Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
phish_alert_iocp_v1.4.48 (15).eml
|
RFC 822 mail, ASCII text, with very long lines (347), with CRLF line terminators
|
initial sample
|
||
|
C:\Users\user\AppData\Local\Microsoft\FORMS\FRMCACHE.DAT
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Office\16.0\AddInClassifierCache\OfficeSharedEntities.bin
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Office\16.0\AddInClassifierCache\OfficeSharedEntitiesUpdated.bin
|
ASCII text, with no line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Office\OTele\outlook.exe.db-journal
|
SQLite Rollback Journal
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Office\MSO3072.acl
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 4 16:25:13 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 4 16:25:13 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 4 16:25:13 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 4 16:25:13 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 4 16:25:13 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
Chrome Cache Entry: 100
|
ASCII text, with very long lines (5632)
|
downloaded
|
||
|
Chrome Cache Entry: 104
|
ASCII text, with very long lines (26548)
|
downloaded
|
||
|
Chrome Cache Entry: 105
|
ASCII text, with very long lines (1215)
|
downloaded
|
||
|
Chrome Cache Entry: 106
|
ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 107
|
PNG image data, 353 x 60, 8-bit/color RGB, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 109
|
ASCII text, with very long lines (32038)
|
downloaded
|
||
|
Chrome Cache Entry: 110
|
PNG image data, 250 x 92, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 111
|
Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 112
|
Unicode text, UTF-8 text, with very long lines (2258)
|
downloaded
|
||
|
Chrome Cache Entry: 113
|
PNG image data, 21 x 21, 4-bit colormap, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 114
|
Web Open Font Format (Version 2), CFF, length 29924, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 117
|
Unicode text, UTF-8 text, with very long lines (39221)
|
dropped
|
||
|
Chrome Cache Entry: 119
|
ASCII text
|
dropped
|
||
|
Chrome Cache Entry: 81
|
ASCII text
|
dropped
|
||
|
Chrome Cache Entry: 82
|
PNG image data, 600 x 600, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 83
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
Chrome Cache Entry: 84
|
ASCII text, with very long lines (9476)
|
downloaded
|
||
|
Chrome Cache Entry: 85
|
JSON data
|
downloaded
|
||
|
Chrome Cache Entry: 88
|
ASCII text
|
dropped
|
||
|
Chrome Cache Entry: 89
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 90
|
HTML document, ASCII text
|
downloaded
|
||
|
Chrome Cache Entry: 91
|
ASCII text, with very long lines (4938)
|
downloaded
|
||
|
Chrome Cache Entry: 92
|
Web Open Font Format (Version 2), CFF, length 41556, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 93
|
Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 94
|
Web Open Font Format (Version 2), CFF, length 29752, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 95
|
Web Open Font Format (Version 2), CFF, length 29980, version 1.0
|
downloaded
|
||
|
Chrome Cache Entry: 99
|
ASCII text, with very long lines (60557)
|
downloaded
|
There are 29 hidden files, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
cloud.postoffice.net
|
165.212.65.209
|
||
|
cdnjs.cloudflare.com
|
104.17.24.14
|
||
|
clicktime.cloud.postoffice.net
|
165.212.65.140
|
||
|
maxcdn.bootstrapcdn.com
|
104.18.10.207
|
||
|
secure.na2dc2.echosign.com
|
44.234.124.143
|
||
|
www.google.com
|
142.250.185.164
|
||
|
federalreservebanks.na2.adobesign.com
|
44.234.124.143
|
||
|
use.typekit.net
|
unknown
|
||
|
p.typekit.net
|
unknown
|
||
|
secure.na2.echocdn.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
52.113.194.132
|
unknown
|
United States
|
||
|
104.17.24.14
|
cdnjs.cloudflare.com
|
United States
|
||
|
165.212.65.209
|
cloud.postoffice.net
|
United States
|
||
|
2.16.168.10
|
unknown
|
European Union
|
||
|
104.18.10.207
|
maxcdn.bootstrapcdn.com
|
United States
|
||
|
172.217.16.206
|
unknown
|
United States
|
||
|
142.250.186.163
|
unknown
|
United States
|
||
|
52.182.143.213
|
unknown
|
United States
|
||
|
192.168.2.16
|
unknown
|
unknown
|
||
|
2.19.126.206
|
unknown
|
European Union
|
||
|
165.212.65.140
|
clicktime.cloud.postoffice.net
|
United States
|
||
|
64.233.167.84
|
unknown
|
United States
|
||
|
2.19.126.198
|
unknown
|
European Union
|
||
|
2.19.126.151
|
unknown
|
European Union
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
142.250.185.164
|
www.google.com
|
United States
|
||
|
44.234.124.143
|
secure.na2dc2.echosign.com
|
United States
|
||
|
44.234.124.145
|
unknown
|
United States
|
||
|
52.109.76.243
|
unknown
|
United States
|
||
|
142.250.184.234
|
unknown
|
United States
|
There are 10 hidden IPs, click here to show them.