Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Illustrator_Set-Up.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Adobe\OOBE\temp_lbs_wid
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\141b9973-91da-4462-8d3f-2fe2168db201.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\2041bd65-a883-4275-a7a7-3301c4fcce6d.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\2cd6b875-c1d6-46aa-8b11-e83a234fa3ae.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\4ec1422a-c8a0-45d1-bca3-6f3e76fed3a1.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\76ef41f6-f7c6-4fd2-b640-e6f299a7adfd.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Crashpad\settings.dat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Crashpad\throttle_store.dat
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\1f259d8e-bb15-478c-9302-013197a5a8a8.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\4a84e4e1-2f93-4bb1-9335-abe2f3e4fab0.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\80f6a3fc-4d38-4111-bf02-7d1d71015eed.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\986fd3f9-a23d-468f-a62a-ff5ad51e8e1f.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\Cache\Cache_Data\f_000001
|
ASCII text, with very long lines (57092), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\Cache\Cache_Data\f_000002
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\Cache\Cache_Data\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\Code Cache\js\index-dir\temp-index
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\Code Cache\js\index-dir\the-real-index
(copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\Code Cache\wasm\index-dir\temp-index
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\Code Cache\wasm\index-dir\the-real-index
(copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\DawnCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\GPUCache\data_3
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\GPUCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\Network\550bd4bc-99e2-4e97-a5f6-5131c65bed92.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\Network\SCT Auditing Pending Reports (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\Network\SCT Auditing Pending Reports~RF6a0442.TMP
(copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\Network\Sdch Dictionaries (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\Network\efc4ef72-ea8b-4c3d-90b2-58d25f2331d5.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\Preferences (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\Preferences~RF6a57e0.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\Preferences~RF6a7f0f.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\Preferences~RF6b141c.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\Preferences~RF6b40c9.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\Preferences~RF6b793e.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\PreferredApps
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\README
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\Secure Preferences (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\a57c2cb2-473e-4cc4-b55a-d41531592dce.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\d0e92c75-2c37-4ee8-aaec-bc07e3ae937f.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Default\f7e90a46-53c2-4ccc-a33e-a1bd7d3ca4e9.tmp
|
JSON data
|
modified
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\GrShaderCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\GraphiteDawnCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Last Version
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Local State (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Local State~RF6a00f6.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Local State~RF6a01a2.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Local State~RF6a2825.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Local State~RF6a57f0.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Local State~RF6b1228.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Local State~RF6b4ed3.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Local State~RF6b793e.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\ShaderCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\ShaderCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\SmartScreen\RemoteData\customSynchronousLookupUris
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\SmartScreen\RemoteData\edgeSettings
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\SmartScreen\RemoteData\edgeSettings_2.0-0
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\SmartScreen\RemoteData\synchronousLookupUris
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\SmartScreen\RemoteData\synchronousLookupUris_636976985063396749.rel.v2
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\Variations
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\d404cd23-ba60-4b87-bee7-d57986aa708f.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\de0a670d-e034-4264-8bee-7869f309a98e.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\webview2\Illustrator_Set-Up.exe\EBWebView\e25bacce-aa7b-4184-937e-f1838097d004.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\e8ddd4cbd9c0504aace6ef7a13fa20d04fd52408.tbres
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\CreativeCloud\ACC\WAM.log
|
Unicode text, UTF-16, little-endian text, with no line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\NGL\NGLClient_CreativeCloudInstaller1.ngllogcontrolconfig
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\CCDInstaller.js
|
Unicode text, UTF-8 text, with very long lines (62606)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\0420e3da-ac8d-4097-9b0e-00b5a7b8b6a5.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\05c10eec-9657-4b7f-ad76-bd267b2337c8.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\36ad1837-4994-4484-a199-4800a77badf2.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\4248b3c5-b94b-415d-9aed-55bd69a3c5d3.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\767d559c-94df-43d9-822f-25a19a33be54.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\BrowserMetrics-spare.pma (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\BrowserMetrics-spare.pma.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Crashpad\settings.dat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\09e364b8-a917-4342-a689-e21cf1f74d7f.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\266bb6ef-d0d1-4fc4-a2b0-02bcd23f5281.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\4991b022-2601-40e8-9d82-a00fbdad9328.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Cache\Cache_Data\f_000001
|
ASCII text, with very long lines (15202)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Cache\Cache_Data\f_000003
|
Web Open Font Format (Version 2), CFF, length 29924, version 1.0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Cache\Cache_Data\f_000004
|
Web Open Font Format (Version 2), CFF, length 29752, version 1.0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Cache\Cache_Data\f_000005
|
Web Open Font Format (Version 2), CFF, length 29980, version 1.0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Cache\Cache_Data\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Code Cache\js\98de40acdbe972e7_0
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Code Cache\js\index
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Code Cache\js\index-dir\temp-index
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Code Cache\js\index-dir\the-real-index
(copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Code Cache\js\index-dir\the-real-index~RF6ba0db.TMP
(copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Code Cache\wasm\index-dir\temp-index
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Code Cache\wasm\index-dir\the-real-index
(copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\DawnCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\GPUCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Local Storage\leveldb\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Local Storage\leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Network\45b4c161-6cd9-43c2-8be9-aa505560615d.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Network\8c2ee87c-8d8a-43a5-b72c-2b8c29b6d50b.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Network\Network Persistent State
(copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Network\Network Persistent State~RF6b2d80.TMP
(copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Preferences (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Preferences~RF6a9eec.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Preferences~RF6b1295.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Preferences~RF6b8a17.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Secure Preferences (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\Site Characteristics Database\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\d85f7358-12e5-4f76-b890-a0a2796402f9.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Default\dd00d9d0-9b79-40f5-9bca-d86c73d88501.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\GrShaderCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\GrShaderCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\GraphiteDawnCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Local State (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Local State~RF6a0144.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Local State~RF6a0192.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Local State~RF6a2825.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\Local State~RF6b1228.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\ShaderCache\data_2
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\ShaderCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\SmartScreen\RemoteData\customSettings
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\SmartScreen\RemoteData\customSettings_F95BA787499AB4FA9EFFF472CE383A14
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\SmartScreen\RemoteData\topTraffic
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\EBWebView\SmartScreen\RemoteData\topTraffic_170540185939602997400506234197983529371
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\index.css
|
ASCII text, with very long lines (65536), with no line terminators
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\{A926875B-9A9D-46AD-A048-72A4D93CF54B}\index.html
|
HTML document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 8 18:52:12 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 8 18:52:12 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 8 18:52:12 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 8 18:52:12 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command
line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Oct 8 18:52:12 2024, atime=Wed Sep 27 04:28:28
2023, length=1210144, window=hide
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\com.adobe.dunamis\f65a88c9-12b3-4201-a633-87cf11b91fa8\v1\0\anon_events\a5d39f38-5c3f-4abb-9949-0a81170c32f2
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\com.adobe.dunamis\f65a88c9-12b3-4201-a633-87cf11b91fa8\v1\0\anon_events\manifest
|
data
|
dropped
|
There are 120 hidden files, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
dd20fzx9mj46f.cloudfront.net
|
13.224.189.8
|
||
|
chrome.cloudflare-dns.com
|
172.64.41.3
|
||
|
adobe.com.ssl.d1.sc.omtrdc.net
|
63.140.62.222
|
||
|
www.google.com
|
142.250.186.68
|
||
|
dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com
|
52.210.48.33
|
||
|
d1n897799gitxr.cloudfront.net
|
18.245.60.45
|
||
|
resources-prod.licensingstack.com
|
13.32.47.160
|
||
|
ethos502-prod-va6-k8s-p2-0-7ccfc4a2a823108f.elb.us-east-1.amazonaws.com
|
18.211.200.223
|
||
|
delegated.adobelogin.com
|
unknown
|
||
|
use.typekit.net
|
unknown
|
||
|
p.typekit.net
|
unknown
|
||
|
ims-na1.adobelogin.com
|
unknown
|
||
|
dpm.demdex.net
|
unknown
|
||
|
static.adobelogin.com
|
unknown
|
There are 4 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
142.250.186.68
|
www.google.com
|
United States
|
||
|
216.58.206.74
|
unknown
|
United States
|
||
|
142.250.74.206
|
unknown
|
United States
|
||
|
192.168.2.17
|
unknown
|
unknown
|
||
|
192.168.2.16
|
unknown
|
unknown
|
||
|
2.19.126.206
|
unknown
|
European Union
|
||
|
162.159.61.3
|
unknown
|
United States
|
||
|
63.140.62.222
|
adobe.com.ssl.d1.sc.omtrdc.net
|
United States
|
||
|
23.204.152.142
|
unknown
|
United States
|
||
|
142.250.186.131
|
unknown
|
United States
|
||
|
204.79.197.239
|
unknown
|
United States
|
||
|
54.83.193.95
|
unknown
|
United States
|
||
|
13.224.189.8
|
dd20fzx9mj46f.cloudfront.net
|
United States
|
||
|
172.64.41.3
|
chrome.cloudflare-dns.com
|
United States
|
||
|
66.102.1.84
|
unknown
|
United States
|
||
|
3.211.174.17
|
unknown
|
United States
|
||
|
52.210.48.33
|
dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com
|
United States
|
||
|
2.16.168.10
|
unknown
|
European Union
|
||
|
1.1.1.1
|
unknown
|
Australia
|
||
|
34.104.35.123
|
unknown
|
United States
|
||
|
216.58.212.131
|
unknown
|
United States
|
||
|
13.107.21.239
|
unknown
|
United States
|
||
|
3.248.26.100
|
unknown
|
United States
|
||
|
172.64.155.179
|
unknown
|
United States
|
||
|
18.65.39.31
|
unknown
|
United States
|
||
|
34.250.67.152
|
unknown
|
United States
|
||
|
13.107.42.16
|
unknown
|
United States
|
||
|
54.195.71.107
|
unknown
|
United States
|
||
|
142.250.185.170
|
unknown
|
United States
|
||
|
2.19.126.211
|
unknown
|
European Union
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
172.66.0.163
|
unknown
|
United States
|
||
|
13.32.47.160
|
resources-prod.licensingstack.com
|
United States
|
||
|
142.250.186.142
|
unknown
|
United States
|
||
|
44.209.177.127
|
unknown
|
United States
|
||
|
23.204.152.170
|
unknown
|
United States
|
||
|
18.245.60.45
|
d1n897799gitxr.cloudfront.net
|
United States
|
||
|
18.211.200.223
|
ethos502-prod-va6-k8s-p2-0-7ccfc4a2a823108f.elb.us-east-1.amazonaws.com
|
United States
|
There are 28 hidden IPs, click here to show them.