Document.one
| Engine | Download Report | Detection | Info |
|---|---|---|---|
|
suspicious
Score: 21
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
|
| Name | File Type | Hashes | Detection |
|---|---|---|---|
C:\Users\user\AppData\Roaming\Microsoft\Templates\LiveContent\16\Managed\Document Themes\Open Notebook.onetoc2 |
data | # |  |
C:\Users\user\AppData\Roaming\Microsoft\Templates\LiveContent\16\User\Document Themes\1033\Open Notebook.onetoc2 |
data | # | |
C:\Users\user\AppData\Roaming\Microsoft\Templates\LiveContent\16\Open Notebook.onetoc2 |
data | # | |
| Click to see the 65 hidden entries | |||
C:\Users\user\AppData\Roaming\Microsoft\Templates\LiveContent\16\Managed\Word Document Building Blocks\Open Notebook.onetoc2 |
data | # | |
C:\Users\user\AppData\Roaming\Microsoft\Templates\LiveContent\16\Managed\Word Document Building Blocks\1033\Open Notebook.onetoc2 |
data | # | |
C:\Users\user\AppData\Roaming\Microsoft\Templates\LiveContent\16\Managed\Word Document Bibliography Styles\Open Notebook.onetoc2 |
data | # | |
C:\Users\user\AppData\Roaming\Microsoft\Templates\LiveContent\16\Managed\SmartArt Graphics\Open Notebook.onetoc2 |
data | # | |
C:\Users\user\AppData\Roaming\Microsoft\Templates\LiveContent\16\Managed\SmartArt Graphics\1033\Open Notebook.onetoc2 |
data | # | |
C:\Users\user\AppData\Roaming\Microsoft\Templates\LiveContent\16\Managed\Open Notebook.onetoc2 |
data | # | |
C:\Users\user\AppData\Roaming\Microsoft\Templates\LiveContent\16\User\Document Themes\Open Notebook.onetoc2 |
data | # | |
C:\Users\user\AppData\Roaming\Microsoft\Templates\LiveContent\16\Managed\Document Themes\1033\Open Notebook.onetoc2 |
data | # | |
C:\Users\user\AppData\Local\Temp\{FD695529-50F6-4272-BBEC-9EF941B30B5C} |
PNG image data, 1692 x 810, 8-bit/color RGBA, non-interlaced | # | |
C:\Users\user\AppData\Local\Temp\{F9CD84DB-A8AC-453A-8744-5110815F8CDD} |
data | # | |
C:\Users\user\AppData\Local\Temp\{F8DE737E-2360-4149-A1ED-C6862E3AF421} |
data | # | |
C:\Users\user\AppData\Local\Temp\{E7C5C746-021A-4F24-ADB3-169DFED88711} |
ASCII text, with very long lines (368), with no line terminators | # | |
C:\Users\user\AppData\Local\Temp\{E11D2A68-BD51-4949-973B-CAEBFA28AD85} |
data | # | |
C:\Users\user\AppData\Local\Temp\{CD7C088E-DA9E-48D5-AC09-A932818D0DA3} |
data | # | |
C:\Users\user\AppData\Roaming\Microsoft\Templates\Open Notebook.onetoc2 |
data | # | |
C:\Users\user\Documents\OneNote Notebooks\My Notebook\Quick Notes.one |
data | # | |
C:\Users\user\Documents\OneNote Notebooks\My Notebook\Open Notebook.onetoc2 |
data | # | |
C:\Users\user\Desktop\Document.one |
data | # | |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk |
MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has command line arguments, Archive, Sparse, ctime=Thu May 27 16:03:55 2021, mtime=Tue Feb 7 17:57:17 2023, atime=Thu May 27 16:03:55 (…) | # | |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\O01AHY6Q5IAUOAOC7SBE.temp |
Matlab v4 mat-file (little endian) \253\373\277\272, sparse, rows 1, columns 0, imaginary | # | |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\GSW8AE0M5519PXI4POU4.temp |
data | # | |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\1bc9bbbe61f14501.customDestinations-ms~RF3dc76.TMP (copy) |
data | # | |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\1bc9bbbe61f14501.customDestinations-ms (copy) |
data | # | |
C:\Users\user\AppData\Local\Temp\{C24A363B-3F25-4D78-8D62-A8644C199A19} |
data | # | |
C:\Users\user\AppData\Roaming\Microsoft\Templates\LiveContent\Open Notebook.onetoc2 |
data | # | |
C:\Users\user\AppData\Roaming\Microsoft\Templates\LiveContent\16\User\Word Document Building Blocks\Open Notebook.onetoc2 |
data | # | |
C:\Users\user\AppData\Roaming\Microsoft\Templates\LiveContent\16\User\Word Document Building Blocks\1033\Open Notebook.onetoc2 |
data | # | |
C:\Users\user\AppData\Roaming\Microsoft\Templates\LiveContent\16\User\Word Document Bibliography Styles\Open Notebook.onetoc2 |
data | # | |
C:\Users\user\AppData\Roaming\Microsoft\Templates\LiveContent\16\User\SmartArt Graphics\Open Notebook.onetoc2 |
data | # | |
C:\Users\user\AppData\Roaming\Microsoft\Templates\LiveContent\16\User\SmartArt Graphics\1033\Open Notebook.onetoc2 |
data | # | |
C:\Users\user\AppData\Roaming\Microsoft\Templates\LiveContent\16\User\Open Notebook.onetoc2 |
data | # | |
C:\Users\user\AppData\Local\Microsoft\OneNote\16.0\cache\tmp\00000009.bin |
ASCII text, with very long lines (368), with no line terminators | # | |
C:\Users\user\AppData\Local\Temp\{2265CAC3-1A5D-4C48-AF94-A71BBEC89222} |
data | # | |
C:\Users\user\AppData\Local\Temp\{205FB1FA-EB16-43F2-86C5-B07E9A12980B} |
data | # | |
C:\Users\user\AppData\Local\Temp\{1BA8BC9F-BAF0-4471-A68C-831394576820} |
data | # | |
C:\Users\user\AppData\Local\Temp\{187023B7-C9CC-4BD0-87B3-E472F3855AA3} |
data | # | |
C:\Users\user\AppData\Local\Temp\{0E6DBBBF-A3C0-48DA-BED3-C8930739DF0B} |
data | # | |
C:\Users\user\AppData\Local\Temp\{0D50DF9D-C835-4FEC-8856-2AF165CAA92D}.bin |
PNG image data, 1692 x 810, 8-bit/color RGBA, non-interlaced | # | |
C:\Users\user\AppData\Local\Microsoft\OneNote\16.0\cache\tmp\0000000C.bin |
PNG image data, 1692 x 810, 8-bit/color RGBA, non-interlaced | # | |
C:\Users\user\AppData\Local\Microsoft\OneNote\16.0\cache\tmp\0000000A.bin |
GIF image data, version 89a, 1012 x 327 | # | |
C:\Users\user\AppData\Local\Temp\{4DA24EBA-9C29-4348-81D5-F33931C2288D} |
GIF image data, version 89a, 1012 x 327 | # | |
C:\Users\user\AppData\Local\Microsoft\OneNote\16.0\cache\tmp\00000008.bin |
PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced | # | |
C:\Users\user\AppData\Local\Microsoft\OneNote\16.0\cache\tmp\00000007.bin |
PNG image data, 1692 x 810, 8-bit/color RGBA, non-interlaced | # | |
C:\Users\user\AppData\Local\Microsoft\OneNote\16.0\cache\header |
Matlab v4 mat-file (little endian) \260\016, numeric, rows 1020487318, columns 0 | # | |
C:\Users\user\AppData\Local\Microsoft\Office\OTele\onenote.exe.db-wal |
SQLite Write-Ahead Log, version 3007000 | # | |
C:\Users\user\AppData\Local\Microsoft\Office\OTele\onenote.exe.db-shm |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Office\OTele\onenote.exe.db-journal |
SQLite Rollback Journal | # | |
C:\Users\user\AppData\Local\Microsoft\Office\OTele\onenote.exe.db |
SQLite 3.x database, last written using SQLite version 3023002, writer version 2, read version 2, file counter 2, database pages 1, cookie 0, schema 0, largest root page 1, unknown 0 encoding, version-valid-for 2 | # | |
C:\Users\user\AppData\Local\Temp\{7DFF42B6-807C-4DE3-AA08-4D6D60B3BB7A} |
data | # | |
C:\Users\user\AppData\Local\Temp\{BA1C306D-67E6-4B43-AD43-E1D2155CD557}.bin |
PNG image data, 1692 x 810, 8-bit/color RGBA, non-interlaced | # | |
C:\Users\user\AppData\Local\Temp\{B9F8FA1C-06B0-4354-A382-C78BC6DC2478} |
data | # | |
C:\Users\user\AppData\Local\Temp\{B59A9D2C-ED1E-47F4-90E0-3645E63DAE20} |
data | # | |
C:\Users\user\AppData\Local\Temp\{B24949E5-A304-4FCD-B0D4-30209C2F9A45} |
data | # | |
C:\Users\user\AppData\Local\Temp\{A4601116-8B1A-4987-B1F8-2B503864EECB} |
data | # | |
C:\Users\user\AppData\Local\Temp\{84E57D09-8B97-4380-A709-DC32BEADCF99} |
PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced | # | |
C:\Users\user\AppData\Local\Temp\{83BA6D36-2196-4487-BAAD-FE15AF122565} |
data | # | |
C:\Users\user\AppData\Local\Temp\{833BBCE8-1CE5-4A33-BE2D-894EF53FEE46} |
data | # | |
C:\Users\user\AppData\Local\Microsoft\Office\16.0\onenote.exe_Rules.xml |
XML 1.0 document, ASCII text, with very long lines (65536), with no line terminators | # | |
C:\Users\user\AppData\Local\Temp\{68535A9E-EB0C-4B6A-BC04-E37534063832} |
PNG image data, 1692 x 810, 8-bit/color RGBA, non-interlaced | # | |
C:\Users\user\AppData\Local\Temp\{635EAFCC-6A0E-4E2D-B0DE-2088BE0F8754} |
data | # | |
C:\Users\user\AppData\Local\Temp\{5FCF2F4B-1582-4C30-9102-96D683F264EC} |
data | # | |
C:\Users\user\AppData\Local\Temp\{5F8474AE-5559-4496-8704-47ADE4570097} |
data | # | |
C:\Users\user\AppData\Local\Temp\{5201C174-E8AB-444C-BF8B-A9E7BC2A638A}.bin |
PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced | # | |
C:\Users\user\AppData\Local\Temp\{513AB815-F377-4589-AAE3-880D93915B90}.bin |
GIF image data, version 89a, 1012 x 327 | # | |
C:\Users\user\AppData\Local\Temp\{4E5BA980-837E-4313-A9E6-0E99A903959D} |
data | # | |
