Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Fw Action required Review access by 14 November 2024.msg
|
CDFV2 Microsoft Outlook Message
|
initial sample
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Outlook\NoEmail.srs
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
 |
|
|
C:\Users\user\Documents\Outlook Files\Outlook Data File - NoEmail.pst
|
Microsoft Outlook email folder (>=2003)
|
dropped
|
|
|
|
C:\Users\user\Documents\Outlook Files\~Outlook Data File - NoEmail.pst.tmp
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\FORMS\FRMCACHE.DAT
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Office\OTele\outlook.exe.db
|
SQLite 3.x database, last written using SQLite version 3023002, writer version 2, read version 2, file counter 2, database
pages 1, cookie 0, schema 0, largest root page 1, unknown 0 encoding, version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Office\OTele\outlook.exe.db-journal
|
SQLite Rollback Journal
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Office\OTele\outlook.exe.db-shm
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Office\OTele\outlook.exe.db-wal
|
SQLite Write-Ahead Log, version 3007000
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\089d66ba04a8cec4bdc5267f42f39cf84278bb67.tbres
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5475cb191e478c39370a215b2da98a37e9dc813d.tbres
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\56a61aeb75d8f5be186c26607f4bb213abe7c5ec.tbres
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.MSO\BCE190B4.dat
|
PNG image data, 935 x 147, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.Word\~WRS{46079FBC-051C-4FFC-A793-228B017E3151}.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Diagnostics\OUTLOOK\App1730294950248425200_923433E2-1A96-4CBB-98E8-E3D44AF31730.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Diagnostics\OUTLOOK\App1730294950249367300_923433E2-1A96-4CBB-98E8-E3D44AF31730.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Outlook Logging\OUTLOOK_16_0_16827_20130-20241030T0929100053-3572.etl
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\~DFE97ADC3EFFD4F42C.TMP
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Office\MSO3072.acl
|
data
|
dropped
|
There are 9 hidden files, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
52.109.32.97
|
unknown
|
United States
|