bfc40a Copy to Clipboard
SSDeep 12288://OkXhk6FbE1JjtNJ2+6J6sXw57OeC9Yv4nceIR48XhVcBVd9y5Wp1d7XKDOFKna:/2EC6FbEXjtKGowyyUdes7YOALsUmI8n Copy to Clipboard
C:\Users\Public\Music\Sample Music\Kalimba.mp3 Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Public\Music\Sample Music\Kalimba.mp3.SATANA (Created File)
Mime Type application/octet-stream
File Size 8.03 MB
MD5 1b60c8fe2d034be1f875f3052eacfcdc Copy to Clipboard
SHA1 ba1f747882e30cfab4704a9a4f55dd54796ec92a Copy to Clipboard
SHA256 6cefda3473b85e26d3582f8deed48fcd4a831cd7fce20ccbc71b320f3d434fc0 Copy to Clipboard
SSDeep 196608:+I0beybbxG3R18JvA/6ue4Y24qE46IV2qpOosFHGBT3OnBoJDk0r:+IweMFGBKeNY2HE302qpOHGBfNVr Copy to Clipboard
C:\Users\Default\Links\Downloads.lnk Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Default\Links\Downloads.lnk.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.80 KB
MD5 9d25a092108146f9ce88bc74e8ab4671 Copy to Clipboard
SHA1 487f3ffb1089611eb74cd2c7ae31f10a8bcc4fce Copy to Clipboard
SHA256 62e142b34800998aa5afb075f576a92d425921af1b9bd9a84af8377e2bad7dba Copy to Clipboard
SSDeep 48:zsXof1qCvByQmR3l5vpsDsMJ0+iNWB4qO9iqZKW:Q4fkyAQmlHpYsMJ0NNFqO9ic3 Copy to Clipboard
C:\Users\Default\Favorites\Windows Live\Windows Live Gallery.url Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Default\Favorites\Windows Live\Windows Live Gallery.url.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.06 KB
MD5 5ba4748f5319537fc939b5ae0a7de829 Copy to Clipboard
SHA1 ed816b65dc6b844b18f6cc24c7273661d7610ac1 Copy to Clipboard
SHA256 74f48dda4e2a6f151ef1fb17da1a69d6d2ecdd9c4997bc72d5e44414a56ca3ff Copy to Clipboard
SSDeep 24:yn/dts2iqlw9Nc/tVD4qxfR3GKUhn68IRdZ36HLT:CsgiNWB4qO9iqX Copy to Clipboard
C:\Users\All Users\Package Cache\{E512788E-C50B-3858-A4B9-73AD5F3F9E93}v14.10.25017\packages\vcRuntimeAdditional_amd64\cab1.cab.SATANA Modified File Stream
Not Queried
...
»
Also Known As C:\Users\All Users\Package Cache\{E512788E-C50B-3858-A4B9-73AD5F3F9E93}v14.10.25017\packages\vcRuntimeAdditional_amd64\cab1.cab.SATANA (Created File)
Mime Type application/octet-stream
File Size 5.61 MB
MD5 3bb20168843428e639d9c2008cf2bfba Copy to Clipboard
SHA1 e8643978291633e70d5c54c0bd809b1a323598b7 Copy to Clipboard
SHA256 08a784dbb0b16d60ba4236eed52b4d9aad620b04ace16481c6aae56b9ca4d65e Copy to Clipboard
SSDeep 98304:Bkzc27Boh2h5Or7bPQiA0biM+8d0uGwGMebhv/hKIulmcDhwWjBkKqTk9vkp:KxBA2hAvPQiv+I8wGLdZKIuUcDhr1kKm Copy to Clipboard
C:\Users\Public\Libraries\desktop.ini Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Public\Libraries\desktop.ini.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.02 KB
MD5 fe7a64142b9ee3ab7f0922995f77a799 Copy to Clipboard
SHA1 6248c1cdbfa5b442b229bee2c34f62aac548de25 Copy to Clipboard
SHA256 f4312bc5fc2d8427e590f8bd8da4d13eeed115ee05e80c1f99c27a357a3d7ee1 Copy to Clipboard
SSDeep 24:X63WFmDCs14qasgGqlw9Nc/tVD4qxfR3GKUhn68IRdZ36HLJZ:K3Wo0ZiNWB4qO9iqVZ Copy to Clipboard
C:\Users\Default\Pictures\desktop.ini Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Default\Pictures\desktop.ini.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.42 KB
MD5 6913aa8b42eb45cbd2c3cacec4635053 Copy to Clipboard
SHA1 cf2333228d6aa1da162d2951e13618d0c630cbc7 Copy to Clipboard
SHA256 777a1a146d1488ba5772a5397900a694790a43618d61149923278bd0ce92a22b Copy to Clipboard
SSDeep 24:iElLpzF53pOUDektAY9eXhnHgXfFsXVFideVEvqlw9Nc/tVD4qxfR3GKUhn68IRU:DzHBtAYMxnC+X6defiNWB4qO9iqK2 Copy to Clipboard
C:\Users\Public\Desktop\Adobe Reader X.lnk Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Public\Desktop\Adobe Reader X.lnk.SATANA (Created File)
Mime Type application/octet-stream
File Size 2.91 KB
MD5 f9072ce1b9b8a2ec8e59fcc17907c85c Copy to Clipboard
SHA1 b9660ec8401b8d2bacca726652c2a75cf52352e7 Copy to Clipboard
SHA256 98c693f392a1f08dd3b7c7c2dbe08d8a4bcf3c25ccfc30b16658dbab0c5dedac Copy to Clipboard
SSDeep 48:S14BIKHgPiJsbZBPpUR+YKcD7UFu225VHVkgT9ppdeCslU54iNWB4qO9iqp:egtJsNgrK+bLVjT9p70OPNFqO9iC Copy to Clipboard
C:\Users\All Users\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030\packages\vcRuntimeAdditional_x86\vc_runtimeAdditional_x86.msi.SATANA Modified File Stream
Not Queried
...
»
Also Known As C:\Users\All Users\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030\packages\vcRuntimeAdditional_x86\vc_runtimeAdditional_x86.msi.SATANA (Created File)
Mime Type application/octet-stream
File Size 148.92 KB
MD5 befd2f43d1749dce9068eedc505b6f8e Copy to Clipboard
SHA1 fc5bb421430a297286064f36b665a9e65d10f0e1 Copy to Clipboard
SHA256 4540f94eda1f1b68741691af0b7afdcb8cc01a534b0b3022b22baedf2cd17b8e Copy to Clipboard
SSDeep 3072:i5iyNWcOGQr09YzHs3D+VX5Hw6/XRBIffYXN33nY8GibX:i5iy9qDHuS5Hw6/XRBIf03Mk Copy to Clipboard
C:\Users\All Users\Package Cache\{3c3aafc8-d898-43ec-998f-965ffdae065a}\vcredist_x64.exe.SATANA Modified File Stream
Not Queried
...
»
Also Known As C:\Users\All Users\Package Cache\{3c3aafc8-d898-43ec-998f-965ffdae065a}\vcredist_x64.exe.SATANA (Created File)
Mime Type application/octet-stream
File Size 453.09 KB
MD5 a22230912a5b686020bcb4d131ff3a1e Copy to Clipboard
SHA1 eb989a24f385d04ddc4f175b465436c2444f2af6 Copy to Clipboard
SHA256 a4667b7e50acdfb1cd55231b0718bb040f25f2dc6bff2c68794c1449330ae223 Copy to Clipboard
SSDeep 6144:RLhS/IMOxZ8AiVUvpflp0PDbLe/1wLmGMqn536jmL+ZM/CFQNOfEtkq+AO2+1y8e:bSdAi2p96HLeqLmDq8jrxQN/tkHc3 Copy to Clipboard
C:\Users\All Users\Package Cache\{68306422-7C57-373F-8860-D26CE4BA2A15}v14.10.25017\packages\vcRuntimeAdditional_x86\cab1.cab.SATANA Modified File Stream
Not Queried
...
»
Also Known As C:\Users\All Users\Package Cache\{68306422-7C57-373F-8860-D26CE4BA2A15}v14.10.25017\packages\vcRuntimeAdditional_x86\cab1.cab.SATANA (Created File)
Mime Type application/octet-stream
File Size 4.96 MB
MD5 a8ae1215015e8588cca9814bca0bfb08 Copy to Clipboard
SHA1 a2c67e27e6a6ae1247b1bb0e7da35141f5fd1e0d Copy to Clipboard
SHA256 f7767f874b2844eae12e1116a738604f2cce848eeda83b242969be1aa0f4120c Copy to Clipboard
SSDeep 98304:BWRQJzh7+R/T8O3JqogVovIMocp452/nmlgJgoQcWM/HB8S1O8b2f4:JZh7azAQvIMoI/uoQs/B8vxf4 Copy to Clipboard
C:\Users\All Users\Package Cache\{e52a6842-b0ac-476e-b48f-378a97a67346}\state.rsm.SATANA Modified File Stream
Not Queried
...
»
Also Known As C:\Users\All Users\Package Cache\{e52a6842-b0ac-476e-b48f-378a97a67346}\state.rsm.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.67 KB
MD5 00a9d129c62a2b939255b8ea1ee6fdca Copy to Clipboard
SHA1 63c6ed4c4a6f3593c304fbc670a39031275aedb0 Copy to Clipboard
SHA256 eca28a56a1963a9fe8cae41b3bc0aa78071c572f2a6d7194d50e7bb750effa77 Copy to Clipboard
SSDeep 48:5CWHNyHmQpgV8zcCxtCAzM3Ar0iNWB4qO9iqt9fw:MW4FpgubL4ULNFqO9imfw Copy to Clipboard
C:\Users\Default\Desktop\desktop.ini Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Default\Desktop\desktop.ini.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.20 KB
MD5 e14749dc9d0bf5fccab506dda6743e72 Copy to Clipboard
SHA1 7a5ba4c3fe09d4802169edded22602dbcb238458 Copy to Clipboard
SHA256 27dfc38aae8c71aac9188c00ef325770391e78ec9251cb7db2534aeafe6ead8b Copy to Clipboard
SSDeep 24:CAwBp+uClZr4VdfiBQ8qlw9Nc/tVD4qxfR3GKUhn68IRdZ36Hb:CA/ugZradfi2iNWB4qO9iq7 Copy to Clipboard
C:\Users\All Users\Package Cache\{E512788E-C50B-3858-A4B9-73AD5F3F9E93}v14.10.25017\packages\vcRuntimeAdditional_amd64\vc_runtimeAdditional_x64.msi.SATANA Modified File Stream
Not Queried
...
»
Also Known As C:\Users\All Users\Package Cache\{E512788E-C50B-3858-A4B9-73AD5F3F9E93}v14.10.25017\packages\vcRuntimeAdditional_amd64\vc_runtimeAdditional_x64.msi.SATANA (Created File)
Mime Type application/octet-stream
File Size 140.92 KB
MD5 90269cdc1f764d93e678e85a56119a25 Copy to Clipboard
SHA1 120216ec5ab107b518d2ba5ed46055eacbea8019 Copy to Clipboard
SHA256 b615a180b47fa7eadbdeb709d06a40eff2b23ba32e07745094ce645a51b23279 Copy to Clipboard
SSDeep 3072:XA2B9eHwhAYcj/DiSyefCXCIng8zTgV40KFUvKw3ZWI:XgYgiSyefCXxzzTFpw3wI Copy to Clipboard
C:\Users\Default\NTUSER.DAT.LOG Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Default\NTUSER.DAT.LOG.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.92 KB
MD5 a05ad424a1c8f87a292ba3356bf8c3ac Copy to Clipboard
SHA1 81c7b5c03f688556700c712b582febc573901a18 Copy to Clipboard
SHA256 ebcb0d1d43cdaab0874a7f9945b4a889002fe0c8d710fc8763696fa62dc08b2c Copy to Clipboard
SSDeep 48:EEeDBOEhxL5kgsxwVYh5hZtdLKU1iNWB4qO9iq4O:E3dVtAx6YHh3dL6NFqO9iDO Copy to Clipboard
C:\Users\Public\Downloads\desktop.ini Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Public\Downloads\desktop.ini.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.09 KB
MD5 8ce9f7a402489bca83dd335b0924088e Copy to Clipboard
SHA1 4668d1f2eaae8316a817811736aad6d5dafc8644 Copy to Clipboard
SHA256 6bb7d5b2cb8464cc568a1db8824c18091b8f70e6feb458fa5e6fedea2f9b9630 Copy to Clipboard
SSDeep 24:/HhR/uKemx+K1usMqlw9Nc/tVD4qxfR3GKUhn68IRdZ36HsB:T/tDuciNWB4qO9iqU Copy to Clipboard
C:\Users\All Users\Package Cache\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}v12.0.21005\packages\vcRuntimeMinimum_x86\vc_runtimeMinimum_x86.msi.SATANA Modified File Stream
Not Queried
...
»
Also Known As C:\Users\All Users\Package Cache\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}v12.0.21005\packages\vcRuntimeMinimum_x86\vc_runtimeMinimum_x86.msi.SATANA (Created File)
Mime Type application/octet-stream
File Size 140.92 KB
MD5 e57d07beb2d0b6239003b0009f6cac05 Copy to Clipboard
SHA1 323068caf39cf2868f971eacd6d476cb940635d7 Copy to Clipboard
SHA256 e41dd7f60f5041207a882130ebbf8a3e939a3d365dedd8070a53df073f6ec4dd Copy to Clipboard
SSDeep 3072:GYvmMGJv5rUYbYeczRCiYM7CInglSFiRpEBSMNQ93FI:GtQ2BWRCiY4XIzEBS0Ey Copy to Clipboard
C:\Users\desktop.ini Modified File Stream
Not Queried
...
»
Also Known As C:\Users\desktop.ini.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.09 KB
MD5 0940acb02b0ff198d9b15ee1597ae2a8 Copy to Clipboard
SHA1 b85e6b02bf005411bd81da24e0b63a23ecaa15c3 Copy to Clipboard
SHA256 784412d6b81f49f26093372c6ac8ec125c341db4db582abb8673275bb5bc59e3 Copy to Clipboard
SSDeep 24:QHfhQsebLJvsmiGqlw9Nc/tVD4qxfR3GKUhn68IRdZ36HJ:QHfhQsAzi1iNWB4qO9iqp Copy to Clipboard
C:\Users\Public\Recorded TV\Sample Media\win7_scenic-demoshort_raw.wtv Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Public\Recorded TV\Sample Media\win7_scenic-demoshort_raw.wtv.SATANA (Created File)
Mime Type application/octet-stream
File Size 9.25 MB
MD5 4e9613760cfc0cb9173ceb32ecb80405 Copy to Clipboard
SHA1 b222e1b1fe56f3a12fb4f6f1df608cd7f3b0dcee Copy to Clipboard
SHA256 e2b697c68278b4ad79614b4368e9c5587e2bcab26830f59c0cb65c6a6b054657 Copy to Clipboard
SSDeep 196608:YgCOVJ33O1UyN7iHglZ1JNzsmmQ7tbq6jZCzZTlkcEEnluDbBHsz8LDa6exW22pP:3JO1lN44/NZmQ7djSgIluug/ayJKm Copy to Clipboard
C:\Users\Public\Videos\desktop.ini Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Public\Videos\desktop.ini.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.30 KB
MD5 504383ff8924080891913e38121dc185 Copy to Clipboard
SHA1 51d4c32758c38903be9a1f0bf72084573c535b05 Copy to Clipboard
SHA256 0de05f7144229418269da4791d7d9c542ddbce4c422be8d0f5be42c0480bb2ba Copy to Clipboard
SSDeep 24:3zGYkkAywa0zFIqlw9Nc/tVD4qxfR3GKUhn68IRdZ36H07:HBAoWFiNWB4qO9iqk Copy to Clipboard
C:\Users\Public\Videos\Sample Videos\Wildlife.wmv Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Public\Videos\Sample Videos\Wildlife.wmv.SATANA (Created File)
Mime Type application/octet-stream
File Size 10.00 MB
MD5 479f5813ed7209ba404820e901837f7e Copy to Clipboard
SHA1 153d572c03cb364c7883d4be16f157e21d0264ce Copy to Clipboard
SHA256 cbaa8f08b470b26a98148cfbb9d3d6f560bcfd9eb3a4d715e5b1814c7363dfe7 Copy to Clipboard
SSDeep 196608:YMNUU6W8iG/m52HRkjtHXo+5/9xM+Z2i0SOIeFlfZ8lPQGvwGj5Yza:l6W8v/mrjf/zMw0SZeFZwPQGj Copy to Clipboard
C:\Users\Public\Recorded TV\Sample Media\desktop.ini Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Public\Recorded TV\Sample Media\desktop.ini.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.09 KB
MD5 a7dcf20a53d20d94db5198d699b33a79 Copy to Clipboard
SHA1 5ef56fbde39a070b52ff1d3adc75e1cfdfaffe6b Copy to Clipboard
SHA256 9ba22d197f4ddaa9ae6032342f0a1759f4d527687c9fd1e730cf0ad3d3571c47 Copy to Clipboard
SSDeep 24:duDjuNg0jtPl2Z0gqlw9Nc/tVD4qxfR3GKUhn68IRdZ36HiY:dyjuNgeGO/iNWB4qO9iqL Copy to Clipboard
C:\Users\Default\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Default\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms.SATANA (Created File)
Mime Type application/octet-stream
File Size 512.92 KB
MD5 25fc9f65cc6e902a2d2206dfb07578c5 Copy to Clipboard
SHA1 e1e07a7d08ad7368113b9af38753eec6c4dae133 Copy to Clipboard
SHA256 ab4675db2f1623c145aa1486bddfa8f3b80bdd9236fefa8a959fd9479bda80b5 Copy to Clipboard
SSDeep 6144:P4QluNzizfWq2ToqMr5eaVQ/EDJrAmN0aJtAv5/EQt/7VaBqYoA:AQlKziTW5ToqMdb/VAmN0abAv5TVKkA Copy to Clipboard
C:\Users\All Users\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe.SATANA Modified File Stream
Not Queried
...
»
Also Known As C:\Users\All Users\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe.SATANA (Created File)
Mime Type application/octet-stream
File Size 445.82 KB
MD5 be0e4194b08a1b996ae0718fd8267d2f Copy to Clipboard
SHA1 f9c97963cd34236b319133c2a869f7d0754e2cfb Copy to Clipboard
SHA256 2a9328ae3f21fedbdd4efa27dbb2677ce152d36f2d4195a5b7cbc1688bf90f1f Copy to Clipboard
SSDeep 12288:irAESG5rYCpiyex6+iqlEtxsaw0zEhpZzxK3:icES0wyex6+iKEt7wkMNs3 Copy to Clipboard
C:\Users\Public\Pictures\Sample Pictures\Tulips.jpg Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Public\Pictures\Sample Pictures\Tulips.jpg.SATANA (Created File)
Mime Type application/octet-stream
File Size 607.26 KB
MD5 d4d24d11bbf927bc2ecdfbc7f3d52c5e Copy to Clipboard
SHA1 bb6c94cfbd60cd49b44e5cca534159f0bfbe8271 Copy to Clipboard
SHA256 056afd3edfbcb25e0f402d269c33cd25aa3ed29f82efad1f51df5e7c4766661e Copy to Clipboard
SSDeep 12288:jeRTKP2dZiYsO2jtD9rzy47cgDzqu4Mb7ICcCwaCDl3xaJfR:jeW2n6ZDpVciznJb7wRDl3xaJfR Copy to Clipboard
C:\Users\Default\Links\desktop.ini Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Default\Links\desktop.ini.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.50 KB
MD5 cbef17f95de0e697049599e38b2cba0d Copy to Clipboard
SHA1 c994587877444a97644f76feab0d72e589817e7b Copy to Clipboard
SHA256 6519e480d859afc61355cdac5c9428ad89abfa0dbc3505572d0723e47700ee72 Copy to Clipboard
SSDeep 24:/wV2uQQ1ky3heObpz+M382iBwmcp/ch7D6qlw9Nc/tVD4qxfR3GKUhn68IRdZ36n:/lQ1kKkAZT82iemgUhRiNWB4qO9iqbOM Copy to Clipboard
C:\Users\All Users\Package Cache\{8D4F7A6D-6B81-3DC8-9C21-6008E4866727}v14.10.25017\packages\vcRuntimeMinimum_amd64\cab1.cab.SATANA Modified File Stream
Not Queried
...
»
Also Known As C:\Users\All Users\Package Cache\{8D4F7A6D-6B81-3DC8-9C21-6008E4866727}v14.10.25017\packages\vcRuntimeMinimum_amd64\cab1.cab.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.40 MB
MD5 851daab1d9093c5100ff6858f44ccfcb Copy to Clipboard
SHA1 b5ff5d130d55b81a03e71d286ced79a59f895484 Copy to Clipboard
SHA256 deb9f78dd241c049e1a8d798d6fe612153683b74767f492bfb2845a86e2cecab Copy to Clipboard
SSDeep 24576:3h9QRMBwBjeWAKE19Q2UZGovX2bmgbSzr/DhVVjTnfhDzzXASTL8qUeQ:3h9QqGNeWAKEPQ3bgSzX1jT1zw8L8z9 Copy to Clipboard
C:\Users\All Users\Adobe\ARM\Reader_10.0.0\AdbeRdrUpd10116_MUI.msp.SATANA Modified File Stream
Not Queried
...
»
Also Known As C:\Users\All Users\Adobe\ARM\Reader_10.0.0\AdbeRdrUpd10116_MUI.msp.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.34 MB
MD5 818d8c286b034e7c9377ac64c52e3294 Copy to Clipboard
SHA1 bc239e73122998141e144199d02680d559613d37 Copy to Clipboard
SHA256 4650e76d3867ced5c521f6a202278dcb0f8c2df1f37fda8a65f450b63e4293e8 Copy to Clipboard
SSDeep 24576:+zLgRvoVWHxVslEP4psT4zexQjX79kU5Xz30qMGdZO2iofLxvKun04a:+oKwwRpsT4zeqSU5D0PGdZndKun0r Copy to Clipboard
C:\Users\All Users\Package Cache\{f325f05b-f963-4640-a43b-c8a494cdda0f}\VC_redist.x86.exe.SATANA Modified File Stream
Not Queried
...
»
Also Known As C:\Users\All Users\Package Cache\{f325f05b-f963-4640-a43b-c8a494cdda0f}\VC_redist.x86.exe.SATANA (Created File)
Mime Type application/octet-stream
File Size 764.47 KB
MD5 1fe4d3bdce20d3a2b86214fabadc9ff5 Copy to Clipboard
SHA1 103a2d0ad72ddfa98f79f8d38f717163a38e0692 Copy to Clipboard
SHA256 cf8da81c0457008ad870717934199fbfa089651ced2aeec82881508d039fa169 Copy to Clipboard
SSDeep 12288:1jibKKqA8BNJFMkOJZMOj7GyuFEoCtXiaHbI7CtqofCThZHA7jaDGe:1jibKQ2L0j7GNFERtC9hG7cGe Copy to Clipboard
C:\Users\All Users\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\state.rsm.SATANA Modified File Stream
Not Queried
...
»
Also Known As C:\Users\All Users\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\state.rsm.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.56 KB
MD5 495e1a83b9502bc5bcee244c8cc0cc3a Copy to Clipboard
SHA1 89427e19235d06befe6d77d1284e8d64d7915b2e Copy to Clipboard
SHA256 e80443672120a7e9d30b61d132b6100d68e1acce16d1c61a4dcbc6481d279b10 Copy to Clipboard
SSDeep 24:pPx8cPNB9EFhhDaXWGrzJQT8W62qlw9Nc/tVD4qxfR3GKUhn68IRdZ36HYW:pPKcX9u2mGCoWaiNWB4qO9iqN Copy to Clipboard
C:\Users\Public\Pictures\desktop.ini Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Public\Pictures\desktop.ini.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.30 KB
MD5 9cca80c3185a214e01d2e17fcb731dad Copy to Clipboard
SHA1 4eeb83ad71422e7f017d1bb7cf202df3cc1efe56 Copy to Clipboard
SHA256 9b958204ec8e311a4ae5a20b5f5825785671a7198d868c7c5512e74e41a088b9 Copy to Clipboard
SSDeep 24:qXA0fmKF5I1Ni7urX+qlw9Nc/tVD4qxfR3GKUhn68IRdZ36HAMc4:6fmKuNi6bdiNWB4qO9iq/ Copy to Clipboard
C:\Users\All Users\Package Cache\{8D4F7A6D-6B81-3DC8-9C21-6008E4866727}v14.10.25017\packages\vcRuntimeMinimum_amd64\vc_runtimeMinimum_x64.msi.SATANA Modified File Stream
Not Queried
...
»
Also Known As C:\Users\All Users\Package Cache\{8D4F7A6D-6B81-3DC8-9C21-6008E4866727}v14.10.25017\packages\vcRuntimeMinimum_amd64\vc_runtimeMinimum_x64.msi.SATANA (Created File)
Mime Type application/octet-stream
File Size 144.92 KB
MD5 3cd8da3cb71784ffaade445c99b33222 Copy to Clipboard
SHA1 44704ef13bf87cb4696fe8d6605b5c1a07317a50 Copy to Clipboard
SHA256 17a08f0a103a513c91c5c5deda39b610c601f9d862be1cde162d605910440ed1 Copy to Clipboard
SSDeep 3072:LneHwaFHcKXcfiDDatCIngH3oPBZAx2P0uUxTG:IFH0fiDDato6ZAxg6xTG Copy to Clipboard
C:\Users\Default\Favorites\desktop.ini Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Default\Favorites\desktop.ini.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.33 KB
MD5 b589748669fcaa972d5d2bf190ad22d4 Copy to Clipboard
SHA1 121ec424837b4c63029f5fcdf1d3a8f1cfdfcd04 Copy to Clipboard
SHA256 f9eaf70699e4dbcd854c8997d7af671d3fc9be2c173f46a050bd0f6f83cac971 Copy to Clipboard
SSDeep 24:ay6ywCdce8dpnt2GBlD268qlw9Nc/tVD4qxfR3GKUhn68IRdZ36H1/lE:nxqe832aiNWB4qO9iqV/2 Copy to Clipboard
C:\Users\All Users\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030\packages\vcRuntimeMinimum_x86\cab1.cab.SATANA Modified File Stream
Not Queried
...
»
Also Known As C:\Users\All Users\Package Cache\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}v11.0.61030\packages\vcRuntimeMinimum_x86\cab1.cab.SATANA (Created File)
Mime Type application/octet-stream
File Size 803.36 KB
MD5 27c1ad30b12a9ef6fe4f432bc4d62994 Copy to Clipboard
SHA1 51b25cd779abe01d3af52a8a427276abaa4c8a2d Copy to Clipboard
SHA256 f5e0e5f583cfa52eefc70703d3b3e8e4edd20ac4151e5c85f3e12ec3a15f1d38 Copy to Clipboard
SSDeep 24576:bdlYLGasY/XkWfZKr2Mi+Zwkpthn2S8m2aL+x:bd8GfY/RfoqMi+ZvsSt+ Copy to Clipboard
C:\Users\Public\Music\Sample Music\Sleep Away.mp3 Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Public\Music\Sample Music\Sleep Away.mp3.SATANA (Created File)
Mime Type application/octet-stream
File Size 4.62 MB
MD5 fea33d5017942555751f56b7a75bf875 Copy to Clipboard
SHA1 0356ebc29ab58ddab89c4373cf45780ecad40569 Copy to Clipboard
SHA256 718c8b2d9ef350538a548e57bcd461c94f620c3af3532d0bd59040d4ad9c2a07 Copy to Clipboard
SSDeep 98304:C7ludt5nYzgdtO3hmO9Xyh6zrBItJ5w1Ii7JM4gAN4Vd0bJMwGeytsw0yUT:6o5eOOIIvSJwyAydH99MT Copy to Clipboard
C:\Users\Default\Favorites\Windows Live\Windows Live Spaces.url Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Default\Favorites\Windows Live\Windows Live Spaces.url.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.06 KB
MD5 7438ace4c91b8e086286a33d430f3f69 Copy to Clipboard
SHA1 770b91f1a7ee28184dcd06c993fdb583cd65d5c2 Copy to Clipboard
SHA256 315dad8cb87d3e100ef46eeb14fe0897eacd2a1a0597c4d00e6350d12492a40a Copy to Clipboard
SSDeep 24:x5MMkXaApdqlw9Nc/tVD4qxfR3GKUhn68IRdZ36HkdS7:xoXKiNWB4qO9iqEdS7 Copy to Clipboard
C:\Users\Public\desktop.ini Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Public\desktop.ini.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.09 KB
MD5 e85d23fb3d074bc66dfdf3457719bada Copy to Clipboard
SHA1 293337e41aa4aa48435f8d495436e0d3cc71b1d6 Copy to Clipboard
SHA256 b870afdcb48a9487347263b0a16d7bbf95d1729ee9c67c56e9ceb334a1a90edb Copy to Clipboard
SSDeep 24:ZIVjUJat18Bka3uqlw9Nc/tVD4qxfR3GKUhn68IRdZ36HuV:WV44kBka9iNWB4qO9iqc Copy to Clipboard
C:\Users\All Users\Package Cache\{68306422-7C57-373F-8860-D26CE4BA2A15}v14.10.25017\packages\vcRuntimeAdditional_x86\vc_runtimeAdditional_x86.msi.SATANA Modified File Stream
Not Queried
...
»
Also Known As C:\Users\All Users\Package Cache\{68306422-7C57-373F-8860-D26CE4BA2A15}v14.10.25017\packages\vcRuntimeAdditional_x86\vc_runtimeAdditional_x86.msi.SATANA (Created File)
Mime Type application/octet-stream
File Size 140.92 KB
MD5 e8916e361601a02c564cdbb292560a3e Copy to Clipboard
SHA1 3bfb3a749b2e2a7c106bcf3d3c7b74c81087c0ff Copy to Clipboard
SHA256 42a01ce7d079bf5ce0900652cf438a409582f2cd9475c90b5d575e97b5b85014 Copy to Clipboard
SSDeep 3072:2MSeHwtStc+hriR7zHCIngg50L16j4I42qhoI:juStdritD/50k4lWI Copy to Clipboard
C:\Users\All Users\Package Cache\{929FBD26-9020-399B-9A7A-751D61F0B942}v12.0.21005\packages\vcRuntimeAdditional_amd64\cab1.cab.SATANA Modified File Stream
Not Queried
...
»
Also Known As C:\Users\All Users\Package Cache\{929FBD26-9020-399B-9A7A-751D61F0B942}v12.0.21005\packages\vcRuntimeAdditional_amd64\cab1.cab.SATANA (Created File)
Mime Type application/octet-stream
File Size 5.33 MB
MD5 770a63a756830e905cbe789524439b2a Copy to Clipboard
SHA1 fe3cd87ab89ee1c965932e0046b06eb7ff397e1d Copy to Clipboard
SHA256 a260055dadc3ec7c6dfbaaa31cac182841848a88d35e70861f77a9043d0265ed Copy to Clipboard
SSDeep 98304:TMN4w3blH/umgoy/JzUgC5x9iCphNIpe1FbfsQRc5fjkoTSO23QUb7:AN4ub1/xJgQACpzpXb/2fjkoTRU Copy to Clipboard
C:\Users\All Users\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030\packages\vcRuntimeMinimum_amd64\vc_runtimeMinimum_x64.msi.SATANA Modified File Stream
Not Queried
...
»
Also Known As C:\Users\All Users\Package Cache\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}v11.0.61030\packages\vcRuntimeMinimum_amd64\vc_runtimeMinimum_x64.msi.SATANA (Created File)
Mime Type application/octet-stream
File Size 148.92 KB
MD5 703340d261fd6fab2a7d93a599d205ea Copy to Clipboard
SHA1 d02376fefc2ee5b91aa137e8594952c9007aacac Copy to Clipboard
SHA256 fe4555dbb69a39b7ed5d787d6b81d225c32e5f65328b346b261459c40765d7c3 Copy to Clipboard
SSDeep 3072:ErxR6bFBGQr09ie3A3RdD3D+VG6tm4wPHXB2D8m58V5:qrqF4qVew33bZ6t7wPHxV5 Copy to Clipboard
C:\Users\Public\Music\Sample Music\Maid with the Flaxen Hair.mp3 Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Public\Music\Sample Music\Maid with the Flaxen Hair.mp3.SATANA (Created File)
Mime Type application/octet-stream
File Size 3.92 MB
MD5 a84a52c620649d8f70f988f6d2ee6533 Copy to Clipboard
SHA1 afd6cb23cb79de62a82fb55dbf6189303fc20e4d Copy to Clipboard
SHA256 79b4921dd19a2cf36509c7a5accc32493efd6bddec896503fea0813733063689 Copy to Clipboard
SSDeep 49152:M+GneNmQbc0URp6bolWB2soi4nyPFMaaS/cvw0/NVuUEPkcjnSpMWGlEWIj5agk:M+RIWiZIXPF6S/iwQNVbEXT4rBo Copy to Clipboard
C:\Users\All Users\Package Cache\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}v12.0.21005\packages\vcRuntimeAdditional_x86\cab1.cab.SATANA Modified File Stream
Not Queried
...
»
Also Known As C:\Users\All Users\Package Cache\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}v12.0.21005\packages\vcRuntimeAdditional_x86\cab1.cab.SATANA (Created File)
Mime Type application/octet-stream
File Size 4.71 MB
MD5 425e13c82d630c450a3861ae9472995d Copy to Clipboard
SHA1 080902ca921390653e00e586428533223b12aa6e Copy to Clipboard
SHA256 578d6a42621fd2045c30497b15e457809f625f3a64baaad0cfd6b84d77ac2ad2 Copy to Clipboard
SSDeep 98304:abuFRkqsBHV0jMgJ0DkDFmfk26WSj02PDm9OtxILKYG+GEuuptrUy9yTJuQ3bR:ab0RkqsZV4g6Fm82Q0Qa9OtMKYG+hTrc Copy to Clipboard
C:\Users\All Users\Sun\Java\Java Update\jaureglist.xml.SATANA Modified File Stream
Not Queried
...
»
Also Known As C:\Users\All Users\Sun\Java\Java Update\jaureglist.xml.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.05 KB
MD5 afbf75d8895b476dc5ff443af696c04b Copy to Clipboard
SHA1 08da231fc7efa3a54310ebf5c306c7362732fac2 Copy to Clipboard
SHA256 977dedf27354eebddd7b5e0fd24f1754928e6ee8c82def429dda754fe44e54c0 Copy to Clipboard
SSDeep 24:HfVS1lgjPvMwZqlw9Nc/tVD4qxfR3GKUhn68IRdZ36HA26:HfVUIvxKiNWB4qO9iqgF Copy to Clipboard
C:\Users\Public\Desktop\Google Chrome.lnk Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Public\Desktop\Google Chrome.lnk.SATANA (Created File)
Mime Type application/octet-stream
File Size 3.14 KB
MD5 8de664cb2d071811b7c8827f66b5a2df Copy to Clipboard
SHA1 ba74955fbebaf69d3f15e388e31596ff9f4b6264 Copy to Clipboard
SHA256 2055130340c56a3c4f8b51468ab5e9abafe8f7b6eecd4b7c755ebfaab62bbe8e Copy to Clipboard
SSDeep 96:ujLVATI3uBhLbeExV0fgawWZZKL4FwSxNFqO9iR:uHVA83GhWExVWNwWZrwSA Copy to Clipboard
C:\Users\Default\Favorites\Microsoft Websites\Microsoft At Home.url Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Default\Favorites\Microsoft Websites\Microsoft At Home.url.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.06 KB
MD5 c837d20886787e246e86de594d91638f Copy to Clipboard
SHA1 2bb2a914bed49a7bcd85e28e9d196704317a8fd1 Copy to Clipboard
SHA256 7e864c5afc8a206cdee70803a0cd1a946bf2fc85a751de7ecd7279bb8d4ad2fa Copy to Clipboard
SSDeep 24:JJB9lRirqlw9Nc/tVD4qxfR3GKUhn68IRdZ36Hse:bBVLiNWB4qO9iqv Copy to Clipboard
C:\Users\Public\Pictures\Sample Pictures\desktop.ini Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Public\Pictures\Sample Pictures\desktop.ini.SATANA (Created File)
Mime Type application/octet-stream
File Size 2.02 KB
MD5 4c1d2e2fe29b120b6d810dce5e780eb4 Copy to Clipboard
SHA1 e74d5adfa87dfba05fe71ec8020e6f7499e888cb Copy to Clipboard
SHA256 e71a4f67f56f06ce704226d616786db29768af6aa05e26d75f44178cedf0f395 Copy to Clipboard
SSDeep 48:6ScD4oF2EjBwHmmqHyOInBASLg781iNWB4qO9iqDgd:4D4Byw8IySM7pNFqO9ixd Copy to Clipboard
C:\Users\All Users\Package Cache\{582EA838-9199-3518-A05C-DB09462F68EC}v14.10.25017\packages\vcRuntimeMinimum_x86\cab1.cab.SATANA Modified File Stream
Not Queried
...
»
Also Known As C:\Users\All Users\Package Cache\{582EA838-9199-3518-A05C-DB09462F68EC}v14.10.25017\packages\vcRuntimeMinimum_x86\cab1.cab.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.23 MB
MD5 0a5297d4e3867e57e1d9e81708e75fd0 Copy to Clipboard
SHA1 191ec825ad34d364eb337cc3f1b53f514de32556 Copy to Clipboard
SHA256 50b64817ec136766ede1099365e3ca4276fc0f48d7325f02138f1625eab37457 Copy to Clipboard
SSDeep 24576:THKFhBi2k03YQy8hrOtFmuic4y7klC9nE7Ozotm1u0nM3vpfSSNljgL:TB2k0oHI8/ic45C5EKzoAutUutY Copy to Clipboard
C:\Users\Default\Videos\desktop.ini Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Default\Videos\desktop.ini.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.42 KB
MD5 3c4b5b5c7d978b6f7c4e2b946313d6a8 Copy to Clipboard
SHA1 1a68428bd747b646b933f1a279491f3cef20f8c4 Copy to Clipboard
SHA256 997f49a923cbf957cc24aa7dcbd9a73aacfd16b06caaee3fddaaf11db7ff90f6 Copy to Clipboard
SSDeep 24:tzrVHB6bL8Krlr6gX8kU6+5j8qlw9Nc/tVD4qxfR3GKUhn68IRdZ36HmFTXt:prVHBA3zX8E+NiNWB4qO9iqGFTXt Copy to Clipboard
C:\Users\Default\Links\Desktop.lnk Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Default\Links\Desktop.lnk.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.39 KB
MD5 b2cd39b0871dc639042b0f27fa1039f0 Copy to Clipboard
SHA1 b751ad1c6f6126330fab1fe5295bec9ab81408cd Copy to Clipboard
SHA256 564a3f9b29b88a90e0869d4f18d7eb3ae815c0140110450d235e327848b26f04 Copy to Clipboard
SSDeep 24:tYJMNZFVn78m4DnTlOTryqlw9Nc/tVD4qxfR3GKUhn68IRdZ36Hgz:+JMNZzzwn5UiNWB4qO9iqAz Copy to Clipboard
C:\Users\Public\Pictures\Sample Pictures\Penguins.jpg Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Public\Pictures\Sample Pictures\Penguins.jpg.SATANA (Created File)
Mime Type application/octet-stream
File Size 760.53 KB
MD5 5d742efe7d633433113d5a75fd847358 Copy to Clipboard
SHA1 983c2963356c862b98ab4502d7ec84f77b0be011 Copy to Clipboard
SHA256 3b9d2b0353e4889c9b7fdd2bc452bdcf73991bcd6b2bdd4480dd645317f2ab25 Copy to Clipboard
SSDeep 12288:K/jK5x3I90wry4qBKL2dDp1MZgHvPjju3B5izZOcriOnuBgbITi+ldGdZ3PRipGi:amdICwHL2dDp1nre44czuB0ei+gripoe Copy to Clipboard
C:\Users\Public\Pictures\Sample Pictures\Koala.jpg Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Public\Pictures\Sample Pictures\Koala.jpg.SATANA (Created File)
Mime Type application/octet-stream
File Size 763.45 KB
MD5 257c366ca61cc256134aa630989800cc Copy to Clipboard
SHA1 6f68f02749de11c14ec20fecd4d5b0ec80423b4a Copy to Clipboard
SHA256 cbaa925b4022a28f75ceda73f1e07f3c1faa1030c4da7e2b6303ce481d81f014 Copy to Clipboard
SSDeep 12288:2mn42A9UQZxDSGy5x2ncC/bQqv49uKTm7xsqBZKOVX3l1TBllGEF3:h4h9UUxDSGGxAcCTzv4kUm7xJeo3fzlf Copy to Clipboard
C:\Users\Default\AppData\Local\IconCache.db Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Default\AppData\Local\IconCache.db.SATANA (Created File)
Mime Type application/octet-stream
File Size 758.91 KB
MD5 dd563f7c39ed83cdbb8ff862c7440567 Copy to Clipboard
SHA1 2b7b588ef32fb498f75c71f0ef0e624c037ac1ca Copy to Clipboard
SHA256 e0353d715ec1c0a90f4cd3b1d9c3735408acb84f9e59354339f2d53a8dc01606 Copy to Clipboard
SSDeep 6144:AlNzBc339olAUWRkbQDRKyufC5mPzFqjbIgEeh3Phwp/0wuRKqJiaGhDrKar:4NzBc2KVkbWMfC58zKaepeqGhDDr Copy to Clipboard
C:\BOOTSECT.BAK Modified File Stream
Not Queried
...
»
Also Known As C:\BOOTSECT.BAK.SATANA (Created File)
Mime Type application/octet-stream
File Size 8.92 KB
MD5 32bd8b3ee2de4921cd9a6c4c6fb24919 Copy to Clipboard
SHA1 06e69f90bafa2f2b76d69994286ec8c37a9e5200 Copy to Clipboard
SHA256 ce266350e0fafe69735fa5ea029d79a2154303c0eb1b6bf32e84d4bcb4e86a4f Copy to Clipboard
SSDeep 192:ysC6aPREP8fe86u0SeSjOlyPZtr20PT7JWAshcE1h6:ysCdEP8fe86zhSjOlyPvrL9Wlph6 Copy to Clipboard
C:\Users\All Users\Package Cache\{f325f05b-f963-4640-a43b-c8a494cdda0f}\state.rsm.SATANA Modified File Stream
Not Queried
...
»
Also Known As C:\Users\All Users\Package Cache\{f325f05b-f963-4640-a43b-c8a494cdda0f}\state.rsm.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.67 KB
MD5 624a4b8f1d110849569ea68aabdffd8d Copy to Clipboard
SHA1 d92b3f3408a5df8a096ed1c129d979a7e672e183 Copy to Clipboard
SHA256 51775525b3d890ee180cad4520ddaa4611c10e6dfa8c225ec468e76795bc72f4 Copy to Clipboard
SSDeep 24:6EcLVh0tBdrkYyrzebwdO4zf7L9VEgvvqlw9Nc/tVD4qxfR3GKUhn68IRdZ36H1j:tUIb6fe2fNVnvYiNWB4qO9iqVkM Copy to Clipboard
C:\Users\Default\NTUSER.DAT.LOG1 Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Default\NTUSER.DAT.LOG1.SATANA (Created File)
Mime Type application/octet-stream
File Size 185.92 KB
MD5 c3e48f148eac22e7d2a86773ad5e7758 Copy to Clipboard
SHA1 65bf50fa9d3ae1b303629c13b42f5c9beac9f200 Copy to Clipboard
SHA256 b10f415e7278b100a474cdf2f2ba47dd1b6c06e599e7fd51dd34decb68727fb5 Copy to Clipboard
SSDeep 3072:MNLpzcCaHxB4Iw74zMSJut7pJNDv6s4Y2qplx:MNLOCaHxyF74s7pJlShRiL Copy to Clipboard
C:\Users\Public\Videos\Sample Videos\desktop.ini Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Public\Videos\Sample Videos\desktop.ini.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.25 KB
MD5 c96616b78b095946a006283443617454 Copy to Clipboard
SHA1 5a0d083a98659c60b5296d283257d8a8832ace69 Copy to Clipboard
SHA256 9e8c7638e4abb5d61afc2a4a01de175501adf16263739c8f87f8e44e8ff7158e Copy to Clipboard
SSDeep 24:wz+Sk8WyyXJcclhwdAovqlw9Nc/tVD4qxfR3GKUhn68IRdZ36H9A:wKSkwWyGsAziNWB4qO9iqK Copy to Clipboard
C:\Users\All Users\Package Cache\42D5BEC7DDFBD49E76467529CBC2868987BF8460\packages\Patch\x64\Windows6.1-KB2999226-x64.msu.SATANA Modified File Stream
Not Queried
...
»
Also Known As C:\Users\All Users\Package Cache\42D5BEC7DDFBD49E76467529CBC2868987BF8460\packages\Patch\x64\Windows6.1-KB2999226-x64.msu.SATANA (Created File)
Mime Type application/octet-stream
File Size 989.23 KB
MD5 ec0437435e8c4235b4900c8961beb47d Copy to Clipboard
SHA1 737275036abce3a0657e464bd62fe25ea815c06a Copy to Clipboard
SHA256 9c0fd2d38ea66fa270d772b03e0a0476a8f8c36f86e321b8c5631887bde7bfa3 Copy to Clipboard
SSDeep 24576:O/C4fXR+g2nNeItkhxKCl79TK6/j9fO2/KU6DG6A6BMSg+:/eXF2NeItKxl79R/j9IbnBMi Copy to Clipboard
C:\Users\Default\Saved Games\desktop.ini Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Default\Saved Games\desktop.ini.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.20 KB
MD5 6a7e80181ee2567e679c8f5d0856310e Copy to Clipboard
SHA1 c64d1cfcd95beb88d5ba8a5293c47fa7aa8be40f Copy to Clipboard
SHA256 190d46b164e7c8eca7ef9dd10298034a272650c47a40c38991f4f70f8cd89f0d Copy to Clipboard
SSDeep 24:1x5X7h84KZkBvFf7m4W9wva9LBtVdulpqlw9Nc/tVD4qxfR3GKUhn68IRdZ36Hge:lX7/UQdf49FJZdFiNWB4qO9iqiu Copy to Clipboard
C:\Users\Default\Favorites\MSN Websites\MSNBC News.url Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Default\Favorites\MSN Websites\MSNBC News.url.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.06 KB
MD5 49c5e3290353ac0e827d59bf046f9963 Copy to Clipboard
SHA1 94549c391f3210aa9874df00aa299c86743b34a7 Copy to Clipboard
SHA256 b82b5b1d1481253771fa101e1e8f9e401c1f26f68016c397eabc8372548030fc Copy to Clipboard
SSDeep 24:MTuZAWAitY/8qlw9Nc/tVD4qxfR3GKUhn68IRdZ36HlNC:M3DXDiNWB4qO9iqHC Copy to Clipboard
C:\Users\Default\ntuser.ini Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Default\ntuser.ini.SATANA (Created File)
Mime Type application/octet-stream
File Size 0.95 KB
MD5 8d08cfead41e7ce418d34ac3abc970a4 Copy to Clipboard
SHA1 f2a66c60841be932af5e6ec8c80c4d6ea8e9a260 Copy to Clipboard
SHA256 ec3efd84ea3a91fe401c1e2f13db08aefcd44b813c9b66cc93c1a425e403116d Copy to Clipboard
SSDeep 24:5qSE2phXp5Eqlw9Nc/tVD4qxfR3GKUhn68IRdZ36H7Qk:AXehXp5DiNWB4qO9iqbR Copy to Clipboard
C:\Users\Public\Recorded TV\desktop.ini Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Public\Recorded TV\desktop.ini.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.00 KB
MD5 a7ac5a8ff1d2df21cd32f4a511e35219 Copy to Clipboard
SHA1 fc640221cd3baf817ebc77994c65892b2131f2ec Copy to Clipboard
SHA256 55f5989e32d686dc63bfd2d5d2a79b863e7932aece2a4b87b73b4a3423a9d5ce Copy to Clipboard
SSDeep 24:5QXrxHV0gpqlw9Nc/tVD4qxfR3GKUhn68IRdZ36Hpej:5Q7xHV0g6iNWB4qO9iqJej Copy to Clipboard
C:\Users\Public\Libraries\RecordedTV.library-ms Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Public\Libraries\RecordedTV.library-ms.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.78 KB
MD5 529fcc7f29320de945749a4b5be00545 Copy to Clipboard
SHA1 58bad841277b1cc304c5f297351b7bf96f4ac23c Copy to Clipboard
SHA256 11c8b8ccb57696eb0be6af574b23259bbd9e76addb13262199f23a8696ad958f Copy to Clipboard
SSDeep 24:0kK1W7auz0lWRTsydy1jFf4zgyryLRM9urFqlw9Nc/tVD4qxfR3GKUhn68IRdZ3h:071W2uAYqyy1usLRMziNWB4qO9iqS Copy to Clipboard
C:\Users\Default\Searches\Everywhere.search-ms Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Default\Searches\Everywhere.search-ms.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.17 KB
MD5 87c2d943f5ee2fac81d882a419c1b108 Copy to Clipboard
SHA1 0d44502bcd6421486c22ce002a322bf9ada6f79f Copy to Clipboard
SHA256 8691231d6976a640e522abe88694be017b180d25d113026dac50371f85cff07a Copy to Clipboard
SSDeep 24:ld2xzoE5AKQzUg/gqlw9Nc/tVD4qxfR3GKUhn68IRdZ36Hk:r2xzD5ASmiNWB4qO9iqE Copy to Clipboard
C:\Users\All Users\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\state.rsm.SATANA Modified File Stream
Not Queried
...
»
Also Known As C:\Users\All Users\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\state.rsm.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.56 KB
MD5 61f63596e55687b722fbedba21b48260 Copy to Clipboard
SHA1 4501c591c99c71298ab456c1d380eb2d401d82f1 Copy to Clipboard
SHA256 9bd5bc4bec19eb6b38f6c96fec46f29e986d35e505bfa4251e17d3d13e6a2efb Copy to Clipboard
SSDeep 24:iUODocAigsLHUE1e7WdfR46ALrTGuxG7KO6qlw9Nc/tVD4qxfR3GKUhn68IRdZ3S:bWocAlyUYfGFrTGkGpZiNWB4qO9iq4lO Copy to Clipboard
C:\Users\All Users\Adobe\ARM\Reader_10.0.0\AdbeRdrUpd10110_MUI.msp.SATANA Modified File Stream
Not Queried
...
»
Also Known As C:\Users\All Users\Adobe\ARM\Reader_10.0.0\AdbeRdrUpd10110_MUI.msp.SATANA (Created File)
Mime Type application/octet-stream
File Size 10.00 MB
MD5 9a328aee1fc935ced32829928a9d368a Copy to Clipboard
SHA1 a088a7f9ce3cc2ce9ea616052c0d74be6bd683ec Copy to Clipboard
SHA256 7010b8d136c195169c02101c768fc8e7c022d7a7c9762a24dc2bf2af03a27c35 Copy to Clipboard
SSDeep 196608:WnyozVU3Ux29/rGUvDXadSLsS8nQsiAESOsYnwZrja9segf:myoBEUx2hJvsItAqpnevIu Copy to Clipboard
C:\Users\Public\Pictures\Sample Pictures\Desert.jpg Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Public\Pictures\Sample Pictures\Desert.jpg.SATANA (Created File)
Mime Type application/octet-stream
File Size 827.04 KB
MD5 901b60158f3b1244a65913699f3cad60 Copy to Clipboard
SHA1 0170f737c088d4d4b167b0e2465a2de9f4dde941 Copy to Clipboard
SHA256 a6f1ff3199e35fb839c0754dece5c0295f6e092b962e5505299d91a9d8a8aa76 Copy to Clipboard
SSDeep 12288:KOEyG5CJf6dfmPlqe/G+3HMJ0ArGwC3Dq0afrITGG9C7yi77p1vEminCzK2jNs:nA5CJFPY+3MJtrGVmfkTPG7jvEt2Js Copy to Clipboard
C:\Users\All Users\Adobe\ARM\Reader_10.0.0\AdbeRdrSecUpd10111.msp.SATANA Modified File Stream
Not Queried
...
»
Also Known As C:\Users\All Users\Adobe\ARM\Reader_10.0.0\AdbeRdrSecUpd10111.msp.SATANA (Created File)
Mime Type application/octet-stream
File Size 246.92 KB
MD5 215c4ef444eea70b2113ed261cad595c Copy to Clipboard
SHA1 3d8bd0e1403b8a8ff26549d035b075a47c8e395c Copy to Clipboard
SHA256 a5297299088173b070576f61ee4264f098057202e898bab5e714ab345f387105 Copy to Clipboard
SSDeep 6144:dx+vAGNff5P75SaKa+RMJWy6F/VEt0FtpqIHPE9/hbdkkz:H+vAcBPgaLJ7KqD6u Copy to Clipboard
C:\Users\Default\Music\desktop.ini Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Default\Music\desktop.ini.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.42 KB
MD5 708eb041ebec1c0bb9aa712eb3375cb0 Copy to Clipboard
SHA1 b3aef74b0da73de6ae2519ec9e9e384869823c20 Copy to Clipboard
SHA256 9ee1c8bb3b66f348c3dadf2b56d12654fed7dc94c655b16e466c744074c3e4a3 Copy to Clipboard
SSDeep 24:8QtnsRfH03XJvxMRX9VB/RHhuhqOi8Tqlw9Nc/tVD4qxfR3GKUhn68IRdZ36HCU6:BZEquB5Hhuhqt5iNWB4qO9iqif Copy to Clipboard
C:\Users\Public\Pictures\Sample Pictures\Lighthouse.jpg Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Public\Pictures\Sample Pictures\Lighthouse.jpg.SATANA (Created File)
Mime Type application/octet-stream
File Size 549.05 KB
MD5 c44b050c328d1c16aa3048b3ead71cdc Copy to Clipboard
SHA1 1fedfe4bae84d1fed6baaccd15b8f83d8b28bfcf Copy to Clipboard
SHA256 cc1c3b01b25c2a8a24a56eb94d74442ca7612ca68491e1c3ca75e21bdb6ef892 Copy to Clipboard
SSDeep 12288:pSBRxVnMmNKP8DYn0i4odTmWlD9A7Z65FjcusuTlxO3tBXW/93nNeARw8ueUBmq:ItVnByU2B4oJm29kZ5ex84FnnxUBx Copy to Clipboard
C:\Users\All Users\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030\packages\vcRuntimeAdditional_amd64\vc_runtimeAdditional_x64.msi.SATANA Modified File Stream
Not Queried
...
»
Also Known As C:\Users\All Users\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030\packages\vcRuntimeAdditional_amd64\vc_runtimeAdditional_x64.msi.SATANA (Created File)
Mime Type application/octet-stream
File Size 148.92 KB
MD5 e54fd96fb6ee6980b3f67c38733cb468 Copy to Clipboard
SHA1 b363381fc07f6080eacc4e156fa995f03490015c Copy to Clipboard
SHA256 8a1c857779c6418877e5dd883ecd3230d17967a004dc48d9cef72846412ba69e Copy to Clipboard
SSDeep 3072:zVzXyRGQr09jMoL53D+Vw1rjurlNIqp8nX:zJdq9oprjFJ Copy to Clipboard
C:\Users\Default\Favorites\Microsoft Websites\IE site on Microsoft.com.url Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Default\Favorites\Microsoft Websites\IE site on Microsoft.com.url.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.06 KB
MD5 78e98eaad361200baede7135c33f5b88 Copy to Clipboard
SHA1 b1523e613a295dcae25eb8c95b322281e58d59e6 Copy to Clipboard
SHA256 c00077a8475fc166b143bff6b3a9d3cab8976069a8d662d46a9c8c251acb1ac9 Copy to Clipboard
SSDeep 24:mjMIDC8V2Smqlw9Nc/tVD4qxfR3GKUhn68IRdZ36HZpOS:2MyVDViNWB4qO9iqjB Copy to Clipboard
C:\Users\All Users\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030\packages\vcRuntimeAdditional_x86\cab1.cab.SATANA Modified File Stream
Not Queried
...
»
Also Known As C:\Users\All Users\Package Cache\{B175520C-86A2-35A7-8619-86DC379688B9}v11.0.61030\packages\vcRuntimeAdditional_x86\cab1.cab.SATANA (Created File)
Mime Type application/octet-stream
File Size 4.92 MB
MD5 44e66cf333c03cf5a9e215590a1a9ff1 Copy to Clipboard
SHA1 f05bff39ff4190370e7b690ee6515ce05d150f4d Copy to Clipboard
SHA256 90234072b1f018c3bd17e69a6fe0efd45747860a1e45ad541859f770a4ac66f4 Copy to Clipboard
SSDeep 98304:2t11LcaJw7l6x0gqOddM6L3eJl31N8Xh0vYyRqYTD/BaEG22wOBh:utJwR6x0g5bLa3oUPHD//U Copy to Clipboard
C:\Users\Default\Favorites\Windows Live\Windows Live Mail.url Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Default\Favorites\Windows Live\Windows Live Mail.url.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.06 KB
MD5 8251d521a6ba151934f7f5207e37dbb3 Copy to Clipboard
SHA1 a958f9508444aea3e4e8117b41a31250e0c5d00f Copy to Clipboard
SHA256 69c7d96792200188361f81b7f6ec67f2edf3653a685e3eb132f9e720b02b606e Copy to Clipboard
SSDeep 24:upxmkYVO5qlw9Nc/tVD4qxfR3GKUhn68IRdZ36HWGX:y+5iNWB4qO9iqZ Copy to Clipboard
C:\Users\Public\Music\desktop.ini Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Public\Music\desktop.ini.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.30 KB
MD5 264e7db2beff5abff9de478282bb87fb Copy to Clipboard
SHA1 05d11c57d64a8809c20f2651e63d55d43a919a98 Copy to Clipboard
SHA256 e4d4bcde784d32fb737217e60aba373847eed9f7196c029b94081fbc705ce3ad Copy to Clipboard
SSDeep 24:Sob1f+31IIQp9qlw9Nc/tVD4qxfR3GKUhn68IRdZ36H/1X:SobJ+3FNiNWB4qO9iqZ Copy to Clipboard
C:\Users\Default\Searches\desktop.ini Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Default\Searches\desktop.ini.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.44 KB
MD5 f09354ccd5def2b6b828a2d5edd45bc7 Copy to Clipboard
SHA1 7f57bfad251cab4cf012d9dd3142ba8f904db355 Copy to Clipboard
SHA256 da6bef7d0f15d055b3ba389650cbf38277efcbff6e9f3ab13f0c6f07ec95c931 Copy to Clipboard
SSDeep 24:QvDNSL/0piCAAJ88cV/vcC8nGta+Br8VclJYpRB5qlw9Nc/tVD4qxfR3GKUhn68e:QvZiMsCbJu/OGaCAcr2ciNWB4qO9iq0d Copy to Clipboard
C:\Users\Default\Favorites\MSN Websites\MSN Autos.url Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Default\Favorites\MSN Websites\MSN Autos.url.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.06 KB
MD5 80276eb7acdb268a74eeaf293469522e Copy to Clipboard
SHA1 93685996f73b35d315129554c7acf74727f4976d Copy to Clipboard
SHA256 02ddded14a3cc3b688e93f9320b057efad58b28c71b0537f38fa48a35793dafa Copy to Clipboard
SSDeep 24:ZKRs2RZ9xEpz+8AIqlw9Nc/tVD4qxfR3GKUhn68IRdZ36HIC0vk:ZdkkiXiNWB4qO9iqoCGk Copy to Clipboard
C:\Users\Public\Desktop\desktop.ini Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Public\Desktop\desktop.ini.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.09 KB
MD5 92746cae338132a8d37e81c27d628ae3 Copy to Clipboard
SHA1 8868cfb6da79d736ab6d4e3e8ced6429ee86b4da Copy to Clipboard
SHA256 de577666a8b46982f29a6fa3f5e74e1280eaeda315ce88977f38b951e5ef7f07 Copy to Clipboard
SSDeep 24:doM/9uUEYd8qlw9Nc/tVD4qxfR3GKUhn68IRdZ36Hz:doMVuUFdLiNWB4qO9iqT Copy to Clipboard
C:\Users\All Users\Package Cache\{e6e75766-da0f-4ba2-9788-6ea593ce702d}\vcredist_x86.exe.SATANA Modified File Stream
Not Queried
...
»
Also Known As C:\Users\All Users\Package Cache\{e6e75766-da0f-4ba2-9788-6ea593ce702d}\vcredist_x86.exe.SATANA (Created File)
Mime Type application/octet-stream
File Size 453.05 KB
MD5 8517e82056ec5403f8b73925ca8d6cfa Copy to Clipboard
SHA1 572ebb056a1d99c3d89e8701f74d5b941b915325 Copy to Clipboard
SHA256 1ec512c4f67bd79a7ee093d6e6a0837c99de673ac7f318ed7d011d8a88e17542 Copy to Clipboard
SSDeep 12288:qZprJumdkALmDjZQjO3wvt5aGhgZfwBdMy:EImeALm6TvzaIAU Copy to Clipboard
C:\Users\Default\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Default\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf.SATANA (Created File)
Mime Type application/octet-stream
File Size 64.92 KB
MD5 0d377de7418b1f6f2dd8b8266e78ad05 Copy to Clipboard
SHA1 30cc0c795f2e11c17dd3c97d3d5187ebf21fc486 Copy to Clipboard
SHA256 ecbfe94aaef104db5225cee8f11436fccb535cfa2a217cf68f4d3c27b6ba3bc0 Copy to Clipboard
SSDeep 768:OLoyG68uEfYPElQ1SOls55HYJOUhsTidnfWsIVMrMjuB5P:OEyNEfRI2TYJeWksZMju/ Copy to Clipboard
C:\Users\Default\Favorites\MSN Websites\MSN Money.url Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Default\Favorites\MSN Websites\MSN Money.url.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.06 KB
MD5 9b2c3ebc28dc492d9b8095d7d2bfdeca Copy to Clipboard
SHA1 b551ae4160960179b9633a15f170aa1973b35aea Copy to Clipboard
SHA256 340acedf2cc1d1d620950eb2f20c00e702ebe16befb01693ebb09607083b14bd Copy to Clipboard
SSDeep 24:F0fnv6q94qlw9Nc/tVD4qxfR3GKUhn68IRdZ36HWZmvk:ufnv6kniNWB4qO9iq2Sk Copy to Clipboard
C:\Users\All Users\Package Cache\{582EA838-9199-3518-A05C-DB09462F68EC}v14.10.25017\packages\vcRuntimeMinimum_x86\vc_runtimeMinimum_x86.msi.SATANA Modified File Stream
Not Queried
...
»
Also Known As C:\Users\All Users\Package Cache\{582EA838-9199-3518-A05C-DB09462F68EC}v14.10.25017\packages\vcRuntimeMinimum_x86\vc_runtimeMinimum_x86.msi.SATANA (Created File)
Mime Type application/octet-stream
File Size 144.92 KB
MD5 39f90bdc4f75b6be5b3814f4c78c0e9a Copy to Clipboard
SHA1 d3b37c0e2fb1f6eb3549a35818ca28f5c5d0e275 Copy to Clipboard
SHA256 5b4d216f2530caba198b10a57ffa478eefebbffd65c557a805dbd0997f3995de Copy to Clipboard
SSDeep 3072:xgQSVuyeHwpZWc3+iF6nuCIngFzbAwi48NY/5Jk:iVBQW+i1+P18mk Copy to Clipboard
C:\Users\Default\Searches\Indexed Locations.search-ms Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Default\Searches\Indexed Locations.search-ms.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.17 KB
MD5 3db13386ca81237f2568912430733481 Copy to Clipboard
SHA1 08b09cc4e6768ca089ec6399300ecc1a1ee4e061 Copy to Clipboard
SHA256 e42acf9895c7cb8863e17e5a21179295a373d960403c3d677d347e7de5beebe6 Copy to Clipboard
SSDeep 24:Z2mdX4Wj9H6rzr9Zafft2qlw9Nc/tVD4qxfR3GKUhn68IRdZ36Hjycjt:Zpdj9aXRAntFiNWB4qO9iqDy8 Copy to Clipboard
C:\Users\Public\Pictures\Sample Pictures\Chrysanthemum.jpg Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Public\Pictures\Sample Pictures\Chrysanthemum.jpg.SATANA (Created File)
Mime Type application/octet-stream
File Size 859.71 KB
MD5 d9937be9eafca2fae99e43b5de0e9d41 Copy to Clipboard
SHA1 c5c598a7c2450e23390943e5c587f743c59e3e76 Copy to Clipboard
SHA256 d4ce7691d674d3f703f86cad0aca2294419d32ebbaf4e3de68062acd9ab146c6 Copy to Clipboard
SSDeep 24576:iCFV39OW+lPLhLcDaRhhRkBjn716CZMJn4Pk:iC5klPu2sJ71JZy4c Copy to Clipboard
C:\Users\Default\NTUSER.DAT Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Default\NTUSER.DAT.SATANA (Created File)
Mime Type application/octet-stream
File Size 768.92 KB
MD5 df78b20b2570a2d3ca98f8c26e329d66 Copy to Clipboard
SHA1 59384b826f1401b921315c9d5870c7113718e64d Copy to Clipboard
SHA256 abe8627c2b5f2d193fb7bf013a286d97964dcf3463c619d7c2f9663321ccc5bd Copy to Clipboard
SSDeep 6144:QIbGHFtLZPV3OKcH7cOlLeNoRy4FHCHCGJgyWrK+ztU+OUe70EyxRj+TwpYsv6do:kiFB4oRy4FHCH+yOK+Jy0l4E2sv6d7r4 Copy to Clipboard
C:\Users\All Users\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe.SATANA Modified File Stream
Not Queried
...
»
Also Known As C:\Users\All Users\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe.SATANA (Created File)
Mime Type application/octet-stream
File Size 445.96 KB
MD5 41c9744cd1a2f12488140cfe553325e9 Copy to Clipboard
SHA1 11e6e703e52d59d1dabb07947ce76cb1156963d9 Copy to Clipboard
SHA256 27d1f877db719eefe70e0fef0bba318bfc62e898a198f48f4e54ddc974cfba62 Copy to Clipboard
SSDeep 12288:yzIIq0FLJYCvUdriqlE4UO1b21Pzd6f6A0UXcP:yzI5MfvmriKE4dMk70UMP Copy to Clipboard
C:\Users\Default\Favorites\Links\Web Slice Gallery.url Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Default\Favorites\Links\Web Slice Gallery.url.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.16 KB
MD5 515bbc187af0937c7c7fe5478f8ab478 Copy to Clipboard
SHA1 0f116d113a451ffead555dafdea27cd5a3342022 Copy to Clipboard
SHA256 49a2d3ed136782cbfe9a521a3c37d34aafece2300a9172a050090a18a51cf501 Copy to Clipboard
SSDeep 24:6OGBv+KQTpqlw9Nc/tVD4qxfR3GKUhn68IRdZ36Hq/8n:56+KQuiNWB4qO9iqc8n Copy to Clipboard
C:\Users\Default\Favorites\Links\desktop.ini Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Default\Favorites\Links\desktop.ini.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.00 KB
MD5 8af84e8646936ecc876aa92ac6e80809 Copy to Clipboard
SHA1 bff519b7f06c421c463f45e5874a6c864c8ff534 Copy to Clipboard
SHA256 03935cc4c5b948a5431f8c1e3b00496a315b46dcf2f23b0dbb68631721f53d71 Copy to Clipboard
SSDeep 24:lExDtMyqlw9Nc/tVD4qxfR3GKUhn68IRdZ36Hna:lqDtMBiNWB4qO9iqHa Copy to Clipboard
C:\Users\Public\Documents\desktop.ini Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Public\Documents\desktop.ini.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.20 KB
MD5 1f9600740a977492e9701485dc9b258d Copy to Clipboard
SHA1 4fe647ac57af98222937c09fd88c59f078826e13 Copy to Clipboard
SHA256 23333532d2363f60adb26174f4e71eb1ccc33ef5e0a55cbe754c2443046ffb9a Copy to Clipboard
SSDeep 24:Mc7A9oLZWbE0Xe1YMvh5qlw9Nc/tVD4qxfR3GKUhn68IRdZ36Hgjj:LA9oLepewiNWB4qO9iqO Copy to Clipboard
C:\Users\All Users\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030\packages\vcRuntimeAdditional_amd64\cab1.cab.SATANA Modified File Stream
Not Queried
...
»
Also Known As C:\Users\All Users\Package Cache\{37B8F9C7-03FB-3253-8781-2517C99D7C00}v11.0.61030\packages\vcRuntimeAdditional_amd64\cab1.cab.SATANA (Created File)
Mime Type application/octet-stream
File Size 5.53 MB
MD5 9588ca4a48348ba639ca2c2c324ec56a Copy to Clipboard
SHA1 64310a758d3a5567563225d8f2dcc2db2da20fe7 Copy to Clipboard
SHA256 f00d529c38a28f4a3eba2d76580a9a96175bb61f631ed59e9504a74a2538d374 Copy to Clipboard
SSDeep 98304:LPyuDDI/I6I0eL2TOaLceUPMKfz4g3Schw3wVRdUABxyhEby+8EuEvG/P:LPyAD2yEceUP3kTgV/NryhQ4n Copy to Clipboard
C:\Users\Default\Contacts\Administrator.contact Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Default\Contacts\Administrator.contact.SATANA (Created File)
Mime Type application/octet-stream
File Size 67.70 KB
MD5 a49c5476519b735e19fb3fc1c6d62a71 Copy to Clipboard
SHA1 219911b3324701b7e45fbc1819804f06c58fa025 Copy to Clipboard
SHA256 715e479d2b8c33a4f74f972006af63433c9d109dbf33f97c21e98d8639d39f4c Copy to Clipboard
SSDeep 768:Xyukf67sGG8h8DKAx/mu18J3Mw6UMslMD04CBGz9UTAngSilCfoSO8+Jv8jtUkdW:XF7sVH3N123Mw6UZp2U6g50W8wkU57N Copy to Clipboard
C:\Users\Default\Links\RecentPlaces.lnk Modified File Stream
Not Queried
...
»
Also Known As C:\Users\Default\Links\RecentPlaces.lnk.SATANA (Created File)
Mime Type application/octet-stream
File Size 1.28 KB
MD5 c4196e488530d720eb47db712456d2f1 Copy to Clipboard
SHA1 40121abb3d498cad64e120b3581517fab9046493 Copy to Clipboard
SHA256 9799a85475704c0703fa3a079b6eadcdbe978e0ad1f42fe8271db9dc44a8e55f Copy to Clipboard
SSDeep 24:1h+B05v5cN0NZh4bH16yz6qRqlw9Nc/tVD4qxfR3GKUhn68IRdZ36HCjeP:1Id0rh4bHEmSiNWB4qO9iqV Copy to Clipboard
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\tzbtqw.exe Created File Unknown
Not Queried
...
»
Mime Type application/x-empty
File Size 0.00 KB
MD5 d41d8cd98f00b204e9800998ecf8427e Copy to Clipboard
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709 Copy to Clipboard
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Copy to Clipboard
SSDeep 3:: Copy to Clipboard
C:\Users\Public\0A643CC0B2786E0182A9C297C25EDEEB6DD44BB0E8EAA993679B4A37C364560A Created File Text
Not Queried
...
»
Mime Type text/plain
File Size 1.00 KB
MD5 7615075fe65165fde667bf15464fae05 Copy to Clipboard
SHA1 b6acfdde483fe63e756df8f0da0f63c9d46db4ad Copy to Clipboard
SHA256 7dcfbc6deb7493c0602c8de2d62ddbc6e8721968105953640d4087193c241e2c Copy to Clipboard
SSDeep 24:UHUzAgHQLaKt5Hs69qlw9Nc/tVD4qxfR3GKUhn68IRdZ36HT:dlqaKt5HsriNWB4qO9iqz Copy to Clipboard
Exit-Icon
WHOIS Domain Information
Domain Name
WHOIS Response 

       		
      

     

    

   

  

  

  

  

   

    
    

     Function Logfile
    

    

     

      Download-Icon
     

    

    

     Exit-Icon
    

   

   

    

     

      
       This feature requires an online-connection to the VMRay backend.
      
      

      

      An offline version with limited functionality is also provided.
      

      The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".
     

     

    

   

   

    Before
   

   

    

     

      
       This feature requires an online-connection to the VMRay backend.
      
      

      

      An offline version with limited functionality is also provided.
      

      The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".
     

     

    

   

   

    After
   

   

    

     

      
       This feature requires an online-connection to the VMRay backend.
      
      

      

      An offline version with limited functionality is also provided.
      

      The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".
     

     

    

   

   

    

     
      

       
       
       
       
      

     
     
     
    

   

  

  

   

    
    

     Screenshot
    

    

     Expand-Icon
    

    

     Exit-Icon
    

   

   

    

     icon_left
    

    

     icon_left
    

   

   

   

   

    image